Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Pots.exe

Overview

General Information

Sample name:Pots.exe
Analysis ID:1435509
MD5:4007521af3a2baa42c6fc32f849be740
SHA1:051f5eb496fe2e45cf18b981b47fdb5e9a4e1ce2
SHA256:709668f298abc9f2b1afb5c84b3aac68090a5898aa423533e6e947097980fb49
Infos:

Detection

44userber Stealer, Rags Stealer
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for dropped file
Detected unpacking (changes PE section rights)
Detected unpacking (overwrites its own PE header)
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Yara detected 44Caliber Stealer
Yara detected Rags Stealer
Found many strings related to Crypto-Wallets (likely being stolen)
Hides threads from debuggers
Machine Learning detection for dropped file
PE file has nameless sections
Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
Tries to detect sandboxes and other dynamic analysis tools (window names)
Tries to detect the country of the analysis system (by using the IP)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to steal Crypto Currency Wallets
Yara detected Generic Downloader
Allocates memory with a write watch (potentially for evading sandboxes)
Binary contains a suspicious time stamp
Checks for debuggers (devices)
Contains functionality for execution timing, often used to detect debuggers
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Drops PE files
Enables debug privileges
File is packed with WinRar
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains sections with non-standard names
Queries information about the installed CPU (vendor, model number etc)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Stores files to the Windows start menu directory
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64_ra
  • Pots.exe (PID: 7056 cmdline: "C:\Users\user\Desktop\Pots.exe" MD5: 4007521AF3A2BAA42C6FC32F849BE740)
    • cmd.exe (PID: 7152 cmdline: C:\Windows\system32\cmd.exe /c ""C:\1.bat" " MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 7160 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • Pots.sfx.exe (PID: 5632 cmdline: Pots.sfx.exe -psoup MD5: 900F750190EB52AC327BA0739014AD81)
        • Pots.exe (PID: 6220 cmdline: "C:\Pots.exe" MD5: 510C435E8560F65226D0DA24A98E235F)
  • cmd.exe (PID: 5944 cmdline: "C:\Windows\system32\cmd.exe" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
    • conhost.exe (PID: 5964 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • Pots.exe (PID: 6088 cmdline: Pots.exe MD5: 4007521AF3A2BAA42C6FC32F849BE740)
      • cmd.exe (PID: 3312 cmdline: C:\Windows\system32\cmd.exe /c ""C:\1.bat" " MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • conhost.exe (PID: 5724 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • Pots.sfx.exe (PID: 612 cmdline: Pots.sfx.exe -psoup MD5: 900F750190EB52AC327BA0739014AD81)
          • Pots.exe (PID: 5916 cmdline: "C:\Pots.exe" MD5: 510C435E8560F65226D0DA24A98E235F)
    • Pots.exe (PID: 3968 cmdline: Pots.exe MD5: 4007521AF3A2BAA42C6FC32F849BE740)
      • cmd.exe (PID: 780 cmdline: C:\Windows\system32\cmd.exe /c ""C:\1.bat" " MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • conhost.exe (PID: 772 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • Pots.sfx.exe (PID: 6168 cmdline: Pots.sfx.exe -psoup MD5: 900F750190EB52AC327BA0739014AD81)
          • Pots.exe (PID: 4364 cmdline: "C:\Pots.exe" MD5: 510C435E8560F65226D0DA24A98E235F)
  • firefox.exe (PID: 3960 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 3224 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 3988 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2232 -prefMapHandle 2216 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {96c4117f-89fb-4aea-9388-b6b8fbaf62f1} 3224 "\\.\pipe\gecko-crash-server-pipe.3224" 19ae366e310 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 1000 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3520 -parentBuildID 20230927232528 -prefsHandle 4064 -prefMapHandle 4060 -prefsLen 25481 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f82e27d-20e4-4201-be06-6f8ad14acd0a} 3224 "\\.\pipe\gecko-crash-server-pipe.3224" 19af561ce10 rdd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 3828 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5468 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1528 -prefMapHandle 5440 -prefsLen 33331 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3508e13-7332-41e1-9a43-bee54dfd6a83} 3224 "\\.\pipe\gecko-crash-server-pipe.3224" 19b01fb2310 utility MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • chrome.exe (PID: 2196 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4372 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=2040,i,13818589017256215698,7154636471742803029,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

Threatname: 44Caliber Stealer

{"Discord Webhook": "https://discord.com/api/webhooks/984547613787422811/3KIN00NlG7asLt6_aF-p2Xs_p95OdeiY0o_mcNrHVnkOnCiufcuOcK5MiX42zsnFIZDR\u0001AmigYT"}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
    00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmpJoeSecurity_RagsStealerYara detected Rags StealerJoe Security
      00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmpJoeSecurity_44CaliberStealerYara detected 44Caliber StealerJoe Security
        00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmpINDICATOR_SUSPICIOUS_EXE_Discord_RegexDetects executables referencing Discord tokens regular expressionsditekSHen
        • 0x3a72d:$s1: [a-zA-Z0-9]{24}\.[a-zA-Z0-9]{6}\.[a-zA-Z0-9_\-]{27}|mfa\.[a-zA-Z0-9_\-]{84}
        00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
          Click to see the 22 entries

          Unpacked PEs

          SourceRuleDescriptionAuthorStrings
          5.2.Pots.exe.dd0000.0.unpackJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
            5.2.Pots.exe.dd0000.0.unpackJoeSecurity_GenericDownloader_1Yara detected Generic DownloaderJoe Security
              5.2.Pots.exe.dd0000.0.unpackJoeSecurity_RagsStealerYara detected Rags StealerJoe Security
                5.2.Pots.exe.dd0000.0.unpackJoeSecurity_44CaliberStealerYara detected 44Caliber StealerJoe Security
                  5.2.Pots.exe.dd0000.0.unpackINDICATOR_SUSPICIOUS_EXE_Discord_RegexDetects executables referencing Discord tokens regular expressionsditekSHen
                  • 0x3ab2d:$s1: [a-zA-Z0-9]{24}\.[a-zA-Z0-9]{6}\.[a-zA-Z0-9_\-]{27}|mfa\.[a-zA-Z0-9_\-]{84}
                  Click to see the 2 entries

                  Sigma Signatures

                  No Sigma rule has matched

                  Snort Signatures

                  No Snort rule has matched

                  Joe Sandbox Signatures

                  Click to jump to signature section

                  Show All Signature Results

                  AV Detection

                  barindex
                  Antivirus detection for dropped file
                  Source: C:\Pots.exeAvira: detection malicious, Label: HEUR/AGEN.1351863
                  Found malware configuration
                  Source: 5.2.Pots.exe.dd0000.0.unpackMalware Configuration Extractor: 44userber Stealer {"Discord Webhook": "https://discord.com/api/webhooks/984547613787422811/3KIN00NlG7asLt6_aF-p2Xs_p95OdeiY0o_mcNrHVnkOnCiufcuOcK5MiX42zsnFIZDR\u0001AmigYT"}
                  Multi AV Scanner detection for dropped file
                  Source: C:\Pots.exeReversingLabs: Detection: 82%
                  Source: C:\Pots.sfx.exeReversingLabs: Detection: 25%
                  Multi AV Scanner detection for submitted file
                  Source: Pots.exeReversingLabs: Detection: 51%
                  Machine Learning detection for dropped file
                  Source: C:\Pots.exeJoe Sandbox ML: detected

                  Location Tracking

                  barindex
                  Tries to detect the country of the analysis system (by using the IP)
                  Source: unknownDNS query: name: freegeoip.app

                  Compliance

                  barindex
                  Detected unpacking (overwrites its own PE header)
                  Source: C:\Pots.exeUnpacked PE file: 5.2.Pots.exe.dd0000.0.unpack
                  Source: Pots.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                  Source: unknownHTTPS traffic detected: 104.21.73.97:443 -> 192.168.2.16:49700 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.85.189:443 -> 192.168.2.16:49701 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49704 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.16:49706 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.16:49707 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49708 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49709 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.126.24.84:443 -> 192.168.2.16:49710 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 23.1.33.206:443 -> 192.168.2.16:49711 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 51.104.15.253:443 -> 192.168.2.16:49713 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49726 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 13.107.42.254:443 -> 192.168.2.16:49731 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 152.199.24.163:443 -> 192.168.2.16:49734 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.73.97:443 -> 192.168.2.16:49740 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.85.189:443 -> 192.168.2.16:49741 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.73.97:443 -> 192.168.2.16:49762 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.85.189:443 -> 192.168.2.16:49763 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49767 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49771 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49774 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49780 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49782 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49785 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49784 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49786 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49788 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49789 version: TLS 1.2
                  Source: Pots.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
                  Source: Binary string: D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb source: Pots.exe, Pots.sfx.exe.0.dr
                  Source: Binary string: System.pdb-2246122658-3693405117-2476756634-1003_Classes\WOW6432Node\CLSID\{0A29FF9E-7F9C-4437-8B11-F424491E3931}\Server source: Pots.exe, 00000019.00000002.1910860932.0000000006060000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: webauthn.pdb source: firefox.exe, 0000001D.00000003.2349596019.0000019B01B01000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: System.pdbF source: Pots.exe, 00000005.00000002.1137260907.0000000003D0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003DDF000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.000000000384A000.00000004.00000800.00020000.00000000.sdmp
                  Source: Binary string: \c++\44 call\44userBER-main\44userBER\obj\Release\Insidious.pdb source: Pots.exe, Pots.exe, 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmp
                  Source: Binary string: mscorlib.pdb source: Pots.exe, 00000005.00000002.1137260907.0000000003C7D000.00000004.00000800.00020000.00000000.sdmp
                  Source: Binary string: \Windows\symbols\dll\System.pdbgac_msil\system\v4.0_4.0.0.0__b77a5c561934e089\system.pdbSy source: Pots.exe, 00000005.00000002.1135117512.00000000013F8000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: |C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll_b77a5c561934e089\mscorlib.pdb source: Pots.exe, 00000019.00000002.1889112471.0000000001332000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: wminet_utils.dll.pdb source: Pots.exe, 00000005.00000002.1141953793.000000000608D000.00000004.00000020.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2047097147.00000000068D0000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: s\windows\mscorlib.pdbpdb source: Pots.exe, 00000005.00000002.1135117512.00000000013CF000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: *c:\windows\system.pdb source: Pots.exe, 00000005.00000002.1141953793.000000000608D000.00000004.00000020.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2047097147.00000000068D0000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: webauthn.pdbGCTL source: firefox.exe, 0000001D.00000003.2349596019.0000019B01B01000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \Windows\symbols\dll\System.pdbGAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdbtem.drawing.dll source: Pots.exe, 00000019.00000002.1888331013.0000000001304000.00000004.00000020.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2011433535.0000000000C4E000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: %SystemRoot%\system32\napinsp.dll.0__b77a5c561934e089\mscorlib.pdb+ source: Pots.exe, 00000019.00000002.1888331013.0000000001304000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \windows\symbols\dll\mscorlib.pdbC_$ source: Pots.exe, 00000005.00000002.1135117512.0000000001410000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: sC:\Windows\dll\mscorlib.pdb source: Pots.exe, 00000019.00000002.1889032146.000000000132B000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \windows\microsoft.net\assembly\gac_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdb source: Pots.exe, 00000027.00000002.2011433535.0000000000C4E000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: System.pdb source: Pots.exe, 00000005.00000002.1137260907.0000000003D0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003DDF000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.000000000384A000.00000004.00000800.00020000.00000000.sdmp
                  Source: firefox.exeMemory has grown: Private usage: 1MB later: 233MB

                  Networking

                  barindex
                  Yara detected Generic Downloader
                  Source: Yara matchFile source: 5.2.Pots.exe.dd0000.0.unpack, type: UNPACKEDPE
                  Source: global trafficHTTP traffic detected: GET /xml/ HTTP/1.1Host: freegeoip.appConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /xml/ HTTP/1.1Host: ipbase.comConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /xml/ HTTP/1.1Host: freegeoip.appConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /xml/ HTTP/1.1Host: ipbase.comConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /xml/ HTTP/1.1Host: freegeoip.appConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /xml/ HTTP/1.1Host: ipbase.comConnection: Keep-Alive
                  Source: Joe Sandbox ViewIP Address: 34.149.100.209 34.149.100.209
                  Source: Joe Sandbox ViewIP Address: 34.117.188.166 34.117.188.166
                  Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
                  Source: Joe Sandbox ViewIP Address: 104.21.85.189 104.21.85.189
                  Source: Joe Sandbox ViewIP Address: 104.21.73.97 104.21.73.97
                  Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
                  Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
                  Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
                  Source: Joe Sandbox ViewJA3 fingerprint: fb0aa01abe9d8e4037eb3473ca6e2dca
                  Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                  Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                  Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.44.201.22
                  Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                  Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                  Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                  Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                  Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                  Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                  Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                  Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                  Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                  Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                  Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                  Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                  Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                  Source: unknownTCP traffic detected without corresponding DNS query: 13.85.23.86
                  Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.51.58.94
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
                  Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
                  Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
                  Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
                  Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
                  Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
                  Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
                  Source: global trafficHTTP traffic detected: GET /xml/ HTTP/1.1Host: freegeoip.appConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /xml/ HTTP/1.1Host: ipbase.comConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=XDHot1FpkRUMcRU&MD=43c1klFP HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                  Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
                  Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=XDHot1FpkRUMcRU&MD=43c1klFP HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                  Source: global trafficHTTP traffic detected: GET /manifest/threshold.appcache HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitOrigin: https://www.bing.comAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=en&HV=1707317784&IPMH=3a628620&IPMID=1707317755885; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                  Source: global trafficHTTP traffic detected: GET /rb/18/jnc,nj/6hU_LneafI_NFLeDvM367ebFaKQ.js?bu=DygxdoIBhQGIAX95fLsBvgExrgExwQE&or=w HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /rb/1b/cir3,ortl,cc,nc/oT6Um3bDKq3bSDJ4e0e-YJ5MXCI.css?bu=B8ACRa4CiwFdXckC&or=w HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=c&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=1&cvid=bcf07b8592a545e9b0029ba82eb71240&ig=366606ac77724f63880f4212b4044907 HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHX-Agent-DeviceId: 01000A4109009A83X-BM-CBT: 1714674509X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStoreX-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x640X-BM-DeviceDimensionsLogical: 784x640X-BM-DeviceScale: 100X-BM-DTZ: 120X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75X-Device-ClientSession: 6EBE75B5BB8C4D8DB7946C9919CFF732X-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A4109009A83X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2X-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                  Source: global trafficHTTP traffic detected: GET /rb/1b/cir3,ortl,cc,nc/uANxnX_BheDjd2-cdR8N9DEWlds.css?bu=C9IIlQOLBKgJkwj9B7IGXV1dXQ&or=w HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=cm&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=2&cvid=bcf07b8592a545e9b0029ba82eb71240&ig=482398ece9ed486e969bdd157a5c4cbc HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHX-Agent-DeviceId: 01000A4109009A83X-BM-CBT: 1714674509X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStoreX-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x640X-BM-DeviceDimensionsLogical: 784x640X-BM-DeviceScale: 100X-BM-DTZ: 120X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75X-Device-ClientSession: 6EBE75B5BB8C4D8DB7946C9919CFF732X-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A4109009A83X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2X-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                  Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=cmd&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=3&cvid=bcf07b8592a545e9b0029ba82eb71240&ig=0f8e1babb3784fe687a278180813cb1e HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHX-Agent-DeviceId: 01000A4109009A83X-BM-CBT: 1714674509X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStoreX-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x640X-BM-DeviceDimensionsLogical: 784x640X-BM-DeviceScale: 100X-BM-DTZ: 120X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75X-Device-ClientSession: 6EBE75B5BB8C4D8DB7946C9919CFF732X-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A4109009A83X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2X-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                  Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=cmd.&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=4&cvid=bcf07b8592a545e9b0029ba82eb71240&ig=19015a42f5b44de59b5868ced1170896 HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHX-Agent-DeviceId: 01000A4109009A83X-BM-CBT: 1714674509X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStoreX-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x640X-BM-DeviceDimensionsLogical: 784x640X-BM-DeviceScale: 100X-BM-DTZ: 120X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75X-Device-ClientSession: 6EBE75B5BB8C4D8DB7946C9919CFF732X-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A4109009A83X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2X-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                  Source: global trafficHTTP traffic detected: GET /rb/48/ortl,cc,nc/4-xJy3tX6bM2BGl5zKioiEcQ1TU.css?bu=A4gCjAKPAg&or=w HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /rb/6Z/cir3,ortl,cc,nc/-_4t3lNKw8PS2hUFxueC-WKH4m8.css?bu=MagKogquCqIKkguiCpgLogqgC6IKpwuiCq0LogqzC6IKuQuiCsAKogrGCqIKugqiCqIKiQuiCtUKogrbCqIKzwqiCqIK6wruCqIKogqGC_QKogr6Cv0KogrjC6IKvwuiCpEM&or=w HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /rb/6Z/ortl,cc,nc/JmfAIE20nOCyQ3TY7bnLsgT0ICc.css?bu=Cf4LogqDDKIKhwyiCqIKogqiCg&or=w HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /rb/6Z/ortl,cc,nc/QNBBNqWD9F_Blep-UqQSqnMp-FI.css?bu=AaIK&or=w HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /rp/-J3VxRIiWrHuPogk9K4b_3qk_qI.js HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /rp/08bnaIBoy_KCL8o_oLnFuWxYOrY.js HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /conf/v2/asgw/fpconfig.min.json?monitorId=asgw HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: fp.msedge.netConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /rp/2SI2mtfMtDWaePA1vUq3fLd0D3M.js HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /rp/7_FbKeymGYZ7_-9xcBQEPEV22sg.js HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /rp/9gCRzs8Nm2Gzn_DGoE0Pp_SoJfU.js HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /rp/CDDIF_cKw6SKs1SbFxtJKa_2Odo.js HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /apc/trans.gif?dc1aa3056d31478dcc0798188196ffde HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: l-ring.msedge.netConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /apc/trans.gif?7bf22ffe445c3280828f728bc0dbb2b3 HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: l-ring.msedge.netConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /rp/D9FhCSTDySWxlHlhKoVwndhxwR0.js HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /apc/trans.gif?be502d8ba45b794bb9a4ed7b34197dc5 HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: static-ecst.licdn.comConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /apc/trans.gif?fabc2574088505862363021ddafa715f HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: static-ecst.licdn.comConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /rp/GYWzw6Wnh2goOCGJn_s6AhjfSck.js HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /r.gif?MonitorID=asgw&rid=f71e1e1813109fa99c95fe393109885e&w3c=true&prot=https:&v=20190506&DATA=[{%22RequestID%22:%22mcr-ring.msedge.net%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:-1,%22T%22:1},{%22RequestID%22:%22l-ring.msedge.net%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:531,%22T%22:1},{%22RequestID%22:%22l-ring.msedge.net%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:367,%22T%22:1},{%22RequestID%22:%22static-ecst.licdn.com%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:541,%22T%22:128},{%22RequestID%22:%22static-ecst.licdn.com%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:452,%22T%22:128}] HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: fp.msedge.netConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /rp/Hf0OW-7cZhzJfNbVB6epX0p5ugo.js HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /xml/ HTTP/1.1Host: freegeoip.appConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /xml/ HTTP/1.1Host: ipbase.comConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                  Source: global trafficHTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                  Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                  Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                  Source: global trafficHTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgS_YJbhGOK2z7EGIjBdA1YplCEZeuUOmJXWENgzj2WQ5wRvHYOkcPi2CsRT0HinoEMLK94i031zo-8h9NgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-05-02-18; NID=513=G9jvhbqVejzHnCLI4UopSbt5JS8E8BW0_FWyweZHOCZSeGDVdA1uPJFF_lkRsUaeHjeScUzkjKKHzh5ue17WqSGM41ZuL1Ql5HrxFOPqzwIZIUYtVA3aIDfIpytcOoEqUYq9YqMG6HrY6eUarw5k1ml3uiQpCQDXgS0xOIOrf9Y
                  Source: global trafficHTTP traffic detected: GET /sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgS_YJbhGOK2z7EGIjAjjzc0KpLY-7r3Zt1oKHg1b8TF9UrLflK1rUdhoyYIQ8IDME4UpsaADktu9wphaQsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 1P_JAR=2024-05-02-18; NID=513=jbhNHd6hRrKfewpRnRajIWMDBY-uPuc_dRf7bRbRpLhgXHCnrl9PVfmSt4AQPhssRLxy-DNRfPu2Bui3Lru7K6I1JzsdtdKKvB9itmjo6U7A6Q4EdM1lxTOEtOq1Tb36tun04YgjOLTAVyhGt7J2_29LC2GyIfv2z1V3vwVuFx0
                  Source: global trafficHTTP traffic detected: GET /rp/I3PZeaYUKrumYZUAQr439U2Zzi4.js HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /rp/JSBhm6AZx12QGq7iYck51h9mglA.js HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /rp/Kh0LX3Q4bqoC22KpTZf0P9ZtOTg.js HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /xml/ HTTP/1.1Host: freegeoip.appConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /xml/ HTTP/1.1Host: ipbase.comConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /rp/NWoZK3kTsExUV00Ywo1G5jlUKKs.js HTTP/1.1Accept: */*Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: r.bing.comConnection: Keep-AliveCookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                  Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                  Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                  Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                  Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                  Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                  Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                  Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                  Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                  Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                  Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                  Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                  Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                  Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                  Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                  Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: WHERE place_id = (SELECT id FROM moz_places WHERE url_hash = hash(:urlYou must provide a target ID as the second parameter of AlsoToOneContent. If you want to send to all content processes, use BroadcastToContenthttps://vk.com/,https://www.youtube.com/,https://ok.ru/,https://www.avito.ru/,https://www.aliexpress.com/,https://www.wikipedia.org/AND (bookmarked OR frecency > 20) equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/ equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: The number of recent visits to sample when calculating the ranking of a page. Examining all the visits would be expensive, so we only sample recent visits.[{incognito:null, tabId:null, types:["main_frame"], urls:["*://login.microsoftonline.com/*", "*://login.microsoftonline.us/*"], windowId:null}, ["blocking"]]It looks like you are passing several store enhancers to createStore(). This is not supported. Instead, compose them together to a single functionYou may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/url('chrome://activity-stream/content/data/content/assets/mr-gratitude.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEkG4DghibPzRweZTBELUeRB1KhGtpXuoGwAo7BlXXln6wjfHQCst5PBShB0XQQIFSi/r6wwxzuM2RxwQ4m5nmcKeb/8Hs7wWIiY3Wi1HTTE1PQKu+wLiUwwY6Q4928LXdurl('chrome://activity-stream/content/data/content/assets/mr-import.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-mobilecrosspromo.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-modal&utm_campaign=mr2022&utm_content=existing-globalurl('chrome://activity-stream/content/data/content/assets/mr-pinprivate.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-privacysegmentation.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/DeferredTask@resource://gre/modules/DeferredTask.sys.mjs:117:18 equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: The number of recent visits to sample when calculating the ranking of a page. Examining all the visits would be expensive, so we only sample recent visits.[{incognito:null, tabId:null, types:["main_frame"], urls:["*://login.microsoftonline.com/*", "*://login.microsoftonline.us/*"], windowId:null}, ["blocking"]]It looks like you are passing several store enhancers to createStore(). This is not supported. Instead, compose them together to a single functionYou may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/url('chrome://activity-stream/content/data/content/assets/mr-gratitude.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEkG4DghibPzRweZTBELUeRB1KhGtpXuoGwAo7BlXXln6wjfHQCst5PBShB0XQQIFSi/r6wwxzuM2RxwQ4m5nmcKeb/8Hs7wWIiY3Wi1HTTE1PQKu+wLiUwwY6Q4928LXdurl('chrome://activity-stream/content/data/content/assets/mr-import.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-mobilecrosspromo.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-modal&utm_campaign=mr2022&utm_content=existing-globalurl('chrome://activity-stream/content/data/content/assets/mr-pinprivate.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-privacysegmentation.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/DeferredTask@resource://gre/modules/DeferredTask.sys.mjs:117:18 equals www.twitter.com (Twitter)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: The number of recent visits to sample when calculating the ranking of a page. Examining all the visits would be expensive, so we only sample recent visits.[{incognito:null, tabId:null, types:["main_frame"], urls:["*://login.microsoftonline.com/*", "*://login.microsoftonline.us/*"], windowId:null}, ["blocking"]]It looks like you are passing several store enhancers to createStore(). This is not supported. Instead, compose them together to a single functionYou may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/url('chrome://activity-stream/content/data/content/assets/mr-gratitude.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEkG4DghibPzRweZTBELUeRB1KhGtpXuoGwAo7BlXXln6wjfHQCst5PBShB0XQQIFSi/r6wwxzuM2RxwQ4m5nmcKeb/8Hs7wWIiY3Wi1HTTE1PQKu+wLiUwwY6Q4928LXdurl('chrome://activity-stream/content/data/content/assets/mr-import.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-mobilecrosspromo.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-modal&utm_campaign=mr2022&utm_content=existing-globalurl('chrome://activity-stream/content/data/content/assets/mr-pinprivate.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-privacysegmentation.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/DeferredTask@resource://gre/modules/DeferredTask.sys.mjs:117:18 equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: - the given reason to update is not supportedstartup - adding clearkey CDM failedKEY_PLUGIN_LAST_INSTALL_FAIL_REASONmedia.{0}.allow-x64-plugin-on-arm64media.gmp-manager.secondsBetweenChecksstartup - adding clearkey CDM directory KEY_PLUGIN_LAST_DOWNLOAD_FAIL_REASONThis should only be called from XPCShell testsSitePermsAddonInstall#cancel called twice on sitepermsaddon-provider-registereddom.sitepermsaddon-provider.enabledaddGatedPermissionTypesForXpcShellTestsfindUpdates() - found update for media.gmp-manager.cert.checkAttributesstartup - adding gmp directory failed with media.gmp-manager.cert.requireBuiltInresource://gre/modules/AddonManager.sys.mjsThis should only be called from XPCShell tests*://c.amazon-adsystem.com/aax2/apstag.js*://pub.doubleverify.com/signals/pub.js**://www.everestjs.net/static/st.v3.js**://static.chartbeat.com/js/chartbeat.jsFileUtils_openSafeFileOutputStreampictureinpicture%40mozilla.org:1.0.0*://static.chartbeat.com/js/chartbeat_video.jsFileUtils_openAtomicFileOutputStreamhttps://smartblock.firefox.etp/play.svg@mozilla.org/network/atomic-file-output-stream;1FileUtils_closeAtomicFileOutputStream*://auth.9c9media.ca/auth/main.js*://*.imgur.com/js/vendor.*.bundle.js*://*.imgur.io/js/vendor.*.bundle.jswebcompat-reporter@mozilla.org.xpi*://www.rva311.com/static/js/main.*.chunk.js*://web-assets.toggl.com/app/assets/scripts/*.js*://libs.coremetrics.com/eluminate.js*://static.criteo.net/js/ld/publishertag.js*://connect.facebook.net/*/sdk.js*FileUtils_closeSafeFileOutputStream*://connect.facebook.net/*/all.js*webcompat-reporter%40mozilla.org:1.5.1resource://gre/modules/TelemetryStorage.sys.mjs equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: re synced up, Firefox encrypts your passwords, bookmarks, and more. Plus you can grab tabs from your other devices.AAAAAAAAAAAAAAAQAAAAlQYnZL2sl08sClCobbVxMJgwgZIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMSowKAYDVQQKDCFUaGUgVW5pdmVyc2UgU2VjdXJpdHkgQ29tcGFueSBMdGQxKjAoBgNVBAMMIVRoZSBVbml2ZXJzZSBTZWN1cml0eSBDb21wYW55IEx0ZA==moz-extension://06836808-3da5-4b66-93b7-b66b1a840a96/injections/css/bug1799994-www.vivobarefoot.com-product-filters-fix.cssmoz-extension://06836808-3da5-4b66-93b7-b66b1a840a96/injections/js/bug1842437-www.youtube.com-performance-now-precision.jshttps://aus5.mozilla.org/update/6/Firefox/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release/Windows_NT%252010.0.0.0.19045.2006%2520(x64)/ISET%3ASSE4_2%2CMEM%3A8191/default/default/update.xmldevices:0x6920,0x6921,0x6928,0x6929,0x692b,0x692f,0x6930,0x6938,0x6939,0x6900,0x6901,0x6902,0x6903,0x6907,0x7300,0x9870,0x9874,0x9875,0x9876,0x9877moz-extension://06836808-3da5-4b66-93b7-b66b1a840a96/injections/js/bug1731825-office365-email-handling-prompt-autohide.js(browserSettings.update.channel == "release") && ((experiment.slug in activeExperiments) || (((isFirstStartup && !('trailhead.firstrun.didSeeAboutWelcome'|preferenceValue)) && attributionData.ua == 'chrome') && (version|versionCompare('118.!') >= 0)))https://aus5.mozilla.org/update/6/Firefox/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release/Windows_NT%252010.0.0.0.19045.2006%2520(x64)/ISET%3ASSE4_2%2CMEM%3A8191/default/default/update.xml?force=1When this property is set to true, treat this experiment as a rollout. Rollouts are currently handled as single-branch experiments separated from the bucketing namespace for normal experiments. See also: https://mozilla-hub.atlassian.net/browse/SDK-405When you equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: re synced up, Firefox encrypts your passwords, bookmarks, and more. Plus you can grab tabs from your other devices.moz-extension://06836808-3da5-4b66-93b7-b66b1a840a96/injections/css/bug1800000-www.honda.co.uk-choose-dealer-button-fix.cssmoz-extension://06836808-3da5-4b66-93b7-b66b1a840a96/injections/css/bug1799994-www.vivobarefoot.com-product-filters-fix.cssmoz-extension://06836808-3da5-4b66-93b7-b66b1a840a96/injections/js/bug1842437-www.youtube.com-performance-now-precision.jsdevices:0x6920,0x6921,0x6928,0x6929,0x692b,0x692f,0x6930,0x6938,0x6939,0x6900,0x6901,0x6902,0x6903,0x6907,0x7300,0x9870,0x9874,0x9875,0x9876,0x9877C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addonStartup.json.lz4.tmpAAAAAAAAAAAAAAAQAAAAlQYnZL2sl08sClCobbVxMJgwgZIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMSowKAYDVQQKDCFUaGUgVW5pdmVyc2UgU2VjdXJpdHkgQ29tcGFueSBMdGQxKjAoBgNVBAMMIVRoZSBVbml2ZXJzZSBTZWN1cml0eSBDb21wYW55IEx0ZA==(browserSettings.update.channel == "release") && ((experiment.slug in activeExperiments) || (( equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://*.adsafeprotected.com/*/unit/**://www.facebook.com/platform/impression.php**://ads.stickyadstv.com/user-matching*resource://gre/modules/ExtensionCommon.sys.mjs equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://auth.9c9media.ca/auth/main.js*://www.googletagmanager.com/gtm.js**://connect.facebook.net/*/all.js**://trends.google.com/trends/embed**://*.imgur.com/js/vendor.*.bundle.js_test_fetchDelayAfterComingOnlineMs equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2672729793.0000019AFB700000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: *://www.facebook.com/* equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2672729793.0000019AFB700000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: *://www.youtube.com/* equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: --autocomplete-popup-highlight-background--autocomplete-popup-highlight-color["www.facebook.com","facebook.com"] equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2467618518.0000019AF0622000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: -l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Wikipedia&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.reddit.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="R"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/reddit-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Reddit<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Reddit&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" href="https://twitter.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="T"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/twitter-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Twitter<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Twitter&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li></ul><div class="edit-topsites-wrapper"></div></div></section></div></div></div></div><style data-styles="[[null]]"></style></div><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div></div></div></div><style data-styles="[[null]]"></style></div></div></main></div></div> equals www.twitter.com (Twitter)
                  Source: firefox.exe, 0000001D.00000002.2575804371.0000019AF4BDC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.facebook.com/* equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000003.2346404228.0000019AF590A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.youtube.com/* equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000003.2182754467.0000019AF4CE3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2636981415.0000019AF5DD6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2126191237.0000019AF55E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.facebook.com/ equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000003.2182754467.0000019AF4CE3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2636981415.0000019AF5DD6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2126191237.0000019AF55E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.youtube.com/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2575804371.0000019AF4BDC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2549932705.0000019AF4276000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2687235578.0000019AFD3A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.facebook.com equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000003.2346404228.0000019AF590A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.youtube.com equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: @mozilla.org/network/safe-file-output-stream;1@mozilla.org/network/file-output-stream;1resource://gre/modules/addons/XPIProvider.jsm@mozilla.org/addons/addon-manager-startup;1https://smartblock.firefox.etp/facebook.svg*://track.adform.net/serving/scripts/trackpoint/*://cdn.branch.io/branch-latest.min.js*resource://gre/modules/FileUtils.sys.mjs*://www.googletagservices.com/tag/js/gpt.js**://www.googletagmanager.com/gtm.js**://adservex.media.net/videoAds.js**://*.vidible.tv/*/vidible-min.js**://s.webtrends.com/js/advancedLinkTracking.js*://s.webtrends.com/js/webtrends.js*://pagead2.googlesyndication.com/tag/js/gpt.js**://s0.2mdn.net/instream/html5/ima3.js*://static.adsafeprotected.com/iasPET.1.js*://s.webtrends.com/js/webtrends.min.jsTelemetrySession::onEnvironmentChange equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: You may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: You may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.twitter.com (Twitter)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: You may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: ["www.facebook.com","facebook.com"] equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: ["www.youtube.com","youtube.com"] equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: [{incognito:null, tabId:null, types:["image"], urls:["*://track.adform.net/Serving/TrackPoint/*", "*://pixel.advertising.com/firefox-etp", "*://*.advertising.com/*.js*", "*://*.advertising.com/*", "*://securepubads.g.doubleclick.net/gampad/*ad-blk*", "*://pubads.g.doubleclick.net/gampad/*ad-blk*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://vast.adsafeprotected.com/vast*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://securepubads.g.doubleclick.net/gampad/*ad*", "*://pubads.g.doubleclick.net/gampad/*ad*", "*://www.facebook.com/platform/impression.php*", "https://ads.stickyadstv.com/firefox-etp", "*://ads.stickyadstv.com/auto-user-sync*", "*://ads.stickyadstv.com/user-matching*", "https://static.adsafeprotected.com/firefox-etp-pixel", "*://*.adsafeprotected.com/*.gif*", "*://*.adsafeprotected.com/*.png*", "*://*.adsafeprotected.com/*.js*", "*://*.adsafeprotected.com/*/adj*", "*://*.adsafeprotected.com/*/imp/*", "*://*.adsafeprotected.com/*/Serving/*", "*://*.adsafeprotected.com/*/unit/*", "*://*.adsafeprotected.com/jload", "*://*.adsafeprotected.com/jload?*", "*://*.adsafeprotected.com/jsvid", "*://*.adsafeprotected.com/jsvid?*", "*://*.adsafeprotected.com/mon*", "*://*.adsafeprotected.com/tpl", "*://*.adsafeprotected.com/tpl?*", "*://*.adsafeprotected.com/services/pub*", "*://*.adsafeprotected.com/*"], windowId:null}, ["blocking"]] equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F09000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: [{incognito:null, tabId:null, types:["imageset"], urls:["*://track.adform.net/Serving/TrackPoint/*", "*://pixel.advertising.com/firefox-etp", "*://*.advertising.com/*.js*", "*://*.advertising.com/*", "*://securepubads.g.doubleclick.net/gampad/*ad-blk*", "*://pubads.g.doubleclick.net/gampad/*ad-blk*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://vast.adsafeprotected.com/vast*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://securepubads.g.doubleclick.net/gampad/*ad*", "*://pubads.g.doubleclick.net/gampad/*ad*", "*://www.facebook.com/platform/impression.php*", "https://ads.stickyadstv.com/firefox-etp", "*://ads.stickyadstv.com/auto-user-sync*", "*://ads.stickyadstv.com/user-matching*", "https://static.adsafeprotected.com/firefox-etp-pixel", "*://*.adsafeprotected.com/*.gif*", "*://*.adsafeprotected.com/*.png*", "*://*.adsafeprotected.com/*.js*", "*://*.adsafeprotected.com/*/adj*", "*://*.adsafeprotected.com/*/imp/*", "*://*.adsafeprotected.com/*/Serving/*", "*://*.adsafeprotected.com/*/unit/*", "*://*.adsafeprotected.com/jload", "*://*.adsafeprotected.com/jload?*", "*://*.adsafeprotected.com/jsvid", "*://*.adsafeprotected.com/jsvid?*", "*://*.adsafeprotected.com/mon*", "*://*.adsafeprotected.com/tpl", "*://*.adsafeprotected.com/tpl?*", "*://*.adsafeprotected.com/services/pub*", "*://*.adsafeprotected.com/*"], windowId:null}, ["blocking"]] equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF861000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: [{incognito:null, tabId:null, types:["script"], urls:["*://webcompat-addon-testbed.herokuapp.com/shims_test.js", "*://example.com/browser/browser/extensions/webcompat/tests/browser/shims_test.js", "*://example.com/browser/browser/extensions/webcompat/tests/browser/shims_test_2.js", "*://example.com/browser/browser/extensions/webcompat/tests/browser/shims_test_3.js", "*://s7.addthis.com/icons/official-addthis-angularjs/current/dist/official-addthis-angularjs.min.js*", "*://track.adform.net/serving/scripts/trackpoint/", "*://track.adform.net/serving/scripts/trackpoint/async/", "*://*.adnxs.com/*/ast.js*", "*://*.adnxs.com/*/pb.js*", "*://*.adnxs.com/*/prebid*", "*://www.everestjs.net/static/st.v3.js*", "*://static.adsafeprotected.com/vans-adapter-google-ima.js", "*://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js", "*://cdn.branch.io/branch-latest.min.js*", "*://pub.doubleverify.com/signals/pub.js*", "*://c.amazon-adsystem.com/aax2/apstag.js", "*://auth.9c9media.ca/auth/main.js", "*://static.chartbeat.com/js/chartbeat.js", "*://static.chartbeat.com/js/chartbeat_video.js", "*://static.criteo.net/js/ld/publishertag.js", "*://*.imgur.com/js/vendor.*.bundle.js", "*://*.imgur.io/js/vendor.*.bundle.js", "*://www.rva311.com/static/js/main.*.chunk.js", "*://web-assets.toggl.com/app/assets/scripts/*.js", "*://libs.coremetrics.com/eluminate.js", "*://connect.facebook.net/*/sdk.js*", "*://connect.facebook.net/*/all.js*", "*://secure.cdn.fastclick.net/js/cnvr-launcher/*/launcher-stub.min.js*", "*://www.google-analytics.com/analytics.js*", "*://www.google-analytics.com/gtm/js*", "*://www.googletagmanager.com/gtm.js*", "*://www.google-analytics.com/plugins/ua/ec.js", "*://ssl.google-analytics.com/ga.js", "*://s0.2mdn.net/instream/html5/ima3.js", "*://imasdk.googleapis.com/js/sdkloader/ima3.js", "*://www.googleadservices.com/pagead/conversion_async.js", "*://www.googletagservices.com/tag/js/gpt.js*", "*://pagead2.googlesyndication.com/tag/js/gpt.js*", "*://pagead2.googlesyndication.com/gpt/pubads_impl_*.js*", "*://securepubads.g.doubleclick.net/tag/js/gpt.js*", "*://securepubads.g.doubleclick.net/gpt/pubads_impl_*.js*", "*://script.ioam.de/iam.js", "*://cdn.adsafeprotected.com/iasPET.1.js", "*://static.adsafeprotected.com/iasPET.1.js", "*://adservex.media.net/videoAds.js*", "*://*.moatads.com/*/moatad.js*", "*://*.moatads.com/*/moatapi.js*", "*://*.moatads.com/*/moatheader.js*", "*://*.moatads.com/*/yi.js*", "*://*.imrworldwide.com/v60.js", "*://cdn.optimizely.com/js/*.js", "*://cdn.optimizely.com/public/*.js", "*://id.rambler.ru/rambler-id-helper/auth_events.js", "*://media.richrelevance.com/rrserver/js/1.2/p13n.js", "*://www.gstatic.com/firebasejs/*/firebase-messaging.js*", "*://*.vidible.tv/*/vidible-min.js*", "*://vdb-cdn-files.s3.amazonaws.com/*/vidible-min.js*", "*://js.maxmind.com/js/apis/geoip2/*/geoip2.js", "*://s.webtrends.com/js/advancedLinkTracking.js", "*://s.webtrends.com/js/webtrends.js", "*://s.webtrends.com/js/webtrends.min.js"], windowId
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF861000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: [{incognito:null, tabId:null, types:["script"], urls:["*://webcompat-addon-testbed.herokuapp.com/shims_test.js", "*://example.com/browser/browser/extensions/webcompat/tests/browser/shims_test.js", "*://example.com/browser/browser/extensions/webcompat/tests/browser/shims_test_2.js", "*://example.com/browser/browser/extensions/webcompat/tests/browser/shims_test_3.js", "*://s7.addthis.com/icons/official-addthis-angularjs/current/dist/official-addthis-angularjs.min.js*", "*://track.adform.net/serving/scripts/trackpoint/", "*://track.adform.net/serving/scripts/trackpoint/async/", "*://*.adnxs.com/*/ast.js*", "*://*.adnxs.com/*/pb.js*", "*://*.adnxs.com/*/prebid*", "*://www.everestjs.net/static/st.v3.js*", "*://static.adsafeprotected.com/vans-adapter-google-ima.js", "*://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js", "*://cdn.branch.io/branch-latest.min.js*", "*://pub.doubleverify.com/signals/pub.js*", "*://c.amazon-adsystem.com/aax2/apstag.js", "*://auth.9c9media.ca/auth/main.js", "*://static.chartbeat.com/js/chartbeat.js", "*://static.chartbeat.com/js/chartbeat_video.js", "*://static.criteo.net/js/ld/publishertag.js", "*://*.imgur.com/js/vendor.*.bundle.js", "*://*.imgur.io/js/vendor.*.bundle.js", "*://www.rva311.com/static/js/main.*.chunk.js", "*://web-assets.toggl.com/app/assets/scripts/*.js", "*://libs.coremetrics.com/eluminate.js", "*://connect.facebook.net/*/sdk.js*", "*://connect.facebook.net/*/all.js*", "*://secure.cdn.fastclick.net/js/cnvr-launcher/*/launcher-stub.min.js*", "*://www.google-analytics.com/analytics.js*", "*://www.google-analytics.com/gtm/js*", "*://www.googletagmanager.com/gtm.js*", "*://www.google-analytics.com/plugins/ua/ec.js", "*://ssl.google-analytics.com/ga.js", "*://s0.2mdn.net/instream/html5/ima3.js", "*://imasdk.googleapis.com/js/sdkloader/ima3.js", "*://www.googleadservices.com/pagead/conversion_async.js", "*://www.googletagservices.com/tag/js/gpt.js*", "*://pagead2.googlesyndication.com/tag/js/gpt.js*", "*://pagead2.googlesyndication.com/gpt/pubads_impl_*.js*", "*://securepubads.g.doubleclick.net/tag/js/gpt.js*", "*://securepubads.g.doubleclick.net/gpt/pubads_impl_*.js*", "*://script.ioam.de/iam.js", "*://cdn.adsafeprotected.com/iasPET.1.js", "*://static.adsafeprotected.com/iasPET.1.js", "*://adservex.media.net/videoAds.js*", "*://*.moatads.com/*/moatad.js*", "*://*.moatads.com/*/moatapi.js*", "*://*.moatads.com/*/moatheader.js*", "*://*.moatads.com/*/yi.js*", "*://*.imrworldwide.com/v60.js", "*://cdn.optimizely.com/js/*.js", "*://cdn.optimizely.com/public/*.js", "*://id.rambler.ru/rambler-id-helper/auth_events.js", "*://media.richrelevance.com/rrserver/js/1.2/p13n.js", "*://www.gstatic.com/firebasejs/*/firebase-messaging.js*", "*://*.vidible.tv/*/vidible-min.js*", "*://vdb-cdn-files.s3.amazonaws.com/*/vidible-min.js*", "*://js.maxmind.com/js/apis/geoip2/*/geoip2.js", "*://s.webtrends.com/js/advancedLinkTracking.js", "*://s.webtrends.com/js/webtrends.js", "*://s.webtrends.com/js/webtrends.min.js"], windowId
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F10000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: [{incognito:null, tabId:null, types:["xmlhttprequest"], urls:["*://track.adform.net/Serving/TrackPoint/*", "*://pagead2.googlesyndication.com/pagead/*.js*fcd=true", "*://pagead2.googlesyndication.com/pagead/js/*.js*fcd=true", "*://pixel.advertising.com/firefox-etp", "*://cdn.cmp.advertising.com/firefox-etp", "*://*.advertising.com/*.js*", "*://*.advertising.com/*", "*://securepubads.g.doubleclick.net/gampad/*ad-blk*", "*://pubads.g.doubleclick.net/gampad/*ad-blk*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://vast.adsafeprotected.com/vast*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://securepubads.g.doubleclick.net/gampad/*ad*", "*://pubads.g.doubleclick.net/gampad/*ad*", "*://www.facebook.com/platform/impression.php*", "https://ads.stickyadstv.com/firefox-etp", "*://ads.stickyadstv.com/auto-user-sync*", "*://ads.stickyadstv.com/user-matching*", "https://static.adsafeprotected.com/firefox-etp-pixel", "https://static.adsafeprotected.com/firefox-etp-js", "*://*.adsafeprotected.com/*.gif*", "*://*.adsafeprotected.com/*.png*", "*://*.adsafeprotected.com/*.js*", "*://*.adsafeprotected.com/*/adj*", "*://*.adsafeprotected.com/*/imp/*", "*://*.adsafeprotected.com/*/Serving/*", "*://*.adsafeprotected.com/*/unit/*", "*://*.adsafeprotected.com/jload", "*://*.adsafeprotected.com/jload?*", "*://*.adsafeprotected.com/jsvid", "*://*.adsafeprotected.com/jsvid?*", "*://*.adsafeprotected.com/mon*", "*://*.adsafeprotected.com/tpl", "*://*.adsafeprotected.com/tpl?*", "*://*.adsafeprotected.com/services/pub*", "*://*.adsafeprotected.com/*"], windowId:null}, ["blocking"]] equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: _determineToolbarAndContentTheme/contentTheme<chrome://browser/content/browser.js--lwt-background-tab-separator-color--toolbarbutton-active-background["www.youtube.com","youtube.com"] equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2731273262.0000019AFDD47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.facebook.com/ equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2731273262.0000019AFDD47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.youtube.com/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: chrome://browser/content/places/editBookmark.jschrome://browser/content/browser-pagestyle.js@mozilla.org/browser/favicon-service;1@mozilla.org/content-pref/service;1*://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%spdfjs.previousHandler.preferredActionpdfjs.previousHandler.alwaysAskBeforeHandlinghttp://www.inbox.lv/rfc2368/?value=%s@mozilla.org/uriloader/web-handler-app;1http://compose.mail.yahoo.co.jp/ym/Compose?To=%shttps://mail.yahoo.co.jp/compose/?To=%s_finalizeInternal/this._finalizePromise<chrome://browser/content/tabbrowser.jsVALIDATE_DONT_COLLAPSE_WHITESPACEpreviousHandler.alwaysAskBeforeHandling.{0f2c2d7a-565a-48ff-bc10-f8b70ace1d2e}resource://nimbus/ExperimentAPI.sys.mjs@mozilla.org/uriloader/handler-service;1mr2022-onboarding-set-default-subtitle equals www.yahoo.com (Yahoo)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://vk.com/,https://www.youtube.com/,https://ok.ru/,https://www.avito.ru/,https://www.aliexpress.com/,https://www.wikipedia.org/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000003.2182754467.0000019AF4CE3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2126191237.0000019AF55E5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2497453112.0000019AF1BA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/ equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000003.2182754467.0000019AF4CE3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2126191237.0000019AF55E5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2497453112.0000019AF1BA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/ equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.twitter.com (Twitter)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/ equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/ equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.twitter.com (Twitter)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.twitter.com (Twitter)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/L equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/L equals www.twitter.com (Twitter)
                  Source: firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/L equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.twitter.com (Twitter)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2687235578.0000019AFD3D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2134828351.0000019AFD3D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2687235578.0000019AFD3D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2134828351.0000019AFD3D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.twitter.com (Twitter)
                  Source: firefox.exe, 0000001D.00000002.2687235578.0000019AFD3D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2134828351.0000019AFD3D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2672729793.0000019AFB700000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000001D.00000002.2575804371.0000019AF4BF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: moz-extension://06836808-3da5-4b66-93b7-b66b1a840a96/injections/js/bug1842437-www.youtube.com-performance-now-precision.js equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2497453112.0000019AF1B6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2575804371.0000019AF4BDC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2549932705.0000019AF4276000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
                  Source: firefox.exe, 0000001D.00000002.2467618518.0000019AF0622000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2578892081.0000019AF4CC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2010275237.0000019AF4CA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000003.2145780093.0000019AFDBCE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com- equals www.youtube.com (Youtube)
                  Source: firefox.exe, 0000001D.00000002.2549932705.0000019AF4276000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2687235578.0000019AFD368000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2032574390.0000019AF43E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: x*://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
                  Source: global trafficDNS traffic detected: DNS query: freegeoip.app
                  Source: global trafficDNS traffic detected: DNS query: ipbase.com
                  Source: global trafficDNS traffic detected: DNS query: www.google.com
                  Source: global trafficDNS traffic detected: DNS query: detectportal.firefox.com
                  Source: global trafficDNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
                  Source: global trafficDNS traffic detected: DNS query: example.org
                  Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
                  Source: global trafficDNS traffic detected: DNS query: contile.services.mozilla.com
                  Source: global trafficDNS traffic detected: DNS query: www.youtube.com
                  Source: global trafficDNS traffic detected: DNS query: www.facebook.com
                  Source: global trafficDNS traffic detected: DNS query: www.wikipedia.org
                  Source: global trafficDNS traffic detected: DNS query: spocs.getpocket.com
                  Source: global trafficDNS traffic detected: DNS query: youtube-ui.l.google.com
                  Source: global trafficDNS traffic detected: DNS query: star-mini.c10r.facebook.com
                  Source: global trafficDNS traffic detected: DNS query: dyna.wikimedia.org
                  Source: global trafficDNS traffic detected: DNS query: www.reddit.com
                  Source: global trafficDNS traffic detected: DNS query: twitter.com
                  Source: global trafficDNS traffic detected: DNS query: reddit.map.fastly.net
                  Source: global trafficDNS traffic detected: DNS query: prod.ads.prod.webservices.mozgcp.net
                  Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
                  Source: global trafficDNS traffic detected: DNS query: content-signature-2.cdn.mozilla.net
                  Source: global trafficDNS traffic detected: DNS query: prod.content-signature-chains.prod.webservices.mozgcp.net
                  Source: global trafficDNS traffic detected: DNS query: shavar.services.mozilla.com
                  Source: global trafficDNS traffic detected: DNS query: firefox.settings.services.mozilla.com
                  Source: global trafficDNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
                  Source: global trafficDNS traffic detected: DNS query: push.services.mozilla.com
                  Source: global trafficDNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
                  Source: unknownHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4788Host: login.live.com
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 02 May 2024 18:27:32 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeAge: 0Cache-Control: public,max-age=0,must-revalidateCache-Status: "Netlify Edge"; fwd=missVary: Accept-EncodingX-Nf-Request-Id: 01HWX8ZHWSAZ9HV9ARNS9XFDH8CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXmN5mUxHnZu7VugaGX8KOBM3FS7BhKQfvhlZFC0wDUfl%2FVl%2BW%2FF8X4vAsDe7%2B%2B522v6zJq1G%2F5yWFT2Z8JsSUKZpAY6U3em6HhM5RtMDfLt5CfzdN6ub4r2NAvH"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87da10df396c8c45-EWRalt-svc: h3=":443"; ma=86400
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 02 May 2024 18:28:48 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeAge: 33195Cache-Control: public,max-age=0,must-revalidateCache-Status: "Netlify Edge"; hitVary: Accept-EncodingX-Nf-Request-Id: 01HWX91VRB62HFKR8GDHY4XQANCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnMbT4jwq18HbFnum4fUta7dG2ypaURGsOYC%2BsrAVV4Sciqn6tTWjjUbzyFxJCh1KqcXR1YpaR0iQpjYJ%2BWuAsMIBOBrXTqsy9qogus%2BFDqhtYoep1Cb2LeBs3vi"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87da12b7f9fa1774-EWRalt-svc: h3=":443"; ma=86400
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 02 May 2024 18:29:00 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeAge: 14026Cache-Control: public,max-age=0,must-revalidateCache-Status: "Netlify Edge"; hitVary: Accept-EncodingX-Nf-Request-Id: 01HWX927G4XTC9V63VGKRYJAA2CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zPVijTRjMmAayQUweCOnANNWb6YfJ9eUsD4etu5DcVLvbbyJSHd19BKltH3Qb%2BKXIr8SNC8kODDjP1lqBZlOn58mOiK41rdLqgqdV2O6bLt4puc%2BRnCO3D1I%2FJiW"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87da130319fc0f5b-EWRalt-svc: h3=":443"; ma=86400
                  Source: firefox.exe, 0000001D.00000002.2490050070.0000019AF0E37000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.0/
                  Source: firefox.exe, 0000001D.00000003.2167505704.0000019AFE334000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.1/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.0/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.1/
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2354457545.0000019AF3193000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DiNyy
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
                  Source: firefox.exe, 0000001D.00000003.2012675454.0000019AF3BF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
                  Source: firefox.exe, 0000001D.00000003.2012675454.0000019AF3BF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
                  Source: firefox.exe, 0000001D.00000002.2509279188.0000019AF317E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTr
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%shttps://mail.yahoo.co.jp/compose/?To=%s
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%shttps://mail.yahoo.co.jp/compose/?To=%s_finalizeInte
                  Source: firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%ss
                  Source: firefox.exe, 0000001D.00000003.2012675454.0000019AF3BF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
                  Source: firefox.exe, 0000001D.00000002.2509279188.0000019AF317E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiC
                  Source: firefox.exe, 0000001D.00000002.2509279188.0000019AF317E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.c
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
                  Source: firefox.exe, 0000001D.00000003.2012675454.0000019AF3BF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
                  Source: firefox.exe, 0000001D.00000003.2012675454.0000019AF3BF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
                  Source: firefox.exe, 0000001D.00000003.2012675454.0000019AF3BF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
                  Source: firefox.exe, 0000001D.00000003.2012675454.0000019AF3BF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
                  Source: firefox.exe, 0000001D.00000002.2451543927.0000019AEF7A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com
                  Source: firefox.exe, 0000001D.00000003.2163589695.0000019AF55FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/
                  Source: firefox.exe, 0000001D.00000002.2451543927.0000019AEF77F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2180460751.0000019AFD3CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.html
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.htmlACTIVITY_SUBTYPE_CONNECTION_CREATEDresource://gre/modu
                  Source: firefox.exe, 0000001D.00000003.2030651208.0000019AF4D97000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2117098054.0000019AFE384000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2625900760.0000019AF56DB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2575804371.0000019AF4B33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2017945293.0000019AFE385000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
                  Source: firefox.exe, 0000001D.00000002.2687235578.0000019AFD3BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2625900760.0000019AF56DB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2017945293.0000019AFE385000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
                  Source: firefox.exe, 0000001D.00000002.2731273262.0000019AFDD68000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListener
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListenerFailed
                  Source: firefox.exe, 0000001D.00000002.2731273262.0000019AFDD68000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListener
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListenerThe
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEE8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/common
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEE81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/dates-and-times
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEE8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/math
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEE81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/regular-expressionsP
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEE8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/sets
                  Source: firefox.exe, 0000001D.00000002.2418184300.0000019AE3603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/strings
                  Source: Pots.exe, 00000005.00000002.1137260907.0000000003BDA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://freegeoip.app
                  Source: Pots.exe, 00000005.00000002.1137260907.0000000003BDA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://freegeoip.appl
                  Source: Pots.exe, 00000005.00000002.1137260907.0000000003C2B000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003D82000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.00000000037ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ipbase.com
                  Source: Pots.exe, 00000005.00000002.1137260907.0000000003C2B000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003D82000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.00000000037ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ipbase.coml
                  Source: firefox.exe, 0000001D.00000002.2529548453.0000019AF3703000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-04/schema#
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-06/schema#
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-07/schema#
                  Source: firefox.exe, 0000001D.00000002.2529548453.0000019AF3703000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-07/schema#-
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2236534325.0000019AF0CC9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org
                  Source: firefox.exe, 0000001D.00000002.2451543927.0000019AEF7E1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2412138936.00000154DBF00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/additionalProperties
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/additionalProperties3653f6418b057826685c7ae01b3713bc67ab0e385a573313cd65f5a4df1
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/additionalPropertiesMicrosoft
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/additionalPropertiesbackgroundtaskmessage-notification-release-4pct-fr:treatmen
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/additionalPropertieshttps://www.google.com/search?client=firefox-b-d&q=8dd08661
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/additionalPropertiesmr2022-backgroundtaskmessage-notification-release-1pcthttps
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/additionalPropertiesresource://gre/modules/addons/AddonRepository.sys.mjsapp-bu
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/additionalPropertiesshowing-3rd-sponsored-tile-on-the-newtab-page-phase-3-ukfre
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/aboutWelcomeBehavior
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/addonsFeatureGate
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/addonsFeatureGatehttp://mozilla.org/#/properties/bestMatchBlockingEn
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/addonsShowLessFrequentlyCap
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/addonsUITreatment
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/addonsUITreatmentUnknown
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/appId
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/appName
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/appNamehttp://mozilla.org/#/properties/channelFailed
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/autoFillAdaptiveHistoryEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/autoFillAdaptiveHistoryEnabledresource://gre/modules/shared/CreditCa
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/autoFillAdaptiveHistoryMinCharsThreshold
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/autoFillAdaptiveHistoryMinCharsThresholdresource://gre/modules/compo
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/autoFillAdaptiveHistoryUseCountThreshold
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/autoFillAdaptiveHistoryUseCountThreshold:
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bestMatchBlockingEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bestMatchEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bestMatchEnabledCould
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/boolean
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/feature
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/feature/properties/featureId
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/feature/properties/value
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/feature/properties/value/additiona
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/ratio
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/slug
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0http://mozilla.org/#/properties/branches/anyOf/1http
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature/properties/enabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature/properties/featureId
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature/properties/value
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature/properties/value/additiona
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/features
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/features/items
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/features/items/properties/featureI
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/features/items/properties/value
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/features/items/properties/value/ad
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/features/itemshttp://mozilla.org/#
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/ratio
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/ratio:
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/slug
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/slughttp://mozilla.org/#/propertie
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features/items
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features/items/properties/featureI
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features/items/properties/value
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features/items/properties/value/ad
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features/itemshttp://mozilla.org/#
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/ratio
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/ratiohttp://mozilla.org/#/properti
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/slug
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2http://mozilla.org/#/properties/userFacingName
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bucketConfig
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bucketConfig/properties/count
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bucketConfig/properties/namespace
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bucketConfig/properties/randomizationUnit
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bucketConfig/properties/start
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bucketConfig/properties/total
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/cbhStudyRow
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/cbhStudyUs
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/cbhStudyUshttp://mozilla.org/#/properties/trendingEnabledhttp://mozi
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/channel
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/csvImport
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/disableGreaseOnFallback
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/dnsMaxAnyPriorityThreads
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/dnsMaxPriorityThreads
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/ehPreconnectEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/ehPreloadEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/ehPreloadEnabledInvalid
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/ehPreloadEnabledhttp://mozilla.org/#/properties/dnsMaxAnyPriorityThr
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/enabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/enabledapp-builtin:firefox-compact-dark
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/endDate
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/enrollmentEndDate
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/experimentType
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/exposureResults
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/extraParams
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/extraParamsshowing-3rd-sponsored-tile-on-the-newtab-page-phase-3-ukf
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/featureIds
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/featureIds/items
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/featureIds/itemshttp://mozilla.org/#/properties/isRollout
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/featureValidationOptOut
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/filterFetchResponse
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/forceWaitHttpsRR
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/forceWaitHttpsRRhttp://mozilla.org/#/properties/h3GreaseEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/forceWaitHttpsRRhttp://mozilla.org/#/properties/h3GreaseEnabledhttp:
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/greasePaddingSize
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/h3Enabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/h3GreaseEnabled
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/id
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/insecureFallback
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/insecureFallbackCould
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/insecureFallbackThis
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/isBestMatchExperiment
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/isBestMatchExperimentresource://gre/modules/shared/FormAutofillNameU
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/isEnrollmentPaused
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/isEnrollmentPausedhttp://mozilla.org/#/properties/isRollouthttp://mo
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/isRollout
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/javascriptValidator
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/louserzations
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/louserzations/anyOf/0
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/louserzations/anyOf/0/additionalProperties
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/louserzations/anyOf/0/additionalProperties/additionalProperties
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/louserzations/anyOf/1
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/mdnFeatureGate
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/mediaExceptionsStrategy
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/mediaExceptionsStrategySending
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/merinoClientVariants
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/merinoClientVariantshttp://mozilla.org/#/properties/merinoTimeoutMs
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/merinoEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/merinoEndpointURL
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/merinoEndpointURLwhenVerified
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/merinoProviders
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/merinoTimeoutMs
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/migrateExtensions
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/networkPredictor
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/networkPredictorInvalid
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/originsAlternativeEnable
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/originsDaysCutOff
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/originsDaysCutOffhttp://mozilla.org/#/properties/pagesAlternativeEna
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/outcomes
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/outcomes/items
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/outcomes/items/properties/priority
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/outcomes/items/properties/slug
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pagesAlternativeEnable
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pagesHalfLifeDays
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pagesHalfLifeDaysopaque-response-blocking-orb-staged-release-rollout
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pagesHighWeight
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pagesLowWeight
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pagesMediumWeight
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pagesMediumWeightMicrosoft
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pagesNumSampledVisits
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pocketFeatureGate
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pocketFeatureGatehttp://mozilla.org/#/properties/addonsShowLessFrequ
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pocketShowLessFrequentlyCap
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pocketShowLessFrequentlyCaphttp://mozilla.org/#/properties/merinoCli
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/preconnect
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/proposedDuration
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/proposedDurationThe
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/proposedEnrollment
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestAllowPositionInSuggestions
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestBlockingEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestBlockingEnabledFirefoxRelay.sys.mjs
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestDataCollectionEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestDataCollectionEnabledhttp://mozilla.org/#/properties/qui
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestEnabledhttp://mozilla.org/#/properties/quickSuggestNonSp
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestEnabledresource://autofill/FormAutofillStorageBase.sys.m
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestImpressionCapsNonSponsoredEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestImpressionCapsNonSponsoredEnabledhttp://mozilla.org/#/pr
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestImpressionCapsSponsoredEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestNonSponsoredEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestNonSponsoredEnabledhttp://mozilla.org/#/properties/quick
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestNonSponsoredIndex
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestNonSponsoredIndexhttp://mozilla.org/#/properties/weather
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestOnboardingDialogVariation
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestOnboardingDialogVariationSELECT
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestRemoteSettingsDataType
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestRemoteSettingsEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestScenario
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestScenariopageLoad
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestScoreMap
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestShouldShowOnboardingDialog
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestShowOnboardingDialogAfterNRestarts
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestSponsoredEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestSponsoredIndex
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/recordNavigationalSuggestionTelemetry
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/referenceBranch
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/richSuggestionsFeatureGate
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/richSuggestionsFeatureGateShowing
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/schemaVersion
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/schemaVersioneval(arguments
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/serpEventTelemetryEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/showExposureResults
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/showExposureResultsinvalid
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/showImportAll
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/showImportAllhttp://mozilla.org/#/properties/h3Enabledhttps://www.go
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/showPreferencesEntrypoint
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/showSearchTermsFeatureGate
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/showSearchTermsFeatureGatehttp://mozilla.org/#/properties/quickSugge
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/slug
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/startDate
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/targeting
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/tlsEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/tlsEnabledhttp://mozilla.org/#/properties/aboutWelcomeBehavior
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/tlsGreaseProb
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/trendingEnabled
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/trendingMaxResultsNoSearchMode
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/trendingRequireSearchMode
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/useNewWizard
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/userFacingDescription
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/userFacingDescriptionPassed
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/userFacingName
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/weatherFeatureGate
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/weatherFeatureGatechrome://extensions/content/parent/ext-backgroundP
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/weatherKeywords
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/weatherKeywordsMinimumLength
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/weatherKeywordsMinimumLengthCap
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/weatherKeywordsMinimumLengthCapMicrosoft
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/weatherKeywordsMinimumLengthsetAccountData:
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/weatherKeywordshttp://mozilla.org/#/properties/weatherKeywordsMinimu
                  Source: firefox.exe, 0000001D.00000002.2412138936.00000154DBF00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/&
                  Source: firefox.exe, 0000001D.00000002.2412138936.00000154DBF00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/0S
                  Source: firefox.exe, 0000001D.00000002.2467618518.0000019AF0622000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2101237535.0000019AF4DA8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2115386440.0000019D0003F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2126033704.0000019AF562C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2215856583.0000019AF67D2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2126191237.0000019AF55E5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2529548453.0000019AF376F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2298491195.0000019AF5147000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2010275237.0000019AF4C75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2692170799.0000019AFD53A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2173283428.0000019AF5DC3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2641795492.0000019AF67B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2240359667.0000019AF0AE0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2636981415.0000019AF5DC3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2256329498.0000019AEF32F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2641795492.0000019AF67EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2273276144.0000019AFDC30000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2470945970.0000019AF0778000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.1927695916.0000019AF0A39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2007963082.0000019AF67D7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2575804371.0000019AF4B2F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0/.
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2354457545.0000019AF3193000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digice
                  Source: firefox.exe, 0000001D.00000003.2012675454.0000019AF3BF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2509279188.0000019AF317E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0C
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2354457545.0000019AF3193000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0N
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
                  Source: firefox.exe, 0000001D.00000003.2012675454.0000019AF3BF2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%s
                  Source: firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%sw
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEEDA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2697808055.0000019AFD67F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2621386863.0000019AF5528000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2641795492.0000019AF67DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEEDA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0.
                  Source: firefox.exe, 0000001D.00000003.2103483332.0000019AFD677000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2171285217.0000019AFB2F4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2026761447.0000019AFB2E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0W
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEEDA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2697808055.0000019AFD67F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2621386863.0000019AF5528000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2641795492.0000019AF67DA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2103483332.0000019AFD677000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2171285217.0000019AFB2F4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2026761447.0000019AFB2E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.o.lencr.org0
                  Source: Pots.exe, 00000005.00000002.1137260907.0000000003CBC000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%s
                  Source: firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%sy
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
                  Source: Pots.exe, 00000005.00000002.1133415880.0000000000E1C000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://www.enigmaprotector.com/
                  Source: Pots.exe, 00000005.00000002.1133415880.0000000000E1C000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: http://www.enigmaprotector.com/openU
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%s
                  Source: firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%su
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-update
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-updatedisabled_picture_in_picture_overrides.pbs
                  Source: firefox.exe, 0000001D.00000002.2676273306.0000019AFCF35000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-updatex
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2006/browser/search/
                  Source: firefox.exe, 0000001D.00000002.2479434554.0000019AF0B19000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2173898160.0000019AF56D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulA
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulchrome://browser/content/screenshots/fi
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulchrome://global/content/elements/arrows
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulchrome://global/content/elements/autoco
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulchrome://global/content/elements/browse
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulchrome://passwordmgr/locale/passwordmgr
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulhttp://www.mozilla.org/keymaster/gateke
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulopenPreferences/internalPrefCategoryNam
                  Source: firefox.exe, 0000001D.00000003.2148241360.0000019AFDA8A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2096753294.0000019AFDA8A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2035217238.0000019AFDA8A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2211680633.0000019AFDA8A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2178899127.0000019AFDA7C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2717971532.0000019AFDA7C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulp/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulresource:///modules/UrlbarProviderSearc
                  Source: mozilla-temp-41.29.drString found in binary or memory: http://www.videolan.org/x264.html
                  Source: firefox.exe, 0000001D.00000002.2697808055.0000019AFD67F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2621386863.0000019AF5528000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2012675454.0000019AF3BF2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2529548453.0000019AF3703000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2103483332.0000019AFD677000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
                  Source: firefox.exe, 0000001D.00000002.2697808055.0000019AFD67F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2621386863.0000019AF5528000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2012675454.0000019AF3BF2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2529548453.0000019AF3703000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2103483332.0000019AFD677000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.malware-error.mozilla.com/?url=
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-error.mozilla.com/?url=
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-report.mozilla.com/?url=
                  Source: firefox.exe, 0000001D.00000003.2124057275.0000019AF56D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://MD8.mozilla.org/1/m
                  Source: firefox.exe, 0000001D.00000002.2497453112.0000019AF1B6C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2672729793.0000019AFB700000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000001D.00000003.1912689461.0000019AF0D05000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.1911270889.0000019AF0B00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/
                  Source: Pots.exe, 00000005.00000002.1140620294.0000000004C0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1909292706.0000000004D7E000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2039629870.000000000474D000.00000004.00000800.00020000.00000000.sdmp, tmp51ED.tmp.dat.5.dr, tmp7C34.tmp.dat.25.dr, tmp7C04.tmp.dat.25.dr, tmp51AD.tmp.dat.5.dr, tmpABD0.tmp.dat.39.dr, tmpAAF3.tmp.dat.39.drString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
                  Source: firefox.exe, 0000001D.00000002.2646747942.0000019AF6811000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.bellmedia.c
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.bellmedia.ca
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.bellmedia.cacfr-doorhanger-extension-headingA
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2554904923.0000019AF4365000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com
                  Source: firefox.exe, 0000001D.00000003.2346404228.0000019AF5970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2721497917.0000019AFDB9E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/extension-setting-changedfx100-upgrade-thanks-keep-bodysetCookieStringF
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/settings/clients
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB0E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.comK
                  Source: firefox.exe, 0000001D.00000003.1908647302.0000019AF1B0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org
                  Source: firefox.exe, 0000001D.00000003.2343381191.0000019AF597B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/language-tools/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search-engines/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/themes
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2124057275.0000019AF56CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/en-US/firefox/collections/4757633/25c2b44583534b3fa8fea977c419cd/?page=1&
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2145780093.0000019AFDBCE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/enhancer-for-youtube/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2145780093.0000019AFDBCE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/facebook-container/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2145780093.0000019AFDBCE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2145780093.0000019AFDBCE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/to-google-translate/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2145780093.0000019AFDBCE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/wikipedia-context-menu-search/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/4040738/cookie_autodelete-3.8.2.xpi
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/4128570/languagetool-7.1.13.xpi
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/4129240/privacy_badger17-2023.6.23.xpi
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/4129240/privacy_badger17-2023.6.23.xpiThis
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/4134489/enhancer_for_youtube-2.0.119.1.xpi
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/4134489/enhancer_for_youtube-2.0.119.1.xpihttps://
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/4141092/facebook_container-2.3.11.xpi
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/4141092/facebook_container-2.3.11.xpiThis
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/506/506646-64.png?modified=mcrushed
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/506/506646-64.png?modified=mcrushedchrome://activi
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/700/700308-64.png?modified=4bc8e79f
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/708/708770-64.png?modified=4f881970
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/708/708770-64.png?modified=4f881970https://addons.
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/784/784287-64.png?modified=mcrushed
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/784/784287-64.png?modified=mcrushedhttps://addons.
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/954/954390-64.png?modified=97d4c956
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/954/954390-64.png?modified=97d4c956Our
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.orgmr2022-onboarding-pin-image-altmr2022-onboarding-import-headerGive
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2340150859.0000019B013BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads-us.rd.linksynergy.com/as.php
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2032574390.0000019AF43E3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2697808055.0000019AFD6A7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2549932705.0000019AF42C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads.stickyadstv.com/firefox-etp
                  Source: firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2705638465.0000019AFD856000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://allegro.pl/
                  Source: firefox.exe, 0000001D.00000002.2520744889.0000019AF3503000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://amazon.com/
                  Source: Pots.exe, 00000005.00000002.1137260907.0000000003D0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000005.00000002.1137260907.0000000003C21000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003DDF000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003D7A000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.000000000379F000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.000000000384A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://answers.netlify.com/t/support-guide-i-ve-deployed-my-site-but-i-still-see-page-not-found/125
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://api.accounts.firefox.com/v1
                  Source: Pots.exe, Pots.exe, 00000005.00000002.1137260907.0000000003B81000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.vimeworld.ru/user/name/
                  Source: Pots.exe, 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://api.vimeworld.ru/user/name/5https://freegeoip.app/xml/
                  Source: firefox.exe, 0000001D.00000003.2145780093.0000019AFDBCE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
                  Source: firefox.exe, 0000001D.00000003.2145780093.0000019AFDBCE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/a8bxj8j?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/app/firefox-private-safe-browser/id989804926
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738
                  Source: firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2735284189.0000019AFE3AB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2241910154.0000019AFE3AB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2208998938.0000019AFE3AF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org
                  Source: firefox.exe, 0000001D.00000002.2687235578.0000019AFD3BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VER
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2336262715.0000019B01FC4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2105024973.0000019AF689D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/Firefox/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/%blockID%.html
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEEAD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000020.00000002.2378127427.00000268074C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C9EF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2392349832.0000024E82E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.29.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&ci=1696581201119.12791&key=1696581201400600
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEEAD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000020.00000002.2378127427.00000268074C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C9EF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2392349832.0000024E82E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.29.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&ci=1696581201119.12791&key=1696581201400600000.1&cta
                  Source: firefox.exe, 0000001D.00000002.2746538729.0000019B00D03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mo
                  Source: firefox.exe, 0000001D.00000003.2295193464.0000019AF3CA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1170143
                  Source: firefox.exe, 0000001D.00000003.2295193464.0000019AF3CA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2298014938.0000019B012C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1189266
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1189266https://bugzilla.mozilla.org/show_bug.cgi?id=126
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2297276971.0000019AF3C4A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1193802
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2298014938.0000019B012C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1207993
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1238180
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1238180Required
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2298014938.0000019B012C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1266220
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1266220https://bugzilla.mozilla.org/show_bug.cgi?id=167
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2298014938.0000019B012C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1283601
                  Source: firefox.exe, 0000001D.00000003.2103483332.0000019AFD65E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1539075
                  Source: firefox.exe, 0000001D.00000003.2103483332.0000019AFD65E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1584464
                  Source: firefox.exe, 0000001D.00000003.2103483332.0000019AFD65E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1607439
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1616739
                  Source: firefox.exe, 0000001D.00000003.2296428574.0000019AF3C4F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2297434486.0000019AF3C44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2295193464.0000019AF3CA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2298014938.0000019B012C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2298014938.0000019B012DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1678448
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1678448https://bugzilla.mozilla.org/show_bug.cgi?id=815
                  Source: firefox.exe, 0000001D.00000003.2295193464.0000019AF3C84000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1678942
                  Source: firefox.exe, 0000001D.00000003.2256329498.0000019AEF32F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1694699#c21
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1817617
                  Source: firefox.exe, 0000001D.00000003.2296428574.0000019AF3C4F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2298014938.0000019B012C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=792480
                  Source: firefox.exe, 0000001D.00000003.2295193464.0000019AF3C9B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2295193464.0000019AF3CA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=793869
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=793869All
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=806991
                  Source: firefox.exe, 0000001D.00000003.2296428574.0000019AF3C4F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2295193464.0000019AF3CA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2298014938.0000019B012C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=809550
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=809550http://mozilla.org/#/properties/serpEventTelemetr
                  Source: firefox.exe, 0000001D.00000003.2296428574.0000019AF3C4F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2295193464.0000019AF3C7B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=815437
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2298014938.0000019B012C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=840161
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2295193464.0000019AF3C7B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=951422
                  Source: Pots.exe, 00000005.00000002.1140620294.0000000004C0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1909292706.0000000004D7E000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2039629870.000000000474D000.00000004.00000800.00020000.00000000.sdmp, tmp51ED.tmp.dat.5.dr, tmp7C34.tmp.dat.25.dr, tmp7C04.tmp.dat.25.dr, tmp51AD.tmp.dat.5.dr, tmpABD0.tmp.dat.39.dr, tmpAAF3.tmp.dat.39.drString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
                  Source: Pots.exe, 00000005.00000002.1140620294.0000000004C0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1909292706.0000000004D7E000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2039629870.000000000474D000.00000004.00000800.00020000.00000000.sdmp, tmp51ED.tmp.dat.5.dr, tmp7C34.tmp.dat.25.dr, tmp7C04.tmp.dat.25.dr, tmp51AD.tmp.dat.5.dr, tmpABD0.tmp.dat.39.dr, tmpAAF3.tmp.dat.39.drString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
                  Source: Pots.exe, 00000005.00000002.1140620294.0000000004C0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1909292706.0000000004D7E000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2039629870.000000000474D000.00000004.00000800.00020000.00000000.sdmp, tmp51ED.tmp.dat.5.dr, tmp7C34.tmp.dat.25.dr, tmp7C04.tmp.dat.25.dr, tmp51AD.tmp.dat.5.dr, tmpABD0.tmp.dat.39.dr, tmpAAF3.tmp.dat.39.drString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
                  Source: firefox.exe, 0000001D.00000002.2490050070.0000019AF0E6B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net
                  Source: firefox.exe, 0000001D.00000002.2490050070.0000019AF0E6B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/
                  Source: firefox.exe, 0000001D.00000002.2633608881.0000019AF5A34000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-202
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://content.cdn.mozilla.net
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEEAD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000020.00000002.2378127427.00000268074C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C9EF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2392349832.0000024E82E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.29.drString found in binary or memory: https://contile-images.services.mozilla.com/T23eBL4EHswiSaF6kya2gYsRHvdfADK-NYjs1mVRNGE.3351.jpg
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEEAD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000020.00000002.2378127427.00000268074C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C9EF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2392349832.0000024E82E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.29.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
                  Source: firefox.exe, 0000001D.00000003.2210768904.0000019AFDB76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com
                  Source: firefox.exe, 0000001D.00000003.2210768904.0000019AFDB76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/
                  Source: firefox.exe, 0000001D.00000002.2735284189.0000019AFE330000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/v1/tiles
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://coverage.mozilla.org
                  Source: firefox.exe, 0000001D.00000002.2418184300.0000019AE360B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crash-reports.mozilla.com/submit?id=
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://crash-stats.mozilla.org/report/index/
                  Source: firefox.exe, 0000001D.00000002.2705638465.0000019AFD803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crbug.com/993268
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://dap-02.api.divviup.org
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://datastudio.google.com/embed/reporting/
                  Source: firefox.exe, 0000001D.00000003.2333772914.0000019B021B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullSc
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabPlease
                  Source: firefox.exe, 0000001D.00000003.2333772914.0000019B021B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapture
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureOffscreenCanvas.toBlob()
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureRequest
                  Source: firefox.exe, 0000001D.00000003.2333772914.0000019B021B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureElementReleaseCaptureWarning
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureInstallTrigger.install()
                  Source: firefox.exe, 0000001D.00000003.2333772914.0000019B021B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#EncryptionPreventDefaultFromP
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#Encryptiondocument.requestSto
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinations
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinationsbro
                  Source: firefox.exe, 0000001D.00000002.2731273262.0000019AFDD68000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnored
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingTrying
                  Source: firefox.exe, 0000001D.00000003.2236534325.0000019AF0CC9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIEffectiveTLDServi
                  Source: firefox.exe, 0000001D.00000002.2705638465.0000019AFD803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/ElementCSSInlineStyle/style#setting_styles)
                  Source: firefox.exe, 0000001D.00000002.2705638465.0000019AFD803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/for-await...of
                  Source: firefox.exe, 0000001D.00000002.2705638465.0000019AFD803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecycl
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://developers.google.com/safe-browsing/v4/advisory
                  Source: Pots.exe, Pots.exe, 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://discord.com/api/webhooks/984547613787422811/3KIN00NlG7asLt6_aF-p2Xs_p95OdeiY0o_mcNrHVnkOnCiu
                  Source: firefox.exe, 0000001D.00000002.2497453112.0000019AF1B62000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2263546093.0000019AF0C5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2451543927.0000019AEF7A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/
                  Source: firefox.exe, 0000001D.00000002.2520744889.0000019AF358E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/?t=ffab&q=
                  Source: Pots.exe, 00000005.00000002.1140620294.0000000004C0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1909292706.0000000004D7E000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2039629870.000000000474D000.00000004.00000800.00020000.00000000.sdmp, tmp51ED.tmp.dat.5.dr, tmp7C34.tmp.dat.25.dr, tmp7C04.tmp.dat.25.dr, tmp51AD.tmp.dat.5.dr, tmpABD0.tmp.dat.39.dr, tmpAAF3.tmp.dat.39.drString found in binary or memory: https://duckduckgo.com/ac/?q=
                  Source: Pots.exe, 00000005.00000002.1140620294.0000000004C0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1909292706.0000000004D7E000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2039629870.000000000474D000.00000004.00000800.00020000.00000000.sdmp, tmp51ED.tmp.dat.5.dr, tmp7C34.tmp.dat.25.dr, tmp7C04.tmp.dat.25.dr, tmp51AD.tmp.dat.5.dr, tmpABD0.tmp.dat.39.dr, tmpAAF3.tmp.dat.39.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
                  Source: Pots.exe, 00000005.00000002.1140620294.0000000004C0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1909292706.0000000004D7E000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2039629870.000000000474D000.00000004.00000800.00020000.00000000.sdmp, tmp51ED.tmp.dat.5.dr, tmp7C34.tmp.dat.25.dr, tmp7C04.tmp.dat.25.dr, tmp51AD.tmp.dat.5.dr, tmpABD0.tmp.dat.39.dr, tmpAAF3.tmp.dat.39.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/y
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%s
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%shttps://poczta.interia.pl/mh/?mailto=%shttp://win.mail.ru
                  Source: firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%sz
                  Source: firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%szw
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%s
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%shttps://outlook.live.com/default.aspx?rru=compose&
                  Source: firefox.exe, 0000001D.00000003.2333772914.0000019B021B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/initMouseEvent()
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2173898160.0000019AF56FB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2697808055.0000019AFD603000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C912000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2380872239.0000024E82C13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2306984054.0000019B022C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2117098054.0000019AFE384000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/673d2808-e5d8-41b9-957
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2117098054.0000019AFE384000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/706c7a85-cf23-442e-8a9
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2124057275.0000019AF56CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/74f06853-c80d-4afc-9b2
                  Source: firefox.exe, 0000001D.00000003.2117098054.0000019AFE338000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2117098054.0000019AFE33B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2118851076.0000019AFDDE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/d8e772fe-4909-4f05-9f9
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/f0f51715-7f5e-48de-839
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/networking/dns/trr-skip-reasons.html#
                  Source: firefox.exe, 0000001D.00000002.2548469598.0000019AF40D0000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/performance/scroll-linked_effects.html
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/remote/Security.html
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.allizom.org/v1/buckets/main-preview/collections/search-config/reco
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/records
                  Source: firefox.exe, 0000001D.00000002.2575804371.0000019AF4BF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2702153739.0000019AFD742000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com
                  Source: firefox.exe, 0000001D.00000002.2575804371.0000019AF4BF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main-preview/collections/search-config/reco
                  Source: firefox.exe, 0000001D.00000002.2697808055.0000019AFD603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/records
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/recordshttps
                  Source: firefox.exe, 0000001D.00000002.2575804371.0000019AF4B33000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expe
                  Source: firefox.exe, 0000001D.00000002.2575804371.0000019AF4B61000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?colle
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1Preloaded
                  Source: Pots.exe, 00000005.00000002.1137260907.0000000003D0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003DDF000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.000000000384A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:400
                  Source: firefox.exe, 0000001D.00000002.2467618518.0000019AF0622000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2467618518.0000019AF0603000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2497453112.0000019AF1B21000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.1908315612.0000019AF1B21000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com
                  Source: firefox.exe, 0000001D.00000003.2343381191.0000019AF597B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-pr
                  Source: Pots.exe, 00000005.00000002.1137260907.0000000003CCC000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://freegeoip.app
                  Source: Pots.exe, 00000005.00000002.1141953793.000000000608D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://freegeoip.app/
                  Source: Pots.exe, Pots.exe, 00000005.00000002.1137260907.0000000003B81000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://freegeoip.app/xml/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ftp.mozilla.org/pub/labs/devtools/adb-extension/#OS#/adb-extension-latest-#OS#.xpi
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2173898160.0000019AF56FB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2697808055.0000019AFD603000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C912000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2380872239.0000024E82C13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/
                  Source: firefox.exe, 00000028.00000002.2380872239.0000024E82CC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
                  Source: firefox.exe, 00000028.00000002.2380872239.0000024E82CC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
                  Source: firefox.exe, 00000028.00000002.2380872239.0000024E82C30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=40249-e88c401e1b1f2242d9e4
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtab
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtabL
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtab_maybeInsertSearchShortcuts/tryToInsert
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtab
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtabC
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtabhttps://getpocket.com/explore/te
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtab
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtabA
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtabresource://activity-stream/lib/SearchShor
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtab
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtabE
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtabgetHardcodedLayout/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtab
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtabG
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtabresource://activity-stream/lib/Persist
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab?
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtabA
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtab
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtabN
                  Source: firefox.exe, 00000028.00000002.2380872239.0000024E82CC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
                  Source: firefox.exe, 0000001D.00000002.2697808055.0000019AFD603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabL
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabimprovesearch.topSiteSearchShortcuts.searchEngi
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtab
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtabI
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtabbrowser.newtabpage.activity-stream.feeds.snipp
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB0E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more/
                  Source: firefox.exe, 00000028.00000002.2380872239.0000024E82CC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendations
                  Source: firefox.exe, 0000001D.00000002.2697808055.0000019AFD603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS
                  Source: firefox.exe, 0000001D.00000002.2697808055.0000019AFD603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS7
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationssection.highlights.includeBookmarksimprovesearch.noDefaultSearc
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2697808055.0000019AFD603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=basic
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/cfworker
                  Source: firefox.exe, 0000001D.00000002.2705638465.0000019AFD803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/google/closure-compiler/issues/3177
                  Source: firefox.exe, 0000001D.00000003.2067940986.0000019AFD59B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query-all.ts
                  Source: firefox.exe, 0000001D.00000003.2067940986.0000019AFD59B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query.ts
                  Source: firefox.exe, 0000001D.00000002.2705638465.0000019AFD803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/issues/1266
                  Source: firefox.exe, 0000001D.00000002.2705638465.0000019AFD803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/microsoft/TypeScript/issues/338).
                  Source: firefox.exe, 0000001D.00000002.2672729793.0000019AFB700000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000001D.00000003.1912689461.0000019AF0D05000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.1911270889.0000019AF0B00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots06836808-3da5-4b66-93b7-b66b1a840a96
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla/webcompat-reporter
                  Source: firefox.exe, 0000001D.00000002.2554904923.0000019AF4378000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/blob/master/css-grid-2/MASONRY-EXPLAINER.md
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/issues/4650
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2697808055.0000019AFD603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/zertosh/loose-envify)
                  Source: firefox.exe, 0000001D.00000002.2520744889.0000019AF3503000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
                  Source: firefox.exe, 0000001D.00000003.2103483332.0000019AFD65E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gpuweb.github.io/gpuweb/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gpuweb.github.io/gpuweb//shims/adsafeprotected-ima.js
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gpuweb.github.io/gpuweb//shims/adsafeprotected-ima.jsextension/webcompat
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://helper1.dap.cloudflareresearch.com/v02
                  Source: firefox.exe, 0000001D.00000002.2418184300.0000019AE360B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881submitEx
                  Source: firefox.exe, 0000001D.00000002.2625900760.0000019AF56CD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2672729793.0000019AFB700000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000001D.00000002.2596706703.0000019AF5072000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ib.absa.co.za/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://ideas.mozilla.org/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/oldsync
                  Source: firefox.exe, 0000001D.00000003.2340150859.0000019B013F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/oldsyncS
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2535915918.0000019AF3ABF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/relay
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/
                  Source: firefox.exe, 0000001D.00000003.2340150859.0000019B013F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/H
                  Source: firefox.exe, 0000001D.00000003.2340150859.0000019B013F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/HCX
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetry
                  Source: firefox.exe, 0000001D.00000003.2340150859.0000019B013F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryU
                  Source: firefox.exe, 0000001D.00000003.2340150859.0000019B013F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryUFj
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/X
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/discoverystream.personalization.enabledresource://gre/modules/
                  Source: prefs-1.js.29.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4CLXfQbX4pbW4QbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
                  Source: firefox.exe, 0000001D.00000003.2346404228.0000019AF591B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2632477308.0000019AF59D0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org
                  Source: firefox.exe, 00000028.00000002.2380872239.0000024E82CF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit
                  Source: firefox.exe, 0000001D.00000002.2668391824.0000019AFB233000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/events/1/84403ebd-b4c3-4162-a1c1-3d329
                  Source: firefox.exe, 0000001D.00000003.2336262715.0000019B01FB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/messaging-system/1/cc17ce6f-06b5-463f-
                  Source: firefox.exe, 0000001D.00000003.2336262715.0000019B01FC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/metrics/1/3d6e0341-6f80-4683-81ff-67f2
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/0c8a27cc-250b-406d
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/64b21abf-c0dc-43d2
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submitapiRequest/request.onreadystatechangeremoveCookiesWithO
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submitresource://gre/modules/Region.sys.mjsresource://activit
                  Source: firefox.exe, 0000001D.00000002.2697808055.0000019AFD603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submits
                  Source: firefox.exe, 0000001D.00000002.2705638465.0000019AFD803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://infra.spec.whatwg.org/#ascii-whitespace
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://install.mozilla.org
                  Source: Pots.exe, 00000005.00000002.1137260907.0000000003C2B000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003D82000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.00000000037ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ipbase.com
                  Source: Pots.exe, 00000005.00000002.1137260907.0000000003CF0000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000005.00000002.1137260907.0000000003C2B000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000005.00000002.1137260907.0000000003C27000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003D4F000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003D7E000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003D82000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.0000000003770000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.00000000037ED000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.00000000037A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ipbase.com/xml/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2016493714.0000019B011CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema%2528not%2Bset%2529
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema%2528not%2Bset%25292658a5ec-004c-444b-9d6d-88f31a089af3
                  Source: firefox.exe, 0000001D.00000002.2529548453.0000019AF3703000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema.
                  Source: firefox.exe, 0000001D.00000002.2529548453.0000019AF3703000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema./
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema420bfc2a-258b-4cb0-8433-652ad36cd6c70dbf219f-4e18-464a-9
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schemathis-is-included-for-desktop-pre-95-supportfirefox-deskt
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schemaunavailable:FEATURE_FAILURE_D2D_D3D11_COMPfullPageTransl
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schemaunavailable:FEATURE_FAILURE_D2D_D3D11_COMPhttps://json-s
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema
                  Source: firefox.exe, 0000001D.00000002.2529548453.0000019AF3703000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/
                  Source: firefox.exe, 0000001D.00000002.2529548453.0000019AF3703000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/=
                  Source: firefox.exe, 0000001D.00000002.2705638465.0000019AFD803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/libraries/standalone-templates/#rendering-lit-html-templates
                  Source: firefox.exe, 0000001D.00000002.2705638465.0000019AFD803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/directives/#stylemap
                  Source: firefox.exe, 0000001D.00000002.2705638465.0000019AFD803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/expressions/#child-expressions)
                  Source: firefox.exe, 0000001D.00000002.2549932705.0000019AF4204000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com
                  Source: firefox.exe, 0000001D.00000003.2164170787.0000019AF43F8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
                  Source: firefox.exe, 0000001D.00000003.2193369939.0000019AF3A60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb
                  Source: firefox.exe, 0000001D.00000002.2646747942.0000019AF6811000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2400638658.000000B38D800000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
                  Source: firefox.exe, 0000001D.00000002.2636981415.0000019AF5D8B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2103483332.0000019AFD692000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.commr2022-onboarding-gratitude-image-alt
                  Source: firefox.exe, 0000001D.00000002.2672729793.0000019AFB700000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000001D.00000002.2575804371.0000019AF4B61000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lookerstudio.google.com/embed/reporting/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%s
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%sPdfJs.init
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%smr2022-onboarding-privacy-segmentation-button-seco
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%s
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%shttps://mail.yahoo.co.jp/compose/?To=%shttps://e.mail.ru/cgi-bin/
                  Source: firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%sv
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%s
                  Source: firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%st
                  Source: firefox.exe, 0000001D.00000003.2298491195.0000019AF513F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mathiasbynens.be/
                  Source: firefox.exe, 0000001D.00000003.2298491195.0000019AF513F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mathiasbynens.be/notes/javascript-encoding#surrogate-formulae
                  Source: firefox.exe, 0000001D.00000003.2298491195.0000019AF513F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mathiasbynens.be/notes/javascript-escapes#single
                  Source: firefox.exe, 0000001D.00000002.2418184300.0000019AE36DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000020.00000002.2378127427.0000026807472000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C981000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2380872239.0000024E82C8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
                  Source: firefox.exe, 00000028.00000002.2380872239.0000024E82C8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggestabout
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mitmdetection.services.mozilla.com/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mochitest.youtube.com/
                  Source: firefox.exe, 0000001D.00000003.1908647302.0000019AF1B0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com
                  Source: firefox.exe, 0000001D.00000003.2343381191.0000019AF597B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/about
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/breach-details/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protect
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/breach-stats?includeResolved=true
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/dashboard
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/preferences
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mozilla-hub.atlassian.net/browse/SDK-405
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mozilla-hub.atlassian.net/browse/SDK-405(browserSettings.update.channel
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mozilla-hub.atlassian.net/browse/SDK-405When
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mozilla-hub.atlassian.net/browse/SDK-405moz-extension://06836808-3da5-4b66-93b7-b66b1a840a96
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla-ohttp-fakespot.fastly-edge.com/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org0/
                  Source: firefox.exe, 0000001D.00000003.2298491195.0000019AF513F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mths.be/jsesc
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mzl.la/3NS9KJd
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://oauth.accounts.firefox.com/v1
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ok.ru/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%s
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_r
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://play.hbomax.com/page/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://play.hbomax.com/player/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%spdfjs.previousHandler.preferredActionpdfjs.previousHandler.al
                  Source: firefox.exe, 0000001D.00000003.2244139012.0000019AFCFA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%sx
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://probeinfo.telemetry.mozilla.org/glean/repositories.
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://prod.ohttp-gateway.prod.webservices.mozgcp.net/ohttp-configs
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profile.accounts.firefox.com/v1
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com
                  Source: firefox.exe, 0000001D.00000002.2497453112.0000019AF1B6C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://profiler.firefox.comNo
                  Source: firefox.exe, 0000001D.00000002.2554904923.0000019AF4378000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2451543927.0000019AEF78D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com
                  Source: firefox.exe, 0000001D.00000002.2520744889.0000019AF3503000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redux.js.org/api-reference/store#subscribe(listener)
                  Source: firefox.exe, 0000001D.00000002.2646747942.0000019AF6898000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/accounts/profile/?utm_medium=firefox-desktop&utm_source=modal&utm_campaign
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/api/v1/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/diagnostic?site=
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%
                  Source: firefox.exe, 0000001D.00000002.2646747942.0000019AF6898000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2151122551.0000019AF689B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2099558128.0000019AF6897000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2105024973.0000019AF689D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=118.0&pver=2.2&
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&p
                  Source: firefox.exe, 0000001D.00000003.2173839422.0000019AF5A34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2219366950.0000019AF5A34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2100710674.0000019AF5A34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2173407768.0000019AF5A34000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2633608881.0000019AF5A34000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBR
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=AIzaSyC7jsptDS
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSIN
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGL
                  Source: firefox.exe, 0000001D.00000002.2646747942.0000019AF6898000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2151122551.0000019AF6898000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2099558128.0000019AF6897000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2105024973.0000019AF6898000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2214796218.0000019AF6898000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2119708043.0000019AF6898000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=AIzaSy
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%
                  Source: firefox.exe, 0000001D.00000003.1908647302.0000019AF1B0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/experimental-features-media-jxl
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/sendDiscoveryStreamImpressions/
                  Source: firefox.exe, 0000001D.00000002.2451543927.0000019AEF7A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.comP
                  Source: firefox.exe, 0000001D.00000003.2236534325.0000019AF0CC9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/abuse/report/addon/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2167855816.0000019AFDA63000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addonUnable
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversi
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%
                  Source: firefox.exe, 0000001D.00000002.2490050070.0000019AF0E6B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com
                  Source: firefox.exe, 0000001D.00000002.2490050070.0000019AF0E6B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
                  Source: firefox.exe, 0000001D.00000003.2100710674.0000019AF5A34000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
                  Source: firefox.exe, 0000001D.00000002.2633608881.0000019AF5A34000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=118.0&pver=2.2
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
                  Source: firefox.exe, 0000001D.00000003.2100710674.0000019AF5A34000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=navclient-auto-ffox&appver=118.0&pver=2.2
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=navclient-auto-ffox&appver=118.0&pver=2.2Add-ons
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2032574390.0000019AF43E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/facebook.svg
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/facebook.svgchrome://global/skin/icons/pocket-favicon.ico
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2032574390.0000019AF43E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/play.svg
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/play.svgFX_URLBAR_MERINO_LATENCY_WEATHER_MS
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://snippets.cdn.mozilla.net/%STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%L
                  Source: firefox.exe, 0000001D.00000003.2210768904.0000019AFDB76000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2134828351.0000019AFD3C0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2687235578.0000019AFD3BB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2168978466.0000019AFD3C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com
                  Source: firefox.exe, 0000001D.00000002.2735284189.0000019AFE330000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C912000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2380872239.0000024E82C13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/Routed
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/jar:file:///C:/Program%20Files/Mozilla%20Firefox/browser/features/pictur
                  Source: firefox.exe, 0000001D.00000003.2007227077.0000019AFE393000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#l
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs:
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocsbrowser.newtabpage.activity-stream.impressionIddiscoverystream.endp
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2636981415.0000019AF5D54000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2697808055.0000019AFD603000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C9C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2380872239.0000024E82CF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/userActivityStream:PreloadedBrowser
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/userActivityStream:PreloadedBrowserDISCOVERY_STREAM_CONFIG_CHANGEDISCOVE
                  Source: firefox.exe, 00000028.00000002.2380872239.0000024E82CF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/userp
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/usertracking-protection-icon-container
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2702153739.0000019AFD725000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2549932705.0000019AF42C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js#onFormHistoryAutoCompleteSearchAsync/formHistoryEn
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-jsreportDeliveryError:
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2032574390.0000019AF43E3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2549932705.0000019AF42C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixel
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixelremoveListenerPendingRetry:
                  Source: Pots.exeString found in binary or memory: https://steamcommunity.com/profiles/
                  Source: Pots.exe, 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmpString found in binary or memory: https://steamcommunity.com/profiles/ASOFTWARE
                  Source: tmp519C.tmp.tmpdb.5.drString found in binary or memory: https://support.mozilla.org
                  Source: firefox.exe, 0000001D.00000003.2343381191.0000019AF597B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cryptominers-report
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/firefox-relay-integration
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/search-engine-removal
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tab
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2132125107.0000019B01394000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/switching-devices?utm_source=panel-def
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/switching-devices?utm_source=spotlight
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-report
                  Source: firefox.exe, 0000001D.00000002.2583114296.0000019AF4D55000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2636981415.0000019AF5D13000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2490050070.0000019AF0E6B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/
                  Source: firefox.exe, 0000001D.00000002.2687235578.0000019AFD3BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/firefox-relay-integration
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2243412839.0000019AFD7C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/captive-portal
                  Source: tmp519C.tmp.tmpdb.5.drString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/firefox-crashes-troubleshoot-prevent-and-get-helpchrome://browser/con
                  Source: firefox.exe, 0000001D.00000002.2731273262.0000019AFDD68000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaPlatformDecoderNotFound
                  Source: firefox.exe, 0000001D.00000002.2731273262.0000019AFDD68000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaWMFNeeded
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsThe
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsUse
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2650519505.0000019AF6903000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings
                  Source: firefox.exe, 0000001D.00000003.2026761447.0000019AFB25A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settingsresource://devtools/client/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/update-firefox-latest-release
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/update-firefox-latest-releasegetAPI/register/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causes
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causesInternalTestingProfileMigra
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/website-translation
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/website-translationchrome://browser/locale/downloads/downloads.proper
                  Source: firefox.exe, 0000001D.00000002.2575804371.0000019AF4B25000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2575804371.0000019AF4B12000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefox
                  Source: tmp519C.tmp.tmpdb.5.drString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.oGUCFCdKfd-E
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.orghttps://screenshots.firefox.comupgradeTabsProgressListeneraccount-connect
                  Source: firefox.exe, 0000001D.00000002.2705638465.0000019AFD803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tc39.github.io/ecma262/#sec-typeof-operator
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://token.services.mozilla.com/1.0/sync/1.5
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000001D.00000003.2333772914.0000019B021AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-2
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000001D.00000003.2333772914.0000019B021B5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2333772914.0000019B021AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-3.1
                  Source: firefox.exe, 0000001D.00000003.2333772914.0000019B021AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-4
                  Source: firefox.exe, 0000001D.00000003.2333772914.0000019B021B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc7515#appendix-C)
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://topsites.services.mozilla.com/cid/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://tracking-protection-issues.herokuapp.com/new
                  Source: firefox.exe, 0000001D.00000003.1908647302.0000019AF1B0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://truecolors.firefox.com
                  Source: firefox.exe, 0000001D.00000003.2343381191.0000019AF597B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://truecolors.firefox.com/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://truecolors.firefox.comhttps://addons.mozilla.orghttps://monitor.firefox.comtestPermissionFro
                  Source: firefox.exe, 0000001D.00000003.2193369939.0000019AF3A60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2731273262.0000019AFDD47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://vk.com/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-%CHANNEL%-browser&utm_campaig
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-pr
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://watch.sling.com/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webcompat.com/issues/new
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://webextensions.settings.services.mozilla.com/v1
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2697808055.0000019AFD603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://webpack.js.org/concepts/mode/)
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://weibo.com/
                  Source: firefox.exe, 0000001D.00000002.2705638465.0000019AFD803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://wicg.github.io/construct-stylesheets/#using-constructed-stylesheets).
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.aliexpress.com/
                  Source: firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2014589381.0000019B012AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2016493714.0000019B011CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.ca/
                  Source: firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.co.uk/
                  Source: firefox.exe, 0000001D.00000003.2193369939.0000019AF3A60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2731273262.0000019AFDD47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEEAD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000020.00000002.2378127427.00000268074C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C9EF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2392349832.0000024E82E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.29.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_39e4b8f6fd6635158ad433436bdaa069841cfdf8e1989e03
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2578892081.0000019AF4C58000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
                  Source: firefox.exe, 0000001D.00000002.2451543927.0000019AEF7F3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2497453112.0000019AF1B46000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/?field-keywords=&ie=UTF-8&mode=blended&tag=mozill
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/resource://activity-stream/lib/PanelTestProvider.
                  Source: firefox.exe, 0000001D.00000003.2014217613.0000019B012C1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2016493714.0000019B011CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.de/
                  Source: firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2016493714.0000019B011CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.fr/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.avito.ru/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2731273262.0000019AFDD47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/
                  Source: firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2014448009.0000019B012B1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.bbc.co.uk/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2731273262.0000019AFDD47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ctrip.com/
                  Source: firefox.exe, 0000001D.00000003.2351959650.0000019AF3183000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.digicert.com/CPS0
                  Source: firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2731273262.0000019AFDD47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.co.uk/
                  Source: firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2016493714.0000019B011CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.de/
                  Source: Pots.exe, 00000005.00000002.1140620294.0000000004C0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1909292706.0000000004D7E000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2039629870.000000000474D000.00000004.00000800.00020000.00000000.sdmp, tmp51ED.tmp.dat.5.dr, tmp7C34.tmp.dat.25.dr, tmp7C04.tmp.dat.25.dr, tmp51AD.tmp.dat.5.dr, tmpABD0.tmp.dat.39.dr, tmpAAF3.tmp.dat.39.drString found in binary or memory: https://www.ecosia.org/newtab/
                  Source: firefox.exe, 0000001D.00000003.2095250746.0000019B013AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2731273262.0000019AFDD47000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
                  Source: firefox.exe, 0000001D.00000003.2010018158.0000019AF673F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/
                  Source: firefox.exe, 0000001D.00000003.2132125107.0000019B01390000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
                  Source: Pots.exe, 00000005.00000002.1140620294.0000000004C0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1909292706.0000000004D7E000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2039629870.000000000474D000.00000004.00000800.00020000.00000000.sdmp, tmp51ED.tmp.dat.5.dr, tmp7C34.tmp.dat.25.dr, tmp7C04.tmp.dat.25.dr, tmp51AD.tmp.dat.5.dr, tmpABD0.tmp.dat.39.dr, tmpAAF3.tmp.dat.39.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/policies/privacy/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/policies/privacy/mozIGeckoMediaPluginChromeService
                  Source: firefox.exe, 0000001D.00000003.2164170787.0000019AF43E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
                  Source: firefox.exe, 0000001D.00000002.2697808055.0000019AFD603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=Failed
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=Microsoft
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=device-migration-existing-users-sumo-switch-devic
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=firefox-desktop-glean-release-no_targeting-rollou
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=firefox-desktop-upgradeDialog-no_targeting-rollou
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=firefox-desktop-urlbar-nightly-no_targeting-rollo
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=http://mozilla.org/#/additionalProperties
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=http://mozilla.org/#/additionalPropertieshttp://m
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=http://mozilla.org/#/properties/csvImport
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=https://www.google.com/search?client=firefox-b-d&
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=mr2022-background-update-toast-primary-button-lab
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=nuo-extensions-migration-in-embedded-import-wizar
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=resource://services-settings/remote-settings.sys.
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.hulu.com/watch/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ifeng.com/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.instagram.com/
                  Source: firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.iqiyi.com/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.iqiyi.com/getCanStageUpdates
                  Source: firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2014448009.0000019B012B1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.leboncoin.fr/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2451543927.0000019AEF738000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mobilesuica.com/
                  Source: tmp519C.tmp.tmpdb.5.drString found in binary or memory: https://www.mozilla.org
                  Source: firefox.exe, 0000001D.00000003.2343381191.0000019AF597B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2124057275.0000019AF56E3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2131115543.0000019B013B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/about/legal/terms/subscription-services/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source=firefox-browser&utm_medi
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/tour/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/geolocation/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/new?reason=manual-update
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/notes
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/set-as-default/thanks/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/xr/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/privacy/subscription-services/
                  Source: firefox.exe, 0000001D.00000002.2575804371.0000019AF4B25000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2575804371.0000019AF4B12000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/
                  Source: tmp519C.tmp.tmpdb.5.drString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.c0yfKF26qNRb
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2117098054.0000019AFE384000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/How
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/Microsurvey
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/Next
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/http://mozilla.org/#/properties/boolean
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/https://www.mozilla.org/about/legal/terms/mozilla/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/mr2022-background-update-toast-primary-button-labe
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/mr2022-backgroundtaskmessage-notification-release-
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2145780093.0000019AFDBCE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/anything/?
                  Source: firefox.exe, 0000001D.00000002.2575804371.0000019AF4B25000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2575804371.0000019AF4B12000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/
                  Source: tmp519C.tmp.tmpdb.5.drString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.w0HgyL2ZPBj2
                  Source: firefox.exe, 0000001D.00000002.2687235578.0000019AFD3BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/about/legal/terms/subscription-services/
                  Source: firefox.exe, 0000001D.00000002.2467618518.0000019AF0665000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2668391824.0000019AFB233000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2721497917.0000019AFDB9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/
                  Source: Pots.exe, 00000005.00000002.1140620294.0000000004C2D000.00000004.00000800.00020000.00000000.sdmp, tmpAAF2.tmp.tmpdb.39.dr, tmp7C03.tmp.tmpdb.25.dr, tmp519C.tmp.tmpdb.5.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/gro.allizom.www.d
                  Source: firefox.exe, 0000001D.00000002.2687235578.0000019AFD3DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/subscription-services/
                  Source: firefox.exe, 0000001D.00000003.2340150859.0000019B013AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/
                  Source: tmp519C.tmp.tmpdb.5.drString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/android/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/ios/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campa
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2124057275.0000019AF56CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2145780093.0000019AFDBCE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-mod
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/new/
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#health-report
                  Source: firefox.exe, 00000020.00000002.2378127427.00000268074C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C9C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2380872239.0000024E82CF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-content
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-contentP
                  Source: firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
                  Source: firefox.exe, 0000001D.00000003.2146586271.0000019AFDB32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/V
                  Source: firefox.exe, 00000028.00000002.2380872239.0000024E82CF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/X
                  Source: Pots.exe, 00000005.00000002.1140620294.0000000004C2D000.00000004.00000800.00020000.00000000.sdmp, tmpAAF2.tmp.tmpdb.39.dr, tmp7C03.tmp.tmpdb.25.dr, tmp519C.tmp.tmpdb.5.drString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/isBelowFrequencyCap/flightCapExceeded
                  Source: firefox.exe, 0000001D.00000002.2385669448.000000707D2FC000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.orgo
                  Source: firefox.exe, 0000001D.00000002.2646747942.0000019AF6811000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2400638658.000000B38D800000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com
                  Source: firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2014589381.0000019B012AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2016493714.0000019B011CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.olx.pl/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.openh264.org/
                  Source: firefox.exe, 0000001D.00000003.2193369939.0000019AF3A60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/
                  Source: firefox.exe, 0000001D.00000002.2583114296.0000019AF4D55000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.sling.com/
                  Source: firefox.exe, 0000001D.00000002.2434431685.0000019AEEEAD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000020.00000002.2378127427.00000268074C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C9EF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2392349832.0000024E82E03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.29.drString found in binary or memory: https://www.t-mobile.com/cell-phones/brand/apple?cmpid=MGPO_PAM_P_EVGRNIPHN_
                  Source: firefox.exe, 0000001D.00000002.2672729793.0000019AFB700000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000001D.00000002.2575804371.0000019AF4BF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tiktok.com/
                  Source: firefox.exe, 0000001D.00000002.2400638658.000000B38D800000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tsn.ca
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.widevine.com/
                  Source: firefox.exe, 0000001D.00000003.2014217613.0000019B012C1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2016493714.0000019B011CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.wykop.pl/
                  Source: firefox.exe, 0000001D.00000003.2193369939.0000019AF3A60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2731273262.0000019AFDD47000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C903000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2380872239.0000024E82C0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
                  Source: firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.zhihu.com/
                  Source: firefox.exe, 0000001D.00000002.2731273262.0000019AFDD68000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warning
                  Source: firefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warningThe
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49681 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49688 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49683 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
                  Source: unknownHTTPS traffic detected: 104.21.73.97:443 -> 192.168.2.16:49700 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.85.189:443 -> 192.168.2.16:49701 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49704 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.16:49706 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 23.51.58.94:443 -> 192.168.2.16:49707 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49708 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49709 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 40.126.24.84:443 -> 192.168.2.16:49710 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 23.1.33.206:443 -> 192.168.2.16:49711 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 51.104.15.253:443 -> 192.168.2.16:49713 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.16:49726 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 13.107.42.254:443 -> 192.168.2.16:49731 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 152.199.24.163:443 -> 192.168.2.16:49734 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.73.97:443 -> 192.168.2.16:49740 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.85.189:443 -> 192.168.2.16:49741 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.73.97:443 -> 192.168.2.16:49762 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.85.189:443 -> 192.168.2.16:49763 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49767 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49771 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49774 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49780 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49782 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49785 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49784 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49786 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49788 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49789 version: TLS 1.2

                  System Summary

                  barindex
                  Malicious sample detected (through community Yara rule)
                  Source: 5.2.Pots.exe.dd0000.0.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Discord tokens regular expressions Author: ditekSHen
                  Source: 5.2.Pots.exe.dd0000.0.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing many VPN software clients. Observed in infosteslers Author: ditekSHen
                  Source: 5.2.Pots.exe.dd0000.0.unpack, type: UNPACKEDPEMatched rule: Detects A310Logger Author: ditekSHen
                  Source: 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmp, type: MEMORYMatched rule: Detects executables referencing Discord tokens regular expressions Author: ditekSHen
                  Source: 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects executables referencing Discord tokens regular expressions Author: ditekSHen
                  Source: 00000005.00000002.1137260907.0000000003C0F000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects executables referencing Discord tokens regular expressions Author: ditekSHen
                  Source: 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects executables referencing Discord tokens regular expressions Author: ditekSHen
                  Source: Process Memory Space: Pots.exe PID: 6220, type: MEMORYSTRMatched rule: Detects executables referencing Discord tokens regular expressions Author: ditekSHen
                  Source: Process Memory Space: Pots.exe PID: 5916, type: MEMORYSTRMatched rule: Detects executables referencing Discord tokens regular expressions Author: ditekSHen
                  Source: Process Memory Space: Pots.exe PID: 4364, type: MEMORYSTRMatched rule: Detects executables referencing Discord tokens regular expressions Author: ditekSHen
                  PE file has nameless sections
                  Source: Pots.exe.4.drStatic PE information: section name:
                  Source: Pots.exe.4.drStatic PE information: section name:
                  Source: Pots.exe.4.drStatic PE information: section name:
                  Source: Pots.exe.4.drStatic PE information: section name:
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 33_2_000002549D416CF7 NtQuerySystemInformation,33_2_000002549D416CF7
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 33_2_000002549D536672 NtQuerySystemInformation,33_2_000002549D536672
                  Source: C:\Pots.exeCode function: 5_2_02D1EB575_2_02D1EB57
                  Source: C:\Pots.exeCode function: 5_2_02D1EB685_2_02D1EB68
                  Source: C:\Pots.exeCode function: 5_2_0659D2905_2_0659D290
                  Source: C:\Pots.exeCode function: 5_2_0659DB605_2_0659DB60
                  Source: C:\Pots.exeCode function: 5_2_065957F85_2_065957F8
                  Source: C:\Pots.exeCode function: 5_2_065957E75_2_065957E7
                  Source: C:\Pots.exeCode function: 5_2_0659CF485_2_0659CF48
                  Source: C:\Pots.exeCode function: 5_2_065988805_2_06598880
                  Source: C:\Pots.exeCode function: 5_2_065988905_2_06598890
                  Source: C:\Pots.exeCode function: 25_2_034FEB5F25_2_034FEB5F
                  Source: C:\Pots.exeCode function: 25_2_034FEB7025_2_034FEB70
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 33_2_000002549D416CF733_2_000002549D416CF7
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 33_2_000002549D53667233_2_000002549D536672
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 33_2_000002549D5366B233_2_000002549D5366B2
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 33_2_000002549D536D9C33_2_000002549D536D9C
                  Source: C:\Pots.exeCode function: 39_2_02EEEF4839_2_02EEEF48
                  Source: C:\Pots.exeCode function: 39_2_02EEEF3739_2_02EEEF37
                  Source: C:\Pots.exeCode function: 39_2_05F4CFC839_2_05F4CFC8
                  Source: C:\Pots.exeCode function: 39_2_05F4D89839_2_05F4D898
                  Source: C:\Pots.exeCode function: 39_2_05F457F839_2_05F457F8
                  Source: C:\Pots.exeCode function: 39_2_05F457E739_2_05F457E7
                  Source: C:\Pots.exeCode function: 39_2_05F457BF39_2_05F457BF
                  Source: C:\Pots.exeCode function: 39_2_05F4CC8039_2_05F4CC80
                  Source: C:\Pots.exeCode function: 39_2_0602128839_2_06021288
                  Source: C:\Pots.exeCode function: 39_2_05F489D039_2_05F489D0
                  Source: C:\Pots.exeCode function: 39_2_05F489C039_2_05F489C0
                  Source: C:\Pots.exeCode function: String function: 00E20264 appears 57 times
                  Source: Pots.exe, 00000005.00000002.1135117512.000000000133E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameclr.dllT vs Pots.exe
                  Source: Pots.exe, 00000005.00000000.1106974939.0000000000E1A000.00000080.00000001.01000000.0000000A.sdmpBinary or memory string: OriginalFilenameInsidious.exe6 vs Pots.exe
                  Source: Pots.exe, 00000019.00000002.1888331013.0000000001270000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameclr.dllT vs Pots.exe
                  Source: Pots.exe.4.drBinary or memory string: OriginalFilenameInsidious.exe6 vs Pots.exe
                  Source: Pots.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                  Source: 5.2.Pots.exe.dd0000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_Discord_Regex author = ditekSHen, description = Detects executables referencing Discord tokens regular expressions
                  Source: 5.2.Pots.exe.dd0000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_References_VPN author = ditekSHen, description = Detects executables referencing many VPN software clients. Observed in infosteslers
                  Source: 5.2.Pots.exe.dd0000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_A310Logger author = ditekSHen, description = Detects A310Logger, snort_sid = 920204-920207
                  Source: 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmp, type: MEMORYMatched rule: INDICATOR_SUSPICIOUS_EXE_Discord_Regex author = ditekSHen, description = Detects executables referencing Discord tokens regular expressions
                  Source: 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: INDICATOR_SUSPICIOUS_EXE_Discord_Regex author = ditekSHen, description = Detects executables referencing Discord tokens regular expressions
                  Source: 00000005.00000002.1137260907.0000000003C0F000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: INDICATOR_SUSPICIOUS_EXE_Discord_Regex author = ditekSHen, description = Detects executables referencing Discord tokens regular expressions
                  Source: 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: INDICATOR_SUSPICIOUS_EXE_Discord_Regex author = ditekSHen, description = Detects executables referencing Discord tokens regular expressions
                  Source: Process Memory Space: Pots.exe PID: 6220, type: MEMORYSTRMatched rule: INDICATOR_SUSPICIOUS_EXE_Discord_Regex author = ditekSHen, description = Detects executables referencing Discord tokens regular expressions
                  Source: Process Memory Space: Pots.exe PID: 5916, type: MEMORYSTRMatched rule: INDICATOR_SUSPICIOUS_EXE_Discord_Regex author = ditekSHen, description = Detects executables referencing Discord tokens regular expressions
                  Source: Process Memory Space: Pots.exe PID: 4364, type: MEMORYSTRMatched rule: INDICATOR_SUSPICIOUS_EXE_Discord_Regex author = ditekSHen, description = Detects executables referencing Discord tokens regular expressions
                  Source: Pots.exe.4.drStatic PE information: Section: ZLIB complexity 0.9987300308295964
                  Source: Pots.exe.4.drStatic PE information: Section: xyilaaaa ZLIB complexity 0.9961238145959318
                  Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@60/54@46/12
                  Source: C:\Pots.exeFile created: C:\Users\user\AppData\Roaming\44Jump to behavior
                  Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5724:120:WilError_03
                  Source: C:\Pots.exeMutant created: NULL
                  Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:772:120:WilError_03
                  Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7160:120:WilError_03
                  Source: C:\Pots.exeFile created: C:\Users\user\AppData\Local\Temp\tmp519C.tmpJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\1.bat" "
                  Source: Pots.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                  Source: C:\Pots.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                  Source: C:\Pots.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                  Source: C:\Pots.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                  Source: C:\Pots.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
                  Source: C:\Pots.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
                  Source: C:\Pots.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT ProcessorId FROM Win32_Processor
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_Processor
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT ProcessorId FROM Win32_Processor
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_Processor
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT ProcessorId FROM Win32_Processor
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_Processor
                  Source: C:\Users\user\Desktop\Pots.exeFile read: C:\Windows\win.iniJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                  Source: firefox.exe, 0000001D.00000003.2342381659.0000019B00DF2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2668391824.0000019AFB233000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE timestamp BETWEEN date(:dateFrom) AND date(:dateTo);
                  Source: firefox.exe, 0000001D.00000003.2342381659.0000019B00DF2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE events (id INTEGER PRIMARY KEY, type INTEGER NOT NULL, count INTEGER NOT NULL, timestamp DATE );
                  Source: firefox.exe, 0000001D.00000003.2342381659.0000019B00DF2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: INSERT INTO events (type, count, timestamp) VALUES (:type, 1, date(:date));
                  Source: firefox.exe, 0000001D.00000003.2342381659.0000019B00DF2000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2346404228.0000019AF591B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;
                  Source: firefox.exe, 0000001D.00000003.2342381659.0000019B00DF2000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;Fy6
                  Source: firefox.exe, 0000001D.00000003.2342381659.0000019B00DF2000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: UPDATE events SET count = count + 1 WHERE id = :id;-
                  Source: firefox.exe, 0000001D.00000003.2342381659.0000019B00DF2000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9'
                  Source: firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: UPDATE events SET count = count + 1 WHERE id = :id;
                  Source: Pots.exe, 00000005.00000002.1137260907.0000000003BC1000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.00000000037DD000.00000004.00000800.00020000.00000000.sdmp, tmp51CD.tmp.dat.5.dr, tmpACED.tmp.dat.39.dr, tmpAB90.tmp.dat.39.dr, tmp7C24.tmp.dat.25.dr, tmp7C86.tmp.dat.25.dr, tmp524F.tmp.dat.5.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
                  Source: firefox.exe, 0000001D.00000003.2342381659.0000019B00DF2000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9
                  Source: firefox.exe, 0000001D.00000003.2342381659.0000019B00DF2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE type = :type AND timestamp = date(:date);
                  Source: Pots.exeReversingLabs: Detection: 51%
                  Source: C:\Users\user\Desktop\Pots.exeFile read: C:\Users\user\Desktop\Pots.exeJump to behavior
                  Source: unknownProcess created: C:\Users\user\Desktop\Pots.exe "C:\Users\user\Desktop\Pots.exe"
                  Source: C:\Users\user\Desktop\Pots.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\1.bat" "
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Pots.sfx.exe Pots.sfx.exe -psoup
                  Source: C:\Pots.sfx.exeProcess created: C:\Pots.exe "C:\Pots.exe"
                  Source: unknownProcess created: C:\Windows\System32\cmd.exe "C:\Windows\system32\cmd.exe"
                  Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                  Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\Desktop\Pots.exe Pots.exe
                  Source: C:\Users\user\Desktop\Pots.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\1.bat" "
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Pots.sfx.exe Pots.sfx.exe -psoup
                  Source: C:\Pots.sfx.exeProcess created: C:\Pots.exe "C:\Pots.exe"
                  Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe"
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe"
                  Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe"
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=2040,i,13818589017256215698,7154636471742803029,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2232 -prefMapHandle 2216 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {96c4117f-89fb-4aea-9388-b6b8fbaf62f1} 3224 "\\.\pipe\gecko-crash-server-pipe.3224" 19ae366e310 socket
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3520 -parentBuildID 20230927232528 -prefsHandle 4064 -prefMapHandle 4060 -prefsLen 25481 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f82e27d-20e4-4201-be06-6f8ad14acd0a} 3224 "\\.\pipe\gecko-crash-server-pipe.3224" 19af561ce10 rdd
                  Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\Desktop\Pots.exe Pots.exe
                  Source: C:\Users\user\Desktop\Pots.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\1.bat" "
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Pots.sfx.exe Pots.sfx.exe -psoup
                  Source: C:\Pots.sfx.exeProcess created: C:\Pots.exe "C:\Pots.exe"
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5468 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1528 -prefMapHandle 5440 -prefsLen 33331 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3508e13-7332-41e1-9a43-bee54dfd6a83} 3224 "\\.\pipe\gecko-crash-server-pipe.3224" 19b01fb2310 utility
                  Source: C:\Users\user\Desktop\Pots.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\1.bat" "Jump to behavior
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Pots.sfx.exe Pots.sfx.exe -psoupJump to behavior
                  Source: C:\Pots.sfx.exeProcess created: C:\Pots.exe "C:\Pots.exe" Jump to behavior
                  Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\Desktop\Pots.exe Pots.exeJump to behavior
                  Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\Desktop\Pots.exe Pots.exeJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\1.bat" "Jump to behavior
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Pots.sfx.exe Pots.sfx.exe -psoup
                  Source: C:\Pots.sfx.exeProcess created: C:\Pots.exe "C:\Pots.exe" Jump to behavior
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe"
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2232 -prefMapHandle 2216 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {96c4117f-89fb-4aea-9388-b6b8fbaf62f1} 3224 "\\.\pipe\gecko-crash-server-pipe.3224" 19ae366e310 socket
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3520 -parentBuildID 20230927232528 -prefsHandle 4064 -prefMapHandle 4060 -prefsLen 25481 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f82e27d-20e4-4201-be06-6f8ad14acd0a} 3224 "\\.\pipe\gecko-crash-server-pipe.3224" 19af561ce10 rdd
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5468 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1528 -prefMapHandle 5440 -prefsLen 33331 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3508e13-7332-41e1-9a43-bee54dfd6a83} 3224 "\\.\pipe\gecko-crash-server-pipe.3224" 19b01fb2310 utility
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=2040,i,13818589017256215698,7154636471742803029,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                  Source: C:\Users\user\Desktop\Pots.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\1.bat" "
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Pots.sfx.exe Pots.sfx.exe -psoup
                  Source: C:\Pots.sfx.exeProcess created: C:\Pots.exe "C:\Pots.exe"
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-louserzation-l1-2-1.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: version.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: dxgidebug.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: sfc_os.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: dwmapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: riched20.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: usp10.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: msls31.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: windowscodecs.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: textshaping.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: textinputframework.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: coreuicomponents.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: coremessaging.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: ntmarta.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: propsys.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: edputil.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: urlmon.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: iertutil.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: srvcli.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: netutils.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: appresolver.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: bcp47langs.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: slc.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: sppc.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: pcacli.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: mpr.dllJump to behavior
                  Source: C:\Windows\SysWOW64\cmd.exeSection loaded: cmdext.dllJump to behavior
                  Source: C:\Windows\SysWOW64\cmd.exeSection loaded: apphelp.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-louserzation-l1-2-1.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: version.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: dxgidebug.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: sfc_os.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: dwmapi.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: riched20.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: usp10.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: msls31.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: dpapi.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: windowscodecs.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: textshaping.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: textinputframework.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: coreuicomponents.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: coremessaging.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: ntmarta.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: coremessaging.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: propsys.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: edputil.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: urlmon.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: iertutil.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: srvcli.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: netutils.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: appresolver.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: bcp47langs.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: slc.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: sppc.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: apphelp.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: pcacli.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: mpr.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: msasn1.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: apphelp.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: version.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: mscoree.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: shfolder.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: cryptsp.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: ntmarta.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: rasapi32.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: rasman.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: rtutils.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: mswsock.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: iphlpapi.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: dhcpcsvc6.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: dhcpcsvc.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: dnsapi.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: winnsi.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: rasadhlp.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: fwpuclnt.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: secur32.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: schannel.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: mskeyprotect.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: ntasn1.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: ncrypt.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: ncryptsslp.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: msasn1.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: gpapi.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: windowscodecs.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: wbemcomn.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: amsi.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Windows\System32\cmd.exeSection loaded: winbrand.dllJump to behavior
                  Source: C:\Windows\System32\cmd.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-louserzation-l1-2-1.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: version.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: dxgidebug.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: sfc_os.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: dwmapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: riched20.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: usp10.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: msls31.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: windowscodecs.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: textshaping.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: textinputframework.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: coreuicomponents.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: coremessaging.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: ntmarta.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: coremessaging.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: propsys.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: edputil.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: urlmon.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: iertutil.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: srvcli.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: netutils.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: appresolver.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: bcp47langs.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: slc.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: sppc.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: pcacli.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: mpr.dllJump to behavior
                  Source: C:\Windows\SysWOW64\cmd.exeSection loaded: cmdext.dll
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-louserzation-l1-2-1.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: version.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: dxgidebug.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: sfc_os.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: dwmapi.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: riched20.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: usp10.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: msls31.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: dpapi.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: windowscodecs.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: textshaping.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: textinputframework.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: coreuicomponents.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: coremessaging.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: ntmarta.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: coremessaging.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: propsys.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: edputil.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: urlmon.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: iertutil.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: srvcli.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: netutils.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: appresolver.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: bcp47langs.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: slc.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: sppc.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: pcacli.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: mpr.dllJump to behavior
                  Source: C:\Pots.sfx.exeSection loaded: msasn1.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: version.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: mscoree.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: shfolder.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: cryptsp.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: ntmarta.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: rasapi32.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: rasman.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: rtutils.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: mswsock.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: iphlpapi.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: dhcpcsvc6.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: dhcpcsvc.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: dnsapi.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: winnsi.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: rasadhlp.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: fwpuclnt.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: secur32.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: schannel.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: mskeyprotect.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: ntasn1.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: ncrypt.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: ncryptsslp.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: msasn1.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: gpapi.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: windowscodecs.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: wbemcomn.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: amsi.dllJump to behavior
                  Source: C:\Pots.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: <pi-ms-win-core-louserzation-l1-2-1.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: version.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: dxgidebug.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: sfc_os.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: sspicli.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: rsaenh.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: uxtheme.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: dwmapi.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: cryptbase.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: riched20.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: usp10.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: msls31.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: kernel.appcore.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: windowscodecs.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: textshaping.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: textinputframework.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: coreuicomponents.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: coremessaging.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: ntmarta.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: coremessaging.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: wintypes.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: wintypes.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: wintypes.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: windows.storage.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: wldp.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: propsys.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: profapi.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: edputil.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: urlmon.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: iertutil.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: srvcli.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: netutils.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: windows.staterepositoryps.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: appresolver.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: bcp47langs.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: slc.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: userenv.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: sppc.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: onecorecommonproxystub.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: onecoreuapcommonproxystub.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: pcacli.dll
                  Source: C:\Users\user\Desktop\Pots.exeSection loaded: mpr.dll
                  Source: C:\Windows\SysWOW64\cmd.exeSection loaded: cmdext.dll
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dll
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dll
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-synch-l1-2-0.dll
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-fibers-l1-1-1.dll
                  Source: C:\Pots.sfx.exeSection loaded: <pi-ms-win-core-louserzation-l1-2-1.dll
                  Source: C:\Pots.sfx.exeSection loaded: version.dll
                  Source: C:\Pots.sfx.exeSection loaded: dxgidebug.dll
                  Source: C:\Pots.sfx.exeSection loaded: sfc_os.dll
                  Source: C:\Pots.sfx.exeSection loaded: sspicli.dll
                  Source: C:\Pots.sfx.exeSection loaded: rsaenh.dll
                  Source: C:\Pots.sfx.exeSection loaded: uxtheme.dll
                  Source: C:\Pots.sfx.exeSection loaded: dwmapi.dll
                  Source: C:\Pots.sfx.exeSection loaded: cryptbase.dll
                  Source: C:\Pots.sfx.exeSection loaded: riched20.dll
                  Source: C:\Pots.sfx.exeSection loaded: usp10.dll
                  Source: C:\Pots.sfx.exeSection loaded: msls31.dll
                  Source: C:\Pots.sfx.exeSection loaded: kernel.appcore.dll
                  Source: C:\Pots.sfx.exeSection loaded: dpapi.dll
                  Source: C:\Pots.sfx.exeSection loaded: windowscodecs.dll
                  Source: C:\Pots.sfx.exeSection loaded: textshaping.dll
                  Source: C:\Pots.sfx.exeSection loaded: textinputframework.dll
                  Source: C:\Pots.sfx.exeSection loaded: coreuicomponents.dll
                  Source: C:\Pots.sfx.exeSection loaded: coremessaging.dll
                  Source: C:\Pots.sfx.exeSection loaded: ntmarta.dll
                  Source: C:\Pots.sfx.exeSection loaded: wintypes.dll
                  Source: C:\Pots.sfx.exeSection loaded: wintypes.dll
                  Source: C:\Pots.sfx.exeSection loaded: wintypes.dll
                  Source: C:\Pots.sfx.exeSection loaded: windows.storage.dll
                  Source: C:\Pots.sfx.exeSection loaded: wldp.dll
                  Source: C:\Pots.sfx.exeSection loaded: propsys.dll
                  Source: C:\Pots.sfx.exeSection loaded: profapi.dll
                  Source: C:\Pots.sfx.exeSection loaded: edputil.dll
                  Source: C:\Pots.sfx.exeSection loaded: urlmon.dll
                  Source: C:\Pots.sfx.exeSection loaded: iertutil.dll
                  Source: C:\Pots.sfx.exeSection loaded: srvcli.dll
                  Source: C:\Pots.sfx.exeSection loaded: netutils.dll
                  Source: C:\Pots.sfx.exeSection loaded: windows.staterepositoryps.dll
                  Source: C:\Pots.sfx.exeSection loaded: appresolver.dll
                  Source: C:\Pots.sfx.exeSection loaded: bcp47langs.dll
                  Source: C:\Pots.sfx.exeSection loaded: slc.dll
                  Source: C:\Pots.sfx.exeSection loaded: userenv.dll
                  Source: C:\Pots.sfx.exeSection loaded: sppc.dll
                  Source: C:\Pots.sfx.exeSection loaded: onecorecommonproxystub.dll
                  Source: C:\Pots.sfx.exeSection loaded: onecoreuapcommonproxystub.dll
                  Source: C:\Pots.sfx.exeSection loaded: pcacli.dll
                  Source: C:\Pots.sfx.exeSection loaded: mpr.dll
                  Source: C:\Pots.sfx.exeSection loaded: msasn1.dll
                  Source: C:\Pots.exeSection loaded: version.dll
                  Source: C:\Pots.exeSection loaded: mscoree.dll
                  Source: C:\Pots.exeSection loaded: shfolder.dll
                  Source: C:\Pots.exeSection loaded: uxtheme.dll
                  Source: C:\Pots.exeSection loaded: windows.storage.dll
                  Source: C:\Pots.exeSection loaded: wldp.dll
                  Source: C:\Pots.exeSection loaded: profapi.dll
                  Source: C:\Pots.exeSection loaded: sspicli.dll
                  Source: C:\Pots.exeSection loaded: kernel.appcore.dll
                  Source: C:\Pots.exeSection loaded: vcruntime140_clr0400.dll
                  Source: C:\Pots.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Pots.exeSection loaded: cryptsp.dll
                  Source: C:\Pots.exeSection loaded: rsaenh.dll
                  Source: C:\Pots.exeSection loaded: cryptbase.dll
                  Source: C:\Pots.exeSection loaded: ntmarta.dll
                  Source: C:\Pots.exeSection loaded: rasapi32.dll
                  Source: C:\Pots.exeSection loaded: rasman.dll
                  Source: C:\Pots.exeSection loaded: rtutils.dll
                  Source: C:\Pots.exeSection loaded: mswsock.dll
                  Source: C:\Pots.exeSection loaded: winhttp.dll
                  Source: C:\Pots.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Pots.exeSection loaded: iphlpapi.dll
                  Source: C:\Pots.exeSection loaded: dhcpcsvc6.dll
                  Source: C:\Pots.exeSection loaded: dhcpcsvc.dll
                  Source: C:\Pots.exeSection loaded: dnsapi.dll
                  Source: C:\Pots.exeSection loaded: winnsi.dll
                  Source: C:\Pots.exeSection loaded: rasadhlp.dll
                  Source: C:\Pots.exeSection loaded: fwpuclnt.dll
                  Source: C:\Pots.exeSection loaded: secur32.dll
                  Source: C:\Pots.exeSection loaded: schannel.dll
                  Source: C:\Pots.exeSection loaded: mskeyprotect.dll
                  Source: C:\Pots.exeSection loaded: ntasn1.dll
                  Source: C:\Pots.exeSection loaded: ncrypt.dll
                  Source: C:\Pots.exeSection loaded: ncryptsslp.dll
                  Source: C:\Pots.exeSection loaded: msasn1.dll
                  Source: C:\Pots.exeSection loaded: gpapi.dll
                  Source: C:\Pots.exeSection loaded: windowscodecs.dll
                  Source: C:\Pots.exeSection loaded: wbemcomn.dll
                  Source: C:\Pots.exeSection loaded: amsi.dll
                  Source: C:\Pots.exeSection loaded: userenv.dll
                  Source: C:\Users\user\Desktop\Pots.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InProcServer32Jump to behavior
                  Source: Google Drive.lnk.30.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                  Source: YouTube.lnk.30.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                  Source: Sheets.lnk.30.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                  Source: Gmail.lnk.30.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                  Source: Slides.lnk.30.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                  Source: Docs.lnk.30.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
                  Source: Window RecorderWindow detected: More than 3 window changes detected
                  Source: Pots.exeStatic file information: File size 1718038 > 1048576
                  Source: Pots.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
                  Source: Pots.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
                  Source: Pots.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
                  Source: Pots.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
                  Source: Pots.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
                  Source: Pots.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
                  Source: Pots.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
                  Source: Pots.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
                  Source: Binary string: D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb source: Pots.exe, Pots.sfx.exe.0.dr
                  Source: Binary string: System.pdb-2246122658-3693405117-2476756634-1003_Classes\WOW6432Node\CLSID\{0A29FF9E-7F9C-4437-8B11-F424491E3931}\Server source: Pots.exe, 00000019.00000002.1910860932.0000000006060000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: webauthn.pdb source: firefox.exe, 0000001D.00000003.2349596019.0000019B01B01000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: System.pdbF source: Pots.exe, 00000005.00000002.1137260907.0000000003D0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003DDF000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.000000000384A000.00000004.00000800.00020000.00000000.sdmp
                  Source: Binary string: \c++\44 call\44userBER-main\44userBER\obj\Release\Insidious.pdb source: Pots.exe, Pots.exe, 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmp
                  Source: Binary string: mscorlib.pdb source: Pots.exe, 00000005.00000002.1137260907.0000000003C7D000.00000004.00000800.00020000.00000000.sdmp
                  Source: Binary string: \Windows\symbols\dll\System.pdbgac_msil\system\v4.0_4.0.0.0__b77a5c561934e089\system.pdbSy source: Pots.exe, 00000005.00000002.1135117512.00000000013F8000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: |C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll_b77a5c561934e089\mscorlib.pdb source: Pots.exe, 00000019.00000002.1889112471.0000000001332000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: wminet_utils.dll.pdb source: Pots.exe, 00000005.00000002.1141953793.000000000608D000.00000004.00000020.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2047097147.00000000068D0000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: s\windows\mscorlib.pdbpdb source: Pots.exe, 00000005.00000002.1135117512.00000000013CF000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: *c:\windows\system.pdb source: Pots.exe, 00000005.00000002.1141953793.000000000608D000.00000004.00000020.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2047097147.00000000068D0000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: webauthn.pdbGCTL source: firefox.exe, 0000001D.00000003.2349596019.0000019B01B01000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \Windows\symbols\dll\System.pdbGAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdbtem.drawing.dll source: Pots.exe, 00000019.00000002.1888331013.0000000001304000.00000004.00000020.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2011433535.0000000000C4E000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: %SystemRoot%\system32\napinsp.dll.0__b77a5c561934e089\mscorlib.pdb+ source: Pots.exe, 00000019.00000002.1888331013.0000000001304000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \windows\symbols\dll\mscorlib.pdbC_$ source: Pots.exe, 00000005.00000002.1135117512.0000000001410000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: sC:\Windows\dll\mscorlib.pdb source: Pots.exe, 00000019.00000002.1889032146.000000000132B000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \windows\microsoft.net\assembly\gac_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdb source: Pots.exe, 00000027.00000002.2011433535.0000000000C4E000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: System.pdb source: Pots.exe, 00000005.00000002.1137260907.0000000003D0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003DDF000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.000000000384A000.00000004.00000800.00020000.00000000.sdmp
                  Source: Pots.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
                  Source: Pots.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
                  Source: Pots.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
                  Source: Pots.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
                  Source: Pots.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata

                  Data Obfuscation

                  barindex
                  Detected unpacking (changes PE section rights)
                  Source: C:\Pots.exeUnpacked PE file: 5.2.Pots.exe.dd0000.0.unpack Unknown_Section0:EW;Unknown_Section1:EW;Unknown_Section2:EW;.rsrc:EW;Unknown_Section4:EW;xyilaaaa:EW; vs Unknown_Section0:ER;Unknown_Section1:R;Unknown_Section2:R;.rsrc:ER;Unknown_Section4:ER;xyilaaaa:ER;
                  Detected unpacking (overwrites its own PE header)
                  Source: C:\Pots.exeUnpacked PE file: 5.2.Pots.exe.dd0000.0.unpack
                  Source: Pots.exe.4.drStatic PE information: 0xF0E5890E [Sun Jan 26 11:37:50 2098 UTC]
                  Source: C:\Users\user\Desktop\Pots.exeFile created: C:\\__tmp_rar_sfx_access_check_4738328Jump to behavior
                  Source: Pots.exeStatic PE information: section name: .didat
                  Source: Pots.sfx.exe.0.drStatic PE information: section name: .didat
                  Source: Pots.exe.4.drStatic PE information: section name:
                  Source: Pots.exe.4.drStatic PE information: section name:
                  Source: Pots.exe.4.drStatic PE information: section name:
                  Source: Pots.exe.4.drStatic PE information: section name:
                  Source: Pots.exe.4.drStatic PE information: section name: xyilaaaa
                  Source: C:\Pots.exeCode function: 5_2_00E38104 push ecx; mov dword ptr [esp], edx5_2_00E38109
                  Source: C:\Pots.exeCode function: 5_2_00E2C28C push 00E2C6D8h; ret 5_2_00E2C6D0
                  Source: C:\Pots.exeCode function: 5_2_00E243EA push 00E24418h; ret 5_2_00E24410
                  Source: C:\Pots.exeCode function: 5_2_00E353A0 push 00E35400h; ret 5_2_00E353F8
                  Source: C:\Pots.exeCode function: 5_2_00E3832C push ecx; mov dword ptr [esp], edx5_2_00E38331
                  Source: C:\Pots.exeCode function: 5_2_00E244F8 push 00E2452Ch; ret 5_2_00E24524
                  Source: C:\Pots.exeCode function: 5_2_00E3848C push ecx; mov dword ptr [esp], edx5_2_00E38491
                  Source: C:\Pots.exeCode function: 5_2_00E24494 push 00E244C0h; ret 5_2_00E244B8
                  Source: C:\Pots.exeCode function: 5_2_00E38448 push ecx; mov dword ptr [esp], edx5_2_00E3844D
                  Source: C:\Pots.exeCode function: 5_2_00E35456 push 00E355A4h; ret 5_2_00E3559C
                  Source: C:\Pots.exeCode function: 5_2_00E36454 push 00E364A1h; ret 5_2_00E36499
                  Source: C:\Pots.exeCode function: 5_2_00E2445C push 00E24488h; ret 5_2_00E24480
                  Source: C:\Pots.exeCode function: 5_2_00E24424 push 00E24450h; ret 5_2_00E24448
                  Source: C:\Pots.exeCode function: 5_2_00E225F0 push 00E22641h; ret 5_2_00E22639
                  Source: C:\Pots.exeCode function: 5_2_00E3A54C push ecx; mov dword ptr [esp], edx5_2_00E3A54D
                  Source: C:\Pots.exeCode function: 5_2_00E34536 push 00E345B5h; ret 5_2_00E345AD
                  Source: C:\Pots.exeCode function: 5_2_00E2C6DA push 00E2C74Bh; ret 5_2_00E2C743
                  Source: C:\Pots.exeCode function: 5_2_00E336A4 push 00E3374Ch; ret 5_2_00E33744
                  Source: C:\Pots.exeCode function: 5_2_00E35684 push ecx; mov dword ptr [esp], ecx5_2_00E35687
                  Source: C:\Pots.exeCode function: 5_2_00E3362C push 00E336A2h; ret 5_2_00E3369A
                  Source: C:\Pots.exeCode function: 5_2_00E3374E push 00E3379Ch; ret 5_2_00E33794
                  Source: C:\Pots.exeCode function: 5_2_00E358F4 push ecx; mov dword ptr [esp], ecx5_2_00E358F6
                  Source: C:\Pots.exeCode function: 5_2_00E228AA push 00E228D8h; ret 5_2_00E228D0
                  Source: C:\Pots.exeCode function: 5_2_00E2C85E push 00E2C88Ch; ret 5_2_00E2C884
                  Source: C:\Pots.exeCode function: 5_2_00E34804 push 00E34830h; ret 5_2_00E34828
                  Source: C:\Pots.exeCode function: 5_2_00E22968 push 00E22994h; ret 5_2_00E2298C
                  Source: C:\Pots.exeCode function: 5_2_00E23A48 push ecx; mov dword ptr [esp], eax5_2_00E23A49
                  Source: C:\Pots.exeCode function: 5_2_00E23CF2 push 00E23D20h; ret 5_2_00E23D18
                  Source: C:\Pots.exeCode function: 5_2_00E3FD94 push ecx; mov dword ptr [esp], edx5_2_00E3FD96
                  Source: C:\Pots.exeCode function: 5_2_00E2BD60 push ecx; mov dword ptr [esp], edx5_2_00E2BD65
                  Source: C:\Pots.exeCode function: 5_2_00E23D2C push 00E23D58h; ret 5_2_00E23D50
                  Source: Pots.exe.4.drStatic PE information: section name: entropy: 7.997411442808963
                  Source: Pots.exe.4.drStatic PE information: section name: xyilaaaa entropy: 7.9756922123855905
                  Source: C:\Pots.sfx.exeFile created: C:\Pots.exeJump to dropped file
                  Source: C:\Users\user\Desktop\Pots.exeFile created: C:\Pots.sfx.exeJump to dropped file
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
                  Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
                  Source: C:\Users\user\Desktop\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.sfx.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.sfx.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.sfx.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Pots.exeProcess information set: NOOPENFILEERRORBOX

                  Malware Analysis System Evasion

                  barindex
                  Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController
                  Source: C:\Pots.exeMemory allocated: 2D10000 memory reserve | memory write watchJump to behavior
                  Source: C:\Pots.exeMemory allocated: 3B80000 memory reserve | memory write watchJump to behavior
                  Source: C:\Pots.exeMemory allocated: 3150000 memory reserve | memory write watchJump to behavior
                  Source: C:\Pots.exeMemory allocated: 3010000 memory reserve | memory write watchJump to behavior
                  Source: C:\Pots.exeMemory allocated: 3D10000 memory reserve | memory write watchJump to behavior
                  Source: C:\Pots.exeMemory allocated: 3290000 memory reserve | memory write watchJump to behavior
                  Source: C:\Pots.exeMemory allocated: 2D00000 memory reserve | memory write watch
                  Source: C:\Pots.exeMemory allocated: 3730000 memory reserve | memory write watch
                  Source: C:\Pots.exeMemory allocated: 5730000 memory reserve | memory write watch
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 33_2_000002549D416CF7 rdtsc 33_2_000002549D416CF7
                  Source: C:\Pots.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 600000Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599873Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599762Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599651Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599534Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599412Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599284Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599141Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599013Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 598901Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 600000Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599888Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599777Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599665Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599554Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599443Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599315Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599187Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 922337203685477
                  Source: C:\Pots.exeThread delayed: delay time: 600000
                  Source: C:\Pots.exeThread delayed: delay time: 599878
                  Source: C:\Pots.exeThread delayed: delay time: 599755
                  Source: C:\Pots.exeThread delayed: delay time: 599631
                  Source: C:\Pots.exeThread delayed: delay time: 599507
                  Source: C:\Pots.exeThread delayed: delay time: 599396
                  Source: C:\Pots.exeThread delayed: delay time: 599273
                  Source: C:\Pots.exeThread delayed: delay time: 599164
                  Source: C:\Pots.exeThread delayed: delay time: 599056
                  Source: C:\Pots.exeThread delayed: delay time: 598946
                  Source: C:\Pots.exeThread delayed: delay time: 598838
                  Source: C:\Pots.exeThread delayed: delay time: 922337203685477
                  Source: C:\Pots.exeWindow / User API: threadDelayed 1005Jump to behavior
                  Source: C:\Pots.exeWindow / User API: threadDelayed 1791Jump to behavior
                  Source: C:\Pots.exeWindow / User API: threadDelayed 1267Jump to behavior
                  Source: C:\Pots.exeWindow / User API: threadDelayed 1372Jump to behavior
                  Source: C:\Pots.exeWindow / User API: threadDelayed 1961
                  Source: C:\Pots.exe TID: 2648Thread sleep time: -1844674407370954s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 2648Thread sleep time: -600000s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 2648Thread sleep time: -599873s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 2648Thread sleep time: -599762s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 2648Thread sleep time: -599651s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 2648Thread sleep time: -599534s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 2648Thread sleep time: -599412s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 2648Thread sleep time: -599284s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 2648Thread sleep time: -599141s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 2648Thread sleep time: -599013s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 2648Thread sleep time: -598901s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 6288Thread sleep time: -30000s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 6244Thread sleep time: -922337203685477s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 4008Thread sleep time: -2767011611056431s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 4008Thread sleep time: -600000s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 4008Thread sleep time: -599888s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 4008Thread sleep time: -599777s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 4008Thread sleep time: -599665s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 4008Thread sleep time: -599554s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 4008Thread sleep time: -599443s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 4008Thread sleep time: -599315s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 4008Thread sleep time: -599187s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 6440Thread sleep time: -30000s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 6584Thread sleep time: -922337203685477s >= -30000sJump to behavior
                  Source: C:\Pots.exe TID: 2664Thread sleep count: 126 > 30
                  Source: C:\Pots.exe TID: 532Thread sleep time: -4611686018427385s >= -30000s
                  Source: C:\Pots.exe TID: 532Thread sleep time: -600000s >= -30000s
                  Source: C:\Pots.exe TID: 1428Thread sleep count: 1961 > 30
                  Source: C:\Pots.exe TID: 532Thread sleep time: -599878s >= -30000s
                  Source: C:\Pots.exe TID: 532Thread sleep time: -599755s >= -30000s
                  Source: C:\Pots.exe TID: 532Thread sleep time: -599631s >= -30000s
                  Source: C:\Pots.exe TID: 532Thread sleep time: -599507s >= -30000s
                  Source: C:\Pots.exe TID: 532Thread sleep time: -599396s >= -30000s
                  Source: C:\Pots.exe TID: 532Thread sleep time: -599273s >= -30000s
                  Source: C:\Pots.exe TID: 532Thread sleep time: -599164s >= -30000s
                  Source: C:\Pots.exe TID: 532Thread sleep time: -599056s >= -30000s
                  Source: C:\Pots.exe TID: 532Thread sleep time: -598946s >= -30000s
                  Source: C:\Pots.exe TID: 532Thread sleep time: -598838s >= -30000s
                  Source: C:\Pots.exe TID: 1284Thread sleep time: -30000s >= -30000s
                  Source: C:\Pots.exe TID: 6652Thread sleep time: -922337203685477s >= -30000s
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * From Win32_ComputerSystem
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * From Win32_ComputerSystem
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * From Win32_ComputerSystem
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT ProcessorId FROM Win32_Processor
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_Processor
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT ProcessorId FROM Win32_Processor
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_Processor
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT ProcessorId FROM Win32_Processor
                  Source: C:\Pots.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_Processor
                  Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                  Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                  Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                  Source: C:\Pots.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 600000Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599873Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599762Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599651Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599534Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599412Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599284Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599141Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599013Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 598901Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 600000Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599888Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599777Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599665Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599554Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599443Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599315Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 599187Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Pots.exeThread delayed: delay time: 922337203685477
                  Source: C:\Pots.exeThread delayed: delay time: 600000
                  Source: C:\Pots.exeThread delayed: delay time: 599878
                  Source: C:\Pots.exeThread delayed: delay time: 599755
                  Source: C:\Pots.exeThread delayed: delay time: 599631
                  Source: C:\Pots.exeThread delayed: delay time: 599507
                  Source: C:\Pots.exeThread delayed: delay time: 599396
                  Source: C:\Pots.exeThread delayed: delay time: 599273
                  Source: C:\Pots.exeThread delayed: delay time: 599164
                  Source: C:\Pots.exeThread delayed: delay time: 599056
                  Source: C:\Pots.exeThread delayed: delay time: 598946
                  Source: C:\Pots.exeThread delayed: delay time: 598838
                  Source: C:\Pots.exeThread delayed: delay time: 922337203685477
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: outlook.office365.comVMware20,11696584680t
                  Source: Pots.sfx.exe, 00000026.00000002.2001840772.0000000007962000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\xo
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: Interactive Brokers - COM.HKVMware20,11696584680
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696584680^
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: Interactive Brokers - EU WestVMware20,11696584680n
                  Source: Pots.sfx.exe, 00000004.00000003.1108095604.0000000002E6C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}j3D
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: microsoft.visualstudio.comVMware20,11696584680x
                  Source: firefox.exe, 00000020.00000002.2394719504.0000026807712000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWs
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696584680
                  Source: firefox.exe, 0000001D.00000002.2423872896.0000019AE52C9000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2423872896.0000019AE52C0000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2391767686.000002549CE90000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2365979826.000002549C70A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2391272741.0000024E82D10000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2367676352.0000024E82A0E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: outlook.office.comVMware20,11696584680s
                  Source: Pots.sfx.exe, 00000018.00000003.1871814354.000000000324C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\
                  Source: firefox.exe, 0000001D.00000002.2438561088.0000019AEEFD5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000020.00000002.2392535152.0000026807620000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW : 2 : 34 : 1 : 1 : 0x20026 : 0x8 : %SystemRoot%\system32\mswsock.dll : : 1234191b-4bf7-4ca7-86e0-dfd7c32b5445
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: secure.bankofamerica.comVMware20,11696584680|UE
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: Canara Transaction PasswordVMware20,11696584680x
                  Source: Pots.exe, 00000005.00000002.1133415880.0000000000E1C000.00000040.00000001.01000000.0000000A.sdmpBinary or memory string: &VBoxService.exe
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: Canara Transaction PasswordVMware20,11696584680}
                  Source: firefox.exe, 00000020.00000002.2369625627.000002680727E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW`
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: bankofamerica.comVMware20,11696584680x
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: turbotax.intuit.comVMware20,11696584680t
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: Test URL for global passwords blocklistVMware20,11696584680
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: www.interactivebrokers.comVMware20,11696584680}
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: AMC password management pageVMware20,11696584680
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: interactivebrokers.comVMware20,11696584680
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: tasks.office.comVMware20,11696584680o
                  Source: firefox.exe, 0000001D.00000003.1905538149.0000019AE5318000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllZ
                  Source: Pots.exe, 00000015.00000002.1868944776.0000000006E40000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}v4
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696584680p
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: Interactive Brokers - HKVMware20,11696584680]
                  Source: firefox.exe, 00000020.00000002.2394719504.0000026807712000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllQ
                  Source: firefox.exe, 0000001D.00000003.1905538149.0000019AE5318000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllf
                  Source: Pots.exe, 00000019.00000002.1889112471.0000000001332000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllg
                  Source: firefox.exe, 00000020.00000002.2394719504.0000026807700000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW(
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: account.microsoft.com/profileVMware20,11696584680u
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: ms.portal.azure.comVMware20,11696584680
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696584680
                  Source: Pots.exe, 00000005.00000002.1141953793.0000000006080000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.1905538149.0000019AE5318000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000020.00000002.2394719504.0000026807712000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2391767686.000002549CE90000.00000004.00000020.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2011433535.0000000000C93000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                  Source: Pots.exe, 00000005.00000002.1133415880.0000000000E1C000.00000040.00000001.01000000.0000000A.sdmpBinary or memory string: VBoxService.exe
                  Source: Pots.sfx.exe, 00000026.00000002.2001840772.0000000007962000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696584680
                  Source: Pots.exe, Pots.exe, 00000005.00000002.1133415880.0000000000F62000.00000040.00000001.01000000.0000000A.sdmpBinary or memory string: ~VirtualMachineTypes
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: www.interactivebrokers.co.inVMware20,11696584680~
                  Source: Pots.exe, 00000023.00000002.1983384361.0000000007570000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\s
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: trackpan.utiitsl.comVMware20,11696584680h
                  Source: Pots.exe, Pots.exe, 00000005.00000002.1133415880.0000000000F62000.00000040.00000001.01000000.0000000A.sdmpBinary or memory string: ]DLL_Loader_VirtualMachine
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696584680z
                  Source: Pots.exe, 00000005.00000002.1133415880.0000000000E1C000.00000040.00000001.01000000.0000000A.sdmpBinary or memory string: VMWare
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: discord.comVMware20,11696584680f
                  Source: Pots.exe, 00000005.00000002.1133415880.0000000000F62000.00000040.00000001.01000000.0000000A.sdmpBinary or memory string: DLL_Loader_Marker]DLL_Loader_VirtualMachineZDLL_Loader_Reloc_Unit
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: global block list test formVMware20,11696584680
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: netportal.hdfcbank.comVMware20,11696584680
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: dev.azure.comVMware20,11696584680j
                  Source: tmpACCD.tmp.dat.39.drBinary or memory string: interactivebrokers.co.inVMware20,11696584680d
                  Source: C:\Pots.exeProcess information queried: ProcessInformationJump to behavior

                  Anti Debugging

                  barindex
                  Hides threads from debuggers
                  Source: C:\Pots.exeThread information set: HideFromDebuggerJump to behavior
                  Source: C:\Pots.exeThread information set: HideFromDebuggerJump to behavior
                  Source: C:\Pots.exeThread information set: HideFromDebuggerJump to behavior
                  Source: C:\Pots.exeThread information set: HideFromDebugger
                  Source: C:\Pots.exeThread information set: HideFromDebugger
                  Tries to detect sandboxes and other dynamic analysis tools (window names)
                  Source: C:\Pots.exeOpen window title or class name: ollydbg
                  Source: C:\Pots.exeFile opened: SIWDEBUG
                  Source: C:\Pots.exeFile opened: NTICE
                  Source: C:\Pots.exeFile opened: SICE
                  Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 33_2_000002549D416CF7 rdtsc 33_2_000002549D416CF7
                  Source: C:\Pots.exeCode function: 5_2_02D177D8 LdrInitializeThunk,5_2_02D177D8
                  Source: C:\Pots.exeProcess token adjusted: DebugJump to behavior
                  Source: C:\Pots.exeProcess token adjusted: DebugJump to behavior
                  Source: C:\Pots.exeProcess token adjusted: Debug
                  Source: C:\Pots.exeMemory allocated: page read and write | page guardJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\1.bat" "Jump to behavior
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Pots.sfx.exe Pots.sfx.exe -psoupJump to behavior
                  Source: C:\Pots.sfx.exeProcess created: C:\Pots.exe "C:\Pots.exe" Jump to behavior
                  Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\Desktop\Pots.exe Pots.exeJump to behavior
                  Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\Desktop\Pots.exe Pots.exeJump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\1.bat" "Jump to behavior
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Pots.sfx.exe Pots.sfx.exe -psoup
                  Source: C:\Pots.sfx.exeProcess created: C:\Pots.exe "C:\Pots.exe" Jump to behavior
                  Source: C:\Users\user\Desktop\Pots.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\1.bat" "
                  Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Pots.sfx.exe Pots.sfx.exe -psoup
                  Source: C:\Pots.sfx.exeProcess created: C:\Pots.exe "C:\Pots.exe"
                  Source: C:\Pots.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                  Source: C:\Pots.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                  Source: C:\Pots.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                  Source: C:\Pots.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                  Source: C:\Pots.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                  Source: C:\Pots.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                  Source: C:\Pots.exeQueries volume information: C:\Pots.exe VolumeInformationJump to behavior
                  Source: C:\Pots.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
                  Source: C:\Pots.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
                  Source: C:\Pots.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformationJump to behavior
                  Source: C:\Pots.exeQueries volume information: C:\Pots.exe VolumeInformationJump to behavior
                  Source: C:\Pots.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
                  Source: C:\Pots.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
                  Source: C:\Pots.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformationJump to behavior
                  Source: C:\Pots.exeQueries volume information: C:\Pots.exe VolumeInformation
                  Source: C:\Pots.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
                  Source: C:\Pots.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
                  Source: C:\Pots.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation
                  Source: C:\Pots.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

                  Stealing of Sensitive Information

                  barindex
                  Yara detected 44Caliber Stealer
                  Source: Yara matchFile source: 5.2.Pots.exe.dd0000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 6220, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 5916, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 4364, type: MEMORYSTR
                  Yara detected Rags Stealer
                  Source: Yara matchFile source: 5.2.Pots.exe.dd0000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000005.00000002.1137260907.0000000003B81000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 6220, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 5916, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 4364, type: MEMORYSTR
                  Found many strings related to Crypto-Wallets (likely being stolen)
                  Source: Pots.exeString found in binary or memory: Electrum
                  Source: Pots.exe, 00000005.00000002.1137260907.0000000003C0F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: q0C:\Users\user\AppData\Roaming\Electrum\wallets\*
                  Source: Pots.exeString found in binary or memory: JaxxDir
                  Source: Pots.exeString found in binary or memory: \Exodus\exodus.wallet\
                  Source: Pots.exeString found in binary or memory: \Wallets\Ethereum\
                  Source: Pots.exeString found in binary or memory: ExodusDir
                  Source: Pots.exeString found in binary or memory: Ethereum
                  Source: Pots.exeString found in binary or memory: \Exodus\exodus.wallet\
                  Source: Pots.exeString found in binary or memory: \Ethereum\keystore
                  Tries to harvest and steal browser information (history, passwords, etc)
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\places.sqlite
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\cookies.sqlite
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
                  Tries to steal Crypto Currency Wallets
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\Jump to behavior
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\Jump to behavior
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\Jump to behavior
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\Jump to behavior
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                  Source: C:\Pots.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\
                  Source: Yara matchFile source: 5.2.Pots.exe.dd0000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000005.00000002.1137260907.0000000003C0F000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 6220, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 5916, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 4364, type: MEMORYSTR

                  Remote Access Functionality

                  barindex
                  Yara detected 44Caliber Stealer
                  Source: Yara matchFile source: 5.2.Pots.exe.dd0000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 6220, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 5916, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 4364, type: MEMORYSTR
                  Yara detected Rags Stealer
                  Source: Yara matchFile source: 5.2.Pots.exe.dd0000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000005.00000002.1137260907.0000000003B81000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 6220, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 5916, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: Pots.exe PID: 4364, type: MEMORYSTR

                  Mitre Att&ck Matrix

                  ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                  Gather Victim Identity Information1
                  Scripting                  		Valid Accounts121
                  Windows Management Instrumentation                  		1
                  Scripting                  		1
                  DLL Side-Loading                  		1
                  Disable or Modify Tools                  		1
                  OS Credential Dumping                  		1
                  File and Directory Discovery                  		Remote Services1
                  Archive Collected Data                  		3
                  Ingress Tool Transfer                  		Exfiltration Over Other Network MediumAbuse Accessibility Features
                  CredentialsDomainsDefault AccountsScheduled Task/Job1
                  DLL Side-Loading                  		1
                  Extra Window Memory Injection                  		1
                  Deobfuscate/Decode Files or Information                  		LSASS Memory33
                  System Information Discovery                  		Remote Desktop Protocol3
                  Data from Local System                  		11
                  Encrypted Channel                  		Exfiltration Over BluetoothNetwork Denial of Service
                  Email AddressesDNS ServerDomain AccountsAt1
                  Registry Run Keys / Startup Folder                  		11
                  Process Injection                  		3
                  Obfuscated Files or Information                  		Security Account Manager441
                  Security Software Discovery                  		SMB/Windows Admin SharesData from Network Shared Drive4
                  Non-Application Layer Protocol                  		Automated ExfiltrationData Encrypted for Impact
                  Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook1
                  Registry Run Keys / Startup Folder                  		23
                  Software Packing                  		NTDS1
                  Process Discovery                  		Distributed Component Object ModelInput Capture5
                  Application Layer Protocol                  		Traffic DuplicationData Destruction
                  Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                  Timestomp                  		LSA Secrets361
                  Virtualization/Sandbox Evasion                  		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
                  Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
                  DLL Side-Loading                  		Cached Domain Credentials1
                  Application Window Discovery                  		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                  DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
                  Extra Window Memory Injection                  		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                  Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
                  Masquerading                  		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                  Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt361
                  Virtualization/Sandbox Evasion                  		/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                  IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron11
                  Process Injection                  		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

                  Behavior Graph

                  Hide Legend

                  Legend:

                  • Process
                  • Signature
                  • Created File
                  • DNS/IP Info
                  • Is Dropped
                  • Is Windows Process
                  • Number of created Registry Values
                  • Number of created Files
                  • Visual Basic
                  • Delphi
                  • Java
                  • .Net C# or VB.NET
                  • C, C++ or other language
                  • Is malicious
                  • Internet
                  behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1435509 Sample: Pots.exe Startdate: 02/05/2024 Architecture: WINDOWS Score: 100 78 freegeoip.app 2->78 80 youtube-ui.l.google.com 2->80 82 26 other IPs or domains 2->82 102 Found malware configuration 2->102 104 Malicious sample detected (through community Yara rule) 2->104 106 Multi AV Scanner detection for submitted file 2->106 110 5 other signatures 2->110 10 Pots.exe 4 2->10         started        13 cmd.exe 1 2->13         started        15 firefox.exe 2->15         started        17 chrome.exe 2->17         started        signatures3 108 Tries to detect the country of the analysis system (by using the IP) 78->108 process4 dnsIp5 68 C:\Pots.sfx.exe, PE32 10->68 dropped 20 cmd.exe 1 10->20         started        22 Pots.exe 13->22         started        24 Pots.exe 2 13->24         started        26 conhost.exe 1 13->26         started        28 firefox.exe 15->28         started        70 192.168.2.16, 138, 443, 49695 unknown unknown 17->70 72 239.255.255.250 unknown Reserved 17->72 31 chrome.exe 17->31         started        file6 process7 dnsIp8 33 Pots.sfx.exe 3 20->33         started        37 conhost.exe 20->37         started        39 cmd.exe 22->39         started        41 cmd.exe 24->41         started        84 prod.detectportal.prod.cloudops.mozgcp.net 34.107.221.82, 49759, 49765, 49770 GOOGLEUS United States 28->84 86 telemetry-incoming.r53-2.services.mozilla.com 34.120.208.123, 443, 49783, 49784 GOOGLEUS United States 28->86 90 5 other IPs or domains 28->90 43 firefox.exe 28->43         started        45 firefox.exe 28->45         started        47 firefox.exe 28->47         started        88 www.google.com 142.251.35.164, 443, 49745, 49748 GOOGLEUS United States 31->88 process9 file10 66 C:\Pots.exe, PE32 33->66 dropped 92 Multi AV Scanner detection for dropped file 33->92 49 Pots.exe 15 43 33->49         started        53 Pots.sfx.exe 39->53         started        55 conhost.exe 39->55         started        57 Pots.sfx.exe 2 41->57         started        59 conhost.exe 41->59         started        signatures11 process12 dnsIp13 74 freegeoip.app 104.21.73.97, 443, 49700, 49740 CLOUDFLARENETUS United States 49->74 76 ipbase.com 104.21.85.189, 443, 49701, 49741 CLOUDFLARENETUS United States 49->76 94 Antivirus detection for dropped file 49->94 96 Multi AV Scanner detection for dropped file 49->96 98 Detected unpacking (changes PE section rights) 49->98 100 7 other signatures 49->100 61 Pots.exe 53->61         started        64 Pots.exe 41 57->64         started        signatures14 process15 signatures16 112 Tries to harvest and steal browser information (history, passwords, etc) 61->112 114 Tries to steal Crypto Currency Wallets 61->114 116 Hides threads from debuggers 61->116

                  Screenshots

                  Thumbnails

                  This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                  windows-stand

                  Antivirus, Machine Learning and Genetic Malware Detection

                  Initial Sample

                  SourceDetectionScannerLabelLink
                  Pots.exe51%ReversingLabsWin32.Trojan.Rasftuby

                  Dropped Files

                  SourceDetectionScannerLabelLink
                  C:\Pots.exe100%AviraHEUR/AGEN.1351863
                  C:\Pots.exe100%Joe Sandbox ML
                  C:\Pots.exe83%ReversingLabsWin32.Trojan.ProtectorEnigma
                  C:\Pots.sfx.exe25%ReversingLabs

                  Unpacked PE Files

                  No Antivirus matches

                  Domains

                  No Antivirus matches

                  URLs

                  SourceDetectionScannerLabelLink
                  https://ads.stickyadstv.com/firefox-etp0%URL Reputationsafe
                  https://tracking-protection-issues.herokuapp.com/new0%URL Reputationsafe
                  http://exslt.org/common0%URL Reputationsafe
                  http://exslt.org/dates-and-times0%URL Reputationsafe
                  https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-1520%URL Reputationsafe
                  https://bugzilla.mo0%URL Reputationsafe
                  https://www.bbc.co.uk/0%Avira URL Cloudsafe
                  https://gpuweb.github.io/gpuweb//shims/adsafeprotected-ima.jsextension/webcompat0%Avira URL Cloudsafe
                  http://ipbase.coml0%Avira URL Cloudsafe
                  https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/records0%Avira URL Cloudsafe
                  https://freegeoip.app0%Avira URL Cloudsafe

                  Domains and IPs

                  Contacted Domains

                  NameIPActiveMaliciousAntivirus DetectionReputation
                  example.org
                  		93.184.215.14
                  		truefalse
                    		high
                    star-mini.c10r.facebook.com
                    		157.240.241.35
                    		truefalse
                      		high
                      prod.balrog.prod.cloudops.mozgcp.net
                      		35.244.181.201
                      		truefalse
                        		unknown
                        twitter.com
                        		104.244.42.1
                        		truefalse
                          		high
                          prod.detectportal.prod.cloudops.mozgcp.net
                          		34.107.221.82
                          		truefalse
                            		unknown
                            ipbase.com
                            		104.21.85.189
                            		truefalse
                              		unknown
                              dyna.wikimedia.org
                              		208.80.154.224
                              		truefalse
                                		high
                                prod.remote-settings.prod.webservices.mozgcp.net
                                		34.149.100.209
                                		truefalse
                                  		unknown
                                  contile.services.mozilla.com
                                  		34.117.188.166
                                  		truefalse
                                    		high
                                    prod.content-signature-chains.prod.webservices.mozgcp.net
                                    		34.160.144.191
                                    		truefalse
                                      		unknown
                                      youtube-ui.l.google.com
                                      		142.250.176.206
                                      		truefalse
                                        		high
                                        reddit.map.fastly.net
                                        		151.101.129.140
                                        		truefalse
                                          		unknown
                                          ipv4only.arpa
                                          		192.0.0.171
                                          		truefalse
                                            		unknown
                                            prod.ads.prod.webservices.mozgcp.net
                                            		34.117.188.166
                                            		truefalse
                                              		unknown
                                              www.google.com
                                              		142.251.35.164
                                              		truefalse
                                                		high
                                                freegeoip.app
                                                		104.21.73.97
                                                		truetrue
                                                  		unknown
                                                  telemetry-incoming.r53-2.services.mozilla.com
                                                  		34.120.208.123
                                                  		truefalse
                                                    		high
                                                    www.reddit.com
                                                    		unknown
                                                    		unknownfalse
                                                      		high
                                                      spocs.getpocket.com
                                                      		unknown
                                                      		unknownfalse
                                                        		high
                                                        content-signature-2.cdn.mozilla.net
                                                        		unknown
                                                        		unknownfalse
                                                          		high
                                                          firefox.settings.services.mozilla.com
                                                          		unknown
                                                          		unknownfalse
                                                            		high
                                                            push.services.mozilla.com
                                                            		unknown
                                                            		unknownfalse
                                                              		high
                                                              www.youtube.com
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                www.facebook.com
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  detectportal.firefox.com
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    shavar.services.mozilla.com
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		high
                                                                      www.wikipedia.org
                                                                      		unknown
                                                                      		unknownfalse
                                                                        		high

                                                                        URLs from Memory and Binaries

                                                                        NameSourceMaliciousAntivirus DetectionReputation
                                                                        https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                          		high
                                                                          https://bugzilla.mozilla.org/show_bug.cgi?id=1678942firefox.exe, 0000001D.00000003.2295193464.0000019AF3C84000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://spocs.getpocket.com/userActivityStream:PreloadedBrowserfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              http://mozilla.org/#/properties/proposedEnrollmentfirefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                http://detectportal.firefox.com/firefox.exe, 0000001D.00000003.2163589695.0000019AF55FC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  http://mozilla.org/#/properties/schemaVersionfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                      		high
                                                                                      http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature/properties/valuefirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://freegeoip.appPots.exe, 00000005.00000002.1137260907.0000000003CCC000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/recordsfirefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://merino.services.mozilla.com/api/v1/suggestfirefox.exe, 0000001D.00000002.2418184300.0000019AE36DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000020.00000002.2378127427.0000026807472000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C981000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2380872239.0000024E82C8F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://json-schema.org/draft/2019-09/schema.firefox.exe, 0000001D.00000002.2529548453.0000019AF3703000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            http://mozilla.org/#/properties/autoFillAdaptiveHistoryMinCharsThresholdresource://gre/modules/compofirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://mail.google.com/mail/?extsrc=mailto&url=%sPdfJs.initfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://mail.inbox.lv/compose?to=%shttps://mail.yahoo.co.jp/compose/?To=%shttps://e.mail.ru/cgi-bin/firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  http://mozilla.org/#/properties/disableGreaseOnFallbackfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    http://mozilla.org/#/properties/originsDaysCutOfffirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      http://mozilla.org/#/properties/quickSuggestRemoteSettingsDataTypefirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://spocs.getpocket.com/spocsfirefox.exe, 0000001D.00000003.2007227077.0000019AFE393000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://www.amazon.com/exec/obidos/external-search/?field-keywords=&ie=UTF-8&mode=blended&tag=mozillfirefox.exe, 0000001D.00000002.2451543927.0000019AEF7F3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2497453112.0000019AF1B46000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://screenshots.firefox.comfirefox.exe, 0000001D.00000003.1908647302.0000019AF1B0C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              http://mozilla.org/#/properties/insecureFallbackfirefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                http://mozilla.org/#/properties/merinoEndpointURLwhenVerifiedfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://ads.stickyadstv.com/firefox-etpfirefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2032574390.0000019AF43E3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2697808055.0000019AFD6A7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2549932705.0000019AF42C9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  • URL Reputation: safe
                                                                                                                  		unknown
                                                                                                                  https://identity.mozilla.com/ids/ecosystem_telemetryUfirefox.exe, 0000001D.00000003.2340150859.0000019B013F0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://addons.mozilla.org/en-US/firefox/collections/4757633/25c2b44583534b3fa8fea977c419cd/?page=1&firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2124057275.0000019AF56CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      http://mozilla.org/#/properties/quickSuggestBlockingEnabledFirefoxRelay.sys.mjsfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        http://mozilla.org/#/properties/richSuggestionsFeatureGatefirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://www.google.com/policies/privacy/mozIGeckoMediaPluginChromeServicefirefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            http://mozilla.org/&firefox.exe, 0000001D.00000002.2412138936.00000154DBF00000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEMfirefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://xhr.spec.whatwg.org/#sync-warningfirefox.exe, 0000001D.00000002.2731273262.0000019AFDD68000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  http://mozilla.org/#/properties/branchesfirefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://www.google.com/search?client=firefox-b-d&q=mr2022-background-update-toast-primary-button-labfirefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://www.amazon.com/exec/obidos/external-search/firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2578892081.0000019AF4C58000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        http://mozilla.org/#/properties/userFacingNamefirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://profiler.firefox.com/firefox.exe, 0000001D.00000002.2497453112.0000019AF1B6C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            http://mozilla.org/#/properties/featureIds/itemsfirefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              http://mozilla.org/#/properties/quickSuggestSponsoredEnabledfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                http://mozilla.org/#/properties/cbhStudyRowfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://github.com/mozilla-services/screenshotsfirefox.exe, 0000001D.00000002.2672729793.0000019AFB700000.00000002.08000000.00040000.00000000.sdmp, firefox.exe, 0000001D.00000003.1912689461.0000019AF0D05000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.1911270889.0000019AF0B00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureRequestfirefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/switching-devices?utm_source=panel-deffirefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2132125107.0000019B01394000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://tracking-protection-issues.herokuapp.com/newfirefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                        • URL Reputation: safe
                                                                                                                                                        		unknown
                                                                                                                                                        http://mozilla.org/#/properties/branches/anyOf/1firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          http://mozilla.org/#/properties/branches/anyOf/0firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            http://mozilla.org/#/properties/quickSuggestImpressionCapsNonSponsoredEnabledhttp://mozilla.org/#/prfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              http://mozilla.org/#/properties/referenceBranchfirefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                http://mozilla.org/#/properties/quickSuggestEnabledresource://autofill/FormAutofillStorageBase.sys.mfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  http://mozilla.org/#/properties/extraParamsfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    http://mozilla.org/#/properties/branches/anyOf/2firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      http://ipbase.comlPots.exe, 00000005.00000002.1137260907.0000000003C2B000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1898940608.0000000003D82000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2027317495.00000000037ED000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                      		unknown
                                                                                                                                                                      https://www.google.com/search?client=firefox-b-d&q=Failedfirefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        http://mozilla.org/#/properties/outcomes/itemsfirefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          http://mozilla.org/#/properties/quickSuggestSponsoredIndexfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=htfirefox.exe, 0000001D.00000003.2145780093.0000019AFDBCE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              http://mozilla.org/#/properties/pagesHalfLifeDaysopaque-response-blocking-orb-staged-release-rolloutfirefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-reportfirefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  http://exslt.org/commonfirefox.exe, 0000001D.00000002.2434431685.0000019AEEE8A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  • URL Reputation: safe
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  https://ok.ru/firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsThefirefox.exe, 0000001D.00000002.2631398595.0000019AF5710000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullScfirefox.exe, 0000001D.00000003.2333772914.0000019B021B5000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          http://exslt.org/dates-and-timesfirefox.exe, 0000001D.00000002.2434431685.0000019AEEE81000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          • URL Reputation: safe
                                                                                                                                                                                          		unknown
                                                                                                                                                                                          http://mozilla.org/#/properties/csvImportfirefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            http://mozilla.org/#/properties/quickSuggestAllowPositionInSuggestionsfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              http://mozilla.org/#/properties/branches/anyOf/0/items/properties/featurefirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                http://win.mail.ru/cgi-bin/sentmsg?mailto=%sfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://www.ecosia.org/newtab/Pots.exe, 00000005.00000002.1140620294.0000000004C0C000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000019.00000002.1909292706.0000000004D7E000.00000004.00000800.00020000.00000000.sdmp, Pots.exe, 00000027.00000002.2039629870.000000000474D000.00000004.00000800.00020000.00000000.sdmp, tmp51ED.tmp.dat.5.dr, tmp7C34.tmp.dat.25.dr, tmp7C04.tmp.dat.25.dr, tmp51AD.tmp.dat.5.dr, tmpABD0.tmp.dat.39.dr, tmpAAF3.tmp.dat.39.drfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://gpuweb.github.io/gpuweb//shims/adsafeprotected-ima.jsextension/webcompatfirefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    https://MD8.mozilla.org/1/mfirefox.exe, 0000001D.00000003.2124057275.0000019AF56D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      http://mozilla.org/#/properties/enabledfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://www.bbc.co.uk/firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2014448009.0000019B012B1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                        http://mozilla.org/#/properties/quickSuggestImpressionCapsSponsoredEnabledfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://addons.mozilla.org/firefox/addon/to-google-translate/firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000003.2145780093.0000019AFDBCE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=firefox.exe, 00000028.00000002.2380872239.0000024E82CC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152firefox.exe, 0000001D.00000003.2236534325.0000019AF0CC9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              • URL Reputation: safe
                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                              https://bugzilla.mofirefox.exe, 0000001D.00000002.2746538729.0000019B00D03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              • URL Reputation: safe
                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                              https://mitmdetection.services.mozilla.com/firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                http://mozilla.org/#/properties/originsDaysCutOffhttp://mozilla.org/#/properties/pagesAlternativeEnafirefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://static.adsafeprotected.com/firefox-etp-jsfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F10000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF8AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2702153739.0000019AFD725000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2549932705.0000019AF42C9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://shavar.services.mozilla.com/firefox.exe, 0000001D.00000002.2490050070.0000019AF0E6B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://services.addons.mozilla.org/api/v4/addons/addonUnablefirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://spocs.getpocket.com/firefox.exe, 0000001D.00000002.2735284189.0000019AFE330000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000021.00000002.2378099312.000002549C912000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000028.00000002.2380872239.0000024E82C13000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          https://services.addons.mozilla.org/api/v4/abuse/report/addon/firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%firefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-ffirefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                https://www.google.com/search?client=firefox-b-d&q=Microsoftfirefox.exe, 0000001D.00000002.2591729623.0000019AF4FE4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  https://www.iqiyi.com/firefox.exe, 0000001D.00000003.2016493714.0000019B011DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2616218636.0000019AF54B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF8DC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features/items/properties/featureIfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      http://mozilla.org/#/properties/endDatefirefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF803000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        http://mozilla.org/#/additionalPropertieshttps://www.google.com/search?client=firefox-b-d&q=8dd08661firefox.exe, 0000001D.00000002.2591729623.0000019AF4FCF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                                          http://mozilla.org/#/properties/addonsFeatureGatefirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                                            https://monitor.firefox.com/user/breach-stats?includeResolved=truefirefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                                              https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-reportfirefox.exe, 00000028.00000002.2375507674.0000024E82A40000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                                https://poczta.interia.pl/mh/?mailto=%spdfjs.previousHandler.preferredActionpdfjs.previousHandler.alfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                                  http://mozilla.org/#/properties/addonsShowLessFrequentlyCapfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                                    http://mozilla.org/#/properties/autoFillAdaptiveHistoryEnabledfirefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2591729623.0000019AF4FC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                                      https://bugzilla.mozilla.org/show_bug.cgi?id=1584464firefox.exe, 0000001D.00000003.2103483332.0000019AFD65E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000001D.00000002.2456510741.0000019AEF872000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                                        http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features/itemshttp://mozilla.org/#firefox.exe, 0000001D.00000002.2591729623.0000019AF4F1B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                          		high

                                                                                                                                                                                                                                                          World Map of Contacted IPs

                                                                                                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                          • 75% < No. of IPs

                                                                                                                                                                                                                                                          Public IPs

                                                                                                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                          34.149.100.209
                                                                                                                                                                                                                                                          		prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                          		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                          34.107.221.82
                                                                                                                                                                                                                                                          		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                          35.244.181.201
                                                                                                                                                                                                                                                          		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                          34.117.188.166
                                                                                                                                                                                                                                                          		contile.services.mozilla.comUnited States
                                                                                                                                                                                                                                                          		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                                          239.255.255.250
                                                                                                                                                                                                                                                          		unknownReserved
                                                                                                                                                                                                                                                          		unknownunknownfalse
                                                                                                                                                                                                                                                          104.21.85.189
                                                                                                                                                                                                                                                          		ipbase.comUnited States
                                                                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                          104.21.73.97
                                                                                                                                                                                                                                                          		freegeoip.appUnited States
                                                                                                                                                                                                                                                          		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                                                                          34.160.144.191
                                                                                                                                                                                                                                                          		prod.content-signature-chains.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                          		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                          142.251.35.164
                                                                                                                                                                                                                                                          		www.google.comUnited States
                                                                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                          34.120.208.123
                                                                                                                                                                                                                                                          		telemetry-incoming.r53-2.services.mozilla.comUnited States
                                                                                                                                                                                                                                                          		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                          Private

                                                                                                                                                                                                                                                          IP
                                                                                                                                                                                                                                                          192.168.2.16
                                                                                                                                                                                                                                                          127.0.0.1

                                                                                                                                                                                                                                                          General Information

                                                                                                                                                                                                                                                          Joe Sandbox version:40.0.0 Tourmaline
                                                                                                                                                                                                                                                          Analysis ID:1435509
                                                                                                                                                                                                                                                          Start date and time:2024-05-02 20:27:02 +02:00
                                                                                                                                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                          Overall analysis duration:0h 9m 2s
                                                                                                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                          Report type:full
                                                                                                                                                                                                                                                          Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                                                                                                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                          Number of analysed new started processes analysed:40
                                                                                                                                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                                                                                                          Number of injected processes analysed:1
                                                                                                                                                                                                                                                          Technologies:
                                                                                                                                                                                                                                                          • HCA enabled
                                                                                                                                                                                                                                                          • EGA enabled
                                                                                                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                                                                                                          Sample name:Pots.exe
                                                                                                                                                                                                                                                          Detection:MAL
                                                                                                                                                                                                                                                          Classification:mal100.troj.spyw.evad.winEXE@60/54@46/12
                                                                                                                                                                                                                                                          EGA Information:
                                                                                                                                                                                                                                                          • Successful, ratio: 50%
                                                                                                                                                                                                                                                          HCA Information:
                                                                                                                                                                                                                                                          • Successful, ratio: 81%
                                                                                                                                                                                                                                                          • Number of executed functions: 196
                                                                                                                                                                                                                                                          • Number of non-executed functions: 5
                                                                                                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                                                                                                          • Found application associated with file extension: .exe

                                                                                                                                                                                                                                                          Warnings

                                                                                                                                                                                                                                                          • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, consent.exe, SIHClient.exe, SgrmBroker.exe, MoUsoCoreWorker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                                                                          • Excluded IPs from analysis (whitelisted): 142.250.64.99, 142.251.40.238, 172.253.122.84, 34.104.35.123, 52.24.210.222, 44.242.34.204, 44.238.144.40, 44.239.14.124, 35.164.250.149, 44.233.67.78, 34.107.243.93, 172.217.165.131
                                                                                                                                                                                                                                                          • Excluded domains from analysis (whitelisted): fs.microsoft.com, mcr-ring.msedge.net, shavar.prod.mozaws.net, l-ring.msedge.net, accounts.google.com, autopush.prod.mozaws.net, slscr.update.microsoft.com, static-ecst.licdn.com, incoming.telemetry.mozilla.org, clientservices.googleapis.com, detectportal.prod.mozaws.net, aus5.mozilla.org, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, locprod2-elb-us-west-2.prod.mozaws.net, update.googleapis.com, clients.l.google.com, location.services.mozilla.com
                                                                                                                                                                                                                                                          • Execution Graph export aborted for target Pots.exe, PID 5916 because it is empty
                                                                                                                                                                                                                                                          • Execution Graph export aborted for target firefox.exe, PID 3224 because it is empty
                                                                                                                                                                                                                                                          • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                          • Report size getting too big, too many NtReadVirtualMemory calls found.
                                                                                                                                                                                                                                                          • VT rate limit hit for: Pots.exe

                                                                                                                                                                                                                                                          Simulations

                                                                                                                                                                                                                                                          Behavior and APIs

                                                                                                                                                                                                                                                          TimeTypeDescription
                                                                                                                                                                                                                                                          20:27:30API Interceptor32x Sleep call for process: Pots.exe modified
                                                                                                                                                                                                                                                          20:29:27API Interceptor1x Sleep call for process: firefox.exe modified

                                                                                                                                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                                                                                                                                          IPs

                                                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                          34.117.188.166YLOmSlXOdiGet hashmaliciousGhostRatBrowse
                                                                                                                                                                                                                                                            https://tibusiness.cl/css/causarol.rarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                              nagateliteqfUK.exeGet hashmaliciousAZORult++Browse
                                                                                                                                                                                                                                                                Cheater Pro 1.6.0.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  Cheat Lab 2.7.2.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                    Evernote.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                      VLJWG-Y3VJN-21LNUV2-AHEB0VE.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                        https://mega.nz/file/1uN3EaxZ#CUbFeX5nzgfkR0qb6Ucg8nGbIFqE9cmqjhfatbJqPpkGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                          vm.dllGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                                                                                                                            W2_AND_1095_PDF.jarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                              239.255.255.250https://stay.linestoget.com/scripts/get.js?ver=4.2.1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                https://community.dailisi.com/?FO5Oec=sku_number_=567pqr&gn=4*tywizt*_gd*Pn3Pb8RGL5Om.*gd_0GPMOJ53S1*ZGJhdGVtYW5AaGlsY29ycC5jb20Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                  https://eu2.contabostorage.com/623730bdf84d4c8c8cca3738d92e65c2:sco/hunj.html#elections@edmonton.caGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                    https://pot.soundestlink.com/ce/c/6632d4bee95a733e5b11f90c/6633b37140500191ff330217/6633b38e7f943a5ca8ce50d8?signature=25a053a508ed47c3826573725f992cb49ebb8278adb544aaccefb76e35c21e1dGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                      GLAS_DeploymentMatrix_Full_26694_20240502_075604.xlsmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        https://sb2cfqkcapjdtal.com/Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                          https://jhantmanturquoisemountaincom.msnd4.com/tracking/lc/d95da3e3-df10-4163-b4be-64d437a9dfaa/1098ed5d-1b9b-416f-b580-8b17cb830b97/a24f6496-e09a-dc58-3350-a3280e84bed8/Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                            GLAS_DeploymentMatrix_Full_26694_20240502_075604.xlsmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                              OneLaunch - EarthView3D_3o3f1.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                http://onedr1v3d0cum3nt.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                  104.21.85.189aurora-live-20240221.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                    dudick SystemDesk Important Crediential Notification 1.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                      64drop.exeGet hashmalicious44userber Stealer, Rags StealerBrowse
                                                                                                                                                                                                                                                                                                        123.scr.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                          RP.sfx.exeGet hashmalicious44userber Stealer, Rags StealerBrowse
                                                                                                                                                                                                                                                                                                            i6R4NsEd8t.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                              rvYr7FRwkG.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                case (426).xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  case (61).xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    34.149.100.209YLOmSlXOdiGet hashmaliciousGhostRatBrowse
                                                                                                                                                                                                                                                                                                                      http://94.156.79.129/x86_64Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        http://94.156.79.129/i686Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                          https://tibusiness.cl/css/causarol.rarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                            nagateliteqfUK.exeGet hashmaliciousAZORult++Browse
                                                                                                                                                                                                                                                                                                                              http://134.213.29.14:82/grep.x86_64Get hashmaliciousIPRoyal PawnsBrowse
                                                                                                                                                                                                                                                                                                                                Cheater Pro 1.6.0.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                  Cheat Lab 2.7.2.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                    http://GENERALIVITALITYERLEBEN.DEGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                      http://generali-siegburg.deGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                        104.21.73.9764drop.exeGet hashmalicious44userber Stealer, Rags StealerBrowse
                                                                                                                                                                                                                                                                                                                                          123.scr.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                            123.scr.exeGet hashmaliciousRags StealerBrowse
                                                                                                                                                                                                                                                                                                                                              i6R4NsEd8t.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                                                                bcAE21roAv.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                                                                  VegaStealer_v1.bin.exeGet hashmaliciousAdes Stealer, NitroStealerBrowse
                                                                                                                                                                                                                                                                                                                                                    SPYGAME.bin.exeGet hashmalicious44userber Stealer, Rags StealerBrowse
                                                                                                                                                                                                                                                                                                                                                      gjqYWrWZfb.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                                                                        UNKnyg3t3D.exeGet hashmaliciousSnake KeyloggerBrowse

                                                                                                                                                                                                                                                                                                                                                          Domains

                                                                                                                                                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                                          example.orgYLOmSlXOdiGet hashmaliciousGhostRatBrowse
                                                                                                                                                                                                                                                                                                                                                          • 93.184.215.14
                                                                                                                                                                                                                                                                                                                                                          https://tibusiness.cl/css/causarol.rarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 93.184.215.14
                                                                                                                                                                                                                                                                                                                                                          nagateliteqfUK.exeGet hashmaliciousAZORult++Browse
                                                                                                                                                                                                                                                                                                                                                          • 93.184.215.14
                                                                                                                                                                                                                                                                                                                                                          Cheater Pro 1.6.0.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 93.184.216.34
                                                                                                                                                                                                                                                                                                                                                          Cheat Lab 2.7.2.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 93.184.216.34
                                                                                                                                                                                                                                                                                                                                                          Evernote.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                                                                                          • 93.184.216.34
                                                                                                                                                                                                                                                                                                                                                          VLJWG-Y3VJN-21LNUV2-AHEB0VE.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 93.184.216.34
                                                                                                                                                                                                                                                                                                                                                          https://mega.nz/file/1uN3EaxZ#CUbFeX5nzgfkR0qb6Ucg8nGbIFqE9cmqjhfatbJqPpkGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 93.184.216.34
                                                                                                                                                                                                                                                                                                                                                          vm.dllGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                                                                                                                                                                                                          • 93.184.216.34
                                                                                                                                                                                                                                                                                                                                                          W2_AND_1095_PDF.jarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 93.184.216.34
                                                                                                                                                                                                                                                                                                                                                          star-mini.c10r.facebook.comJJXXAhUWC.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 31.13.66.35
                                                                                                                                                                                                                                                                                                                                                          https://www.canva.com/design/DAGD43Y65A0/6HVu_63FhXXJvEzUrBVTOA/view?utm_content=DAGD43Y65A0&utm_campaign=designshare&utm_medium=link&utm_source=editorGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 157.240.241.35
                                                                                                                                                                                                                                                                                                                                                          KpiLt01Slj.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 157.240.241.35
                                                                                                                                                                                                                                                                                                                                                          https://bigshed.beer/sustainability/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 157.240.241.35
                                                                                                                                                                                                                                                                                                                                                          https://www.postermywall.com/index.php/posterbuilder/view/2ce9c49c8ff31b813c516187dd74b5b6/0Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 157.240.241.35
                                                                                                                                                                                                                                                                                                                                                          https://herozheng.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 157.240.241.35
                                                                                                                                                                                                                                                                                                                                                          https://nthturn.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 31.13.71.36
                                                                                                                                                                                                                                                                                                                                                          https://juclouds.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 157.240.241.35
                                                                                                                                                                                                                                                                                                                                                          https://www.uhnrya.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 31.13.71.36
                                                                                                                                                                                                                                                                                                                                                          https://wywljs.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 31.13.71.36
                                                                                                                                                                                                                                                                                                                                                          ipbase.comqdHMT36Tn9.exeGet hashmalicious44userber Stealer, Njrat, Rags StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.209.71
                                                                                                                                                                                                                                                                                                                                                          64drop.exeGet hashmalicious44userber Stealer, Rags StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          123.scr.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          123.scr.exeGet hashmaliciousRags StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.209.71
                                                                                                                                                                                                                                                                                                                                                          123.scr.exeGet hashmaliciousRags StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.209.71
                                                                                                                                                                                                                                                                                                                                                          RP.sfx.exeGet hashmalicious44userber Stealer, Rags StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          i6R4NsEd8t.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          3vj5tYFb6a.exeGet hashmaliciousSnake Keylogger, zgRATBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.28.190
                                                                                                                                                                                                                                                                                                                                                          7nYkVlcnfx.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.147.81
                                                                                                                                                                                                                                                                                                                                                          bcAE21roAv.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.147.81

                                                                                                                                                                                                                                                                                                                                                          ASNs

                                                                                                                                                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                                          GOOGLE-AS-APGoogleAsiaPacificPteLtdSGvEaFCBsRb7.exeGet hashmaliciousRisePro StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.117.186.192
                                                                                                                                                                                                                                                                                                                                                          oO2wHSVFJM.exeGet hashmaliciousRisePro StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.117.186.192
                                                                                                                                                                                                                                                                                                                                                          https://www.opustrustweb.com/EmailTrackerAPI/open?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..62tVk07eUS1tgkfaDkQOqQ.nL-JZjGlYSBu9AibCOqK7-wJ7VXqjfoMrgeXwHgP6tLPx4s2jjofEWjZh794Ex5FiocFlK50_YxzembNjUsYkjIjaFyaIpNIDSPFE46cBlrxNy-t9VcCVcfKZphrojE0.AXzXZielor8D6px-r_wTOg&url=https://minicursodamariana.fun/nu/slceitil@emfa.ptGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.117.77.79
                                                                                                                                                                                                                                                                                                                                                          4yFaZU8fhT.exeGet hashmaliciousRisePro StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.117.186.192
                                                                                                                                                                                                                                                                                                                                                          RY5YJaMEWE.exeGet hashmaliciousRisePro StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.117.186.192
                                                                                                                                                                                                                                                                                                                                                          OUZXNOqKXg.exeGet hashmaliciousRisePro StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.117.186.192
                                                                                                                                                                                                                                                                                                                                                          0BzQNa8hYd.exeGet hashmaliciousRisePro StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.117.186.192
                                                                                                                                                                                                                                                                                                                                                          3CkMJ4UkNy.exeGet hashmaliciousRisePro StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.117.186.192
                                                                                                                                                                                                                                                                                                                                                          SecuriteInfo.com.Win32.PWSX-gen.8803.13656.exeGet hashmaliciousRisePro StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.117.186.192
                                                                                                                                                                                                                                                                                                                                                          https://herozheng.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.117.152.183
                                                                                                                                                                                                                                                                                                                                                          CLOUDFLARENETUSDeposit payment copy PDF.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.74.152
                                                                                                                                                                                                                                                                                                                                                          https://community.dailisi.com/?FO5Oec=sku_number_=567pqr&gn=4*tywizt*_gd*Pn3Pb8RGL5Om.*gd_0GPMOJ53S1*ZGJhdGVtYW5AaGlsY29ycC5jb20Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.145.185
                                                                                                                                                                                                                                                                                                                                                          https://pot.soundestlink.com/ce/c/6632d4bee95a733e5b11f90c/6633b37140500191ff330217/6633b38e7f943a5ca8ce50d8?signature=25a053a508ed47c3826573725f992cb49ebb8278adb544aaccefb76e35c21e1dGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.79.14
                                                                                                                                                                                                                                                                                                                                                          https://sb2cfqkcapjdtal.com/Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.17.2.184
                                                                                                                                                                                                                                                                                                                                                          https://jhantmanturquoisemountaincom.msnd4.com/tracking/lc/d95da3e3-df10-4163-b4be-64d437a9dfaa/1098ed5d-1b9b-416f-b580-8b17cb830b97/a24f6496-e09a-dc58-3350-a3280e84bed8/Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.129.30
                                                                                                                                                                                                                                                                                                                                                          OneLaunch - EarthView3D_3o3f1.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.18.23.62
                                                                                                                                                                                                                                                                                                                                                          http://onedr1v3d0cum3nt.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.159.161
                                                                                                                                                                                                                                                                                                                                                          vEaFCBsRb7.exeGet hashmaliciousRisePro StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.75.166
                                                                                                                                                                                                                                                                                                                                                          PO-USC-22USC-KonchoCo.exeGet hashmaliciousGuLoader, RemcosBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.45.139
                                                                                                                                                                                                                                                                                                                                                          https://www.jobserve.com/gb/en/Redirect/DirectoryUrl.jsrs?id=D678A952F7&L=https://freshpastacup.com/ximxi/MD5/BASE64EMAILGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.17.5
                                                                                                                                                                                                                                                                                                                                                          ATGS-MMD-ASUSJJXXAhUWC.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.36.216.150
                                                                                                                                                                                                                                                                                                                                                          01105751.vbsGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.174.122.2
                                                                                                                                                                                                                                                                                                                                                          https://www.opustrustweb.com/EmailTrackerAPI/open?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..62tVk07eUS1tgkfaDkQOqQ.nL-JZjGlYSBu9AibCOqK7-wJ7VXqjfoMrgeXwHgP6tLPx4s2jjofEWjZh794Ex5FiocFlK50_YxzembNjUsYkjIjaFyaIpNIDSPFE46cBlrxNy-t9VcCVcfKZphrojE0.AXzXZielor8D6px-r_wTOg&url=https://minicursodamariana.fun/nu/slceitil@emfa.ptGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.36.216.150
                                                                                                                                                                                                                                                                                                                                                          c8sDO7umrx.exeGet hashmaliciousCMSBruteBrowse
                                                                                                                                                                                                                                                                                                                                                          • 57.128.101.155
                                                                                                                                                                                                                                                                                                                                                          https://herozheng.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 57.180.119.211
                                                                                                                                                                                                                                                                                                                                                          aduLTc2Dny.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.24.22.186
                                                                                                                                                                                                                                                                                                                                                          saq4WWKA5B.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                                          • 57.255.10.217
                                                                                                                                                                                                                                                                                                                                                          hCwh5R02fs.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                                          • 57.146.140.194
                                                                                                                                                                                                                                                                                                                                                          p67UidesWn.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                                          • 57.244.211.119
                                                                                                                                                                                                                                                                                                                                                          https://xdywna.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 57.180.70.0
                                                                                                                                                                                                                                                                                                                                                          ATGS-MMD-ASUSJJXXAhUWC.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.36.216.150
                                                                                                                                                                                                                                                                                                                                                          01105751.vbsGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.174.122.2
                                                                                                                                                                                                                                                                                                                                                          https://www.opustrustweb.com/EmailTrackerAPI/open?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..62tVk07eUS1tgkfaDkQOqQ.nL-JZjGlYSBu9AibCOqK7-wJ7VXqjfoMrgeXwHgP6tLPx4s2jjofEWjZh794Ex5FiocFlK50_YxzembNjUsYkjIjaFyaIpNIDSPFE46cBlrxNy-t9VcCVcfKZphrojE0.AXzXZielor8D6px-r_wTOg&url=https://minicursodamariana.fun/nu/slceitil@emfa.ptGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.36.216.150
                                                                                                                                                                                                                                                                                                                                                          c8sDO7umrx.exeGet hashmaliciousCMSBruteBrowse
                                                                                                                                                                                                                                                                                                                                                          • 57.128.101.155
                                                                                                                                                                                                                                                                                                                                                          https://herozheng.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 57.180.119.211
                                                                                                                                                                                                                                                                                                                                                          aduLTc2Dny.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                                          • 34.24.22.186
                                                                                                                                                                                                                                                                                                                                                          saq4WWKA5B.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                                          • 57.255.10.217
                                                                                                                                                                                                                                                                                                                                                          hCwh5R02fs.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                                          • 57.146.140.194
                                                                                                                                                                                                                                                                                                                                                          p67UidesWn.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                                                                          • 57.244.211.119
                                                                                                                                                                                                                                                                                                                                                          https://xdywna.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 57.180.70.0
                                                                                                                                                                                                                                                                                                                                                          CLOUDFLARENETUSDeposit payment copy PDF.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.74.152
                                                                                                                                                                                                                                                                                                                                                          https://community.dailisi.com/?FO5Oec=sku_number_=567pqr&gn=4*tywizt*_gd*Pn3Pb8RGL5Om.*gd_0GPMOJ53S1*ZGJhdGVtYW5AaGlsY29ycC5jb20Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.145.185
                                                                                                                                                                                                                                                                                                                                                          https://pot.soundestlink.com/ce/c/6632d4bee95a733e5b11f90c/6633b37140500191ff330217/6633b38e7f943a5ca8ce50d8?signature=25a053a508ed47c3826573725f992cb49ebb8278adb544aaccefb76e35c21e1dGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.79.14
                                                                                                                                                                                                                                                                                                                                                          https://sb2cfqkcapjdtal.com/Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.17.2.184
                                                                                                                                                                                                                                                                                                                                                          https://jhantmanturquoisemountaincom.msnd4.com/tracking/lc/d95da3e3-df10-4163-b4be-64d437a9dfaa/1098ed5d-1b9b-416f-b580-8b17cb830b97/a24f6496-e09a-dc58-3350-a3280e84bed8/Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.129.30
                                                                                                                                                                                                                                                                                                                                                          OneLaunch - EarthView3D_3o3f1.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.18.23.62
                                                                                                                                                                                                                                                                                                                                                          http://onedr1v3d0cum3nt.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.159.161
                                                                                                                                                                                                                                                                                                                                                          vEaFCBsRb7.exeGet hashmaliciousRisePro StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 172.67.75.166
                                                                                                                                                                                                                                                                                                                                                          PO-USC-22USC-KonchoCo.exeGet hashmaliciousGuLoader, RemcosBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.45.139
                                                                                                                                                                                                                                                                                                                                                          https://www.jobserve.com/gb/en/Redirect/DirectoryUrl.jsrs?id=D678A952F7&L=https://freshpastacup.com/ximxi/MD5/BASE64EMAILGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.17.5

                                                                                                                                                                                                                                                                                                                                                          JA3 Fingerprints

                                                                                                                                                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                                                          28a2c9bd18a11de089ef85a160da29e4https://community.dailisi.com/?FO5Oec=sku_number_=567pqr&gn=4*tywizt*_gd*Pn3Pb8RGL5Om.*gd_0GPMOJ53S1*ZGJhdGVtYW5AaGlsY29ycC5jb20Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 13.85.23.86
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          • 13.107.42.254
                                                                                                                                                                                                                                                                                                                                                          • 51.104.15.253
                                                                                                                                                                                                                                                                                                                                                          • 40.126.24.84
                                                                                                                                                                                                                                                                                                                                                          • 23.1.33.206
                                                                                                                                                                                                                                                                                                                                                          • 23.51.58.94
                                                                                                                                                                                                                                                                                                                                                          • 152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          https://eu2.contabostorage.com/623730bdf84d4c8c8cca3738d92e65c2:sco/hunj.html#elections@edmonton.caGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 13.85.23.86
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          • 13.107.42.254
                                                                                                                                                                                                                                                                                                                                                          • 51.104.15.253
                                                                                                                                                                                                                                                                                                                                                          • 40.126.24.84
                                                                                                                                                                                                                                                                                                                                                          • 23.1.33.206
                                                                                                                                                                                                                                                                                                                                                          • 23.51.58.94
                                                                                                                                                                                                                                                                                                                                                          • 152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          https://pot.soundestlink.com/ce/c/6632d4bee95a733e5b11f90c/6633b37140500191ff330217/6633b38e7f943a5ca8ce50d8?signature=25a053a508ed47c3826573725f992cb49ebb8278adb544aaccefb76e35c21e1dGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 13.85.23.86
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          • 13.107.42.254
                                                                                                                                                                                                                                                                                                                                                          • 51.104.15.253
                                                                                                                                                                                                                                                                                                                                                          • 40.126.24.84
                                                                                                                                                                                                                                                                                                                                                          • 23.1.33.206
                                                                                                                                                                                                                                                                                                                                                          • 23.51.58.94
                                                                                                                                                                                                                                                                                                                                                          • 152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          GLAS_DeploymentMatrix_Full_26694_20240502_075604.xlsmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 13.85.23.86
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          • 13.107.42.254
                                                                                                                                                                                                                                                                                                                                                          • 51.104.15.253
                                                                                                                                                                                                                                                                                                                                                          • 40.126.24.84
                                                                                                                                                                                                                                                                                                                                                          • 23.1.33.206
                                                                                                                                                                                                                                                                                                                                                          • 23.51.58.94
                                                                                                                                                                                                                                                                                                                                                          • 152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          https://sb2cfqkcapjdtal.com/Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 13.85.23.86
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          • 13.107.42.254
                                                                                                                                                                                                                                                                                                                                                          • 51.104.15.253
                                                                                                                                                                                                                                                                                                                                                          • 40.126.24.84
                                                                                                                                                                                                                                                                                                                                                          • 23.1.33.206
                                                                                                                                                                                                                                                                                                                                                          • 23.51.58.94
                                                                                                                                                                                                                                                                                                                                                          • 152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          GLAS_DeploymentMatrix_Full_26694_20240502_075604.xlsmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 13.85.23.86
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          • 13.107.42.254
                                                                                                                                                                                                                                                                                                                                                          • 51.104.15.253
                                                                                                                                                                                                                                                                                                                                                          • 40.126.24.84
                                                                                                                                                                                                                                                                                                                                                          • 23.1.33.206
                                                                                                                                                                                                                                                                                                                                                          • 23.51.58.94
                                                                                                                                                                                                                                                                                                                                                          • 152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          http://onedr1v3d0cum3nt.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 13.85.23.86
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          • 13.107.42.254
                                                                                                                                                                                                                                                                                                                                                          • 51.104.15.253
                                                                                                                                                                                                                                                                                                                                                          • 40.126.24.84
                                                                                                                                                                                                                                                                                                                                                          • 23.1.33.206
                                                                                                                                                                                                                                                                                                                                                          • 23.51.58.94
                                                                                                                                                                                                                                                                                                                                                          • 152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          https://whisenhantlaw.com/cold-war/po-box-790447-st-louis-63179Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 13.85.23.86
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          • 13.107.42.254
                                                                                                                                                                                                                                                                                                                                                          • 51.104.15.253
                                                                                                                                                                                                                                                                                                                                                          • 40.126.24.84
                                                                                                                                                                                                                                                                                                                                                          • 23.1.33.206
                                                                                                                                                                                                                                                                                                                                                          • 23.51.58.94
                                                                                                                                                                                                                                                                                                                                                          • 152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          https://hvacsales-my.sharepoint.com/:b:/g/personal/terrys_skhvac_com/Ed2mI-fixR5LrUPxIxDr6qAB7iKCrLCw56yxiOwpmNBLew?e=tFtMOt&d=DwMFAgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 13.85.23.86
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          • 13.107.42.254
                                                                                                                                                                                                                                                                                                                                                          • 51.104.15.253
                                                                                                                                                                                                                                                                                                                                                          • 40.126.24.84
                                                                                                                                                                                                                                                                                                                                                          • 23.1.33.206
                                                                                                                                                                                                                                                                                                                                                          • 23.51.58.94
                                                                                                                                                                                                                                                                                                                                                          • 152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          http://langke.line.pmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 13.85.23.86
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          • 204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          • 13.107.42.254
                                                                                                                                                                                                                                                                                                                                                          • 51.104.15.253
                                                                                                                                                                                                                                                                                                                                                          • 40.126.24.84
                                                                                                                                                                                                                                                                                                                                                          • 23.1.33.206
                                                                                                                                                                                                                                                                                                                                                          • 23.51.58.94
                                                                                                                                                                                                                                                                                                                                                          • 152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          3b5074b1b5d032e5620f69f9f700ff0eDeposit payment copy PDF.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          • 104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          Advice Ref A231k6Q1L2GQ.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          • 104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          DHL0000879654982647865424.vbsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          • 104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          https://gamma.app/docs/Untitled-9umekc4egyknsobGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          • 104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          NOA.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          • 104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          undelivered Messages - Copie.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          • 104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          ENQUIRY_debloat.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          • 104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          Approved E-DO PDF.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          • 104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          Order No Q240419617006.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          • 104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          Purchase Order05022024.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                                                                                                                                                                                                                                                                                                          • 104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          • 104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          fb0aa01abe9d8e4037eb3473ca6e2dcaYLOmSlXOdiGet hashmaliciousGhostRatBrowse
                                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                                          nagateliteqfUK.exeGet hashmaliciousAZORult++Browse
                                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                                          Cheater Pro 1.6.0.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                                          Cheat Lab 2.7.2.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                                          Evernote.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                                          VLJWG-Y3VJN-21LNUV2-AHEB0VE.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                                          https://mega.nz/file/1uN3EaxZ#CUbFeX5nzgfkR0qb6Ucg8nGbIFqE9cmqjhfatbJqPpkGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                                          vm.dllGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                                          W2_AND_1095_PDF.jarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123
                                                                                                                                                                                                                                                                                                                                                          UpdaterTag.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                                          • 35.244.181.201
                                                                                                                                                                                                                                                                                                                                                          • 34.149.100.209
                                                                                                                                                                                                                                                                                                                                                          • 34.160.144.191
                                                                                                                                                                                                                                                                                                                                                          • 34.120.208.123

                                                                                                                                                                                                                                                                                                                                                          Dropped Files

                                                                                                                                                                                                                                                                                                                                                          No context

                                                                                                                                                                                                                                                                                                                                                          Created / dropped Files

                                                                                                                                                                                                                                                                                                                                                          C:\1.bat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):38
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.0632025132158525
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:3:mKDDjAwgdJFIVWhn:hngTyVWhn
                                                                                                                                                                                                                                                                                                                                                          MD5:B05D37462349D4ED35CF40D80B24C7F3
                                                                                                                                                                                                                                                                                                                                                          SHA1:599F8B2214B4EEAD60FCC376D473DCDCEA796868
                                                                                                                                                                                                                                                                                                                                                          SHA-256:C401A9591ABCB04F76917B4677F44E91251311941047A3DE35F9349088D02B11
                                                                                                                                                                                                                                                                                                                                                          SHA-512:49936A09AAC7A670099B0059BC22432F1BBFCE9420D2C5C7E4261CD71BDDFD4E05E6731768584DC75A949240CDDA652A6CC864EC5A55B901A3230D6107FCB888
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:@echo off....start Pots.sfx.exe -psoup

                                                                                                                                                                                                                                                                                                                                                          C:\Pots.exe

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.sfx.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):1227264
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.984515126930789
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:24576:qtmv1hVaLbh1d3O+/Jt/knb/ILxZC8cihUMeHstsYlcCVEskx:qkKbhrF/kbwxZbcYUMCIR7
                                                                                                                                                                                                                                                                                                                                                          MD5:510C435E8560F65226D0DA24A98E235F
                                                                                                                                                                                                                                                                                                                                                          SHA1:BC479C0EF827778BCD338AB29A6D620C994B8E04
                                                                                                                                                                                                                                                                                                                                                          SHA-256:CB015920A4FE0CACD944796DD2CA2CE74AD0276888CF575ADDBFE2510282CCD8
                                                                                                                                                                                                                                                                                                                                                          SHA-512:6795ED12B70B31AD5E959B9CCEFC591B56F6B610F03C10DB9803C040ADB032FE15510F8CDE7050BB6B49B0C4EA6D447F33F93A8EAEA8B0F54591CAADAD5AF639
                                                                                                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                                                                          • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                                                                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 83%
                                                                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L................."......@............... ...`....@.. ........................;...........`................................. .,...............................,..............................................................................................@... ......................@............ ...`......................@............ ..........................@....rsrc.... ..........................@.............(.........................@...xyilaaaa.@....,..6..................@.............................................;.w.6.....%.........................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Pots.sfx.exe

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):1544374
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.890020145671359
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:24576:+TbBv5rUlItufq5soQAdhyUDsHD34f4GOH4dCf4n933ohy4KiO5xHoOPshWa:ABRtuC5so4VHLEjFdt33yXwxHoOPY
                                                                                                                                                                                                                                                                                                                                                          MD5:900F750190EB52AC327BA0739014AD81
                                                                                                                                                                                                                                                                                                                                                          SHA1:09695178A563CEB11B54457E6F92D00B5D69B94E
                                                                                                                                                                                                                                                                                                                                                          SHA-256:73A2AB54777C7D94C91FC84AE7D641BD17D38BC4C2BBBE5A581A042E386CA62A
                                                                                                                                                                                                                                                                                                                                                          SHA-512:51A4B4BA80058AD8E07A2101C4424035EE0930E3CAA3878EA004B5BE7F8640473A147465DB255B389CB2383C87DB51C5E355D128F88F74C051DAA5171DD58D2E
                                                                                                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 25%
                                                                                                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......x_c.<>..<>..<>......1>.......>......$>...I.>>...I../>...I..+>...I...>..5F..7>..5F..;>..<>..)?...I...>...I..=>...I.=>...I..=>..Rich<>..........PE..L..... b............................0........0....@..........................`............@.........................p...4.......P....@..P....................0..<#......T............................U..@............0..x....... ....................text............................... ..`.rdata.......0....... ..............@..@.data... G..........................@....didat.......0......................@....rsrc...P....@......................@..@.reloc..<#...0...$..................@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\ProgramData\44\Browsers\Firefox\Bookmarks.txt

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):210
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8863455911790052
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:3:RGtjybXLGSWK+ZjMGvRS3ZMz9GSOLj2SjyRE2qIGS3ybXLGSWK+ZjMGvRS3ZMz9k:hvWF7Ipg9OL2RE25kvWF7Ipg9OL2RE2m
                                                                                                                                                                                                                                                                                                                                                          MD5:1267F4BE35FBE5510886CF08DDEE9FDD
                                                                                                                                                                                                                                                                                                                                                          SHA1:04E714A1C8A9D76E860C7CBBE7EBF62C71DEA6B9
                                                                                                                                                                                                                                                                                                                                                          SHA-256:AB038447ADBFD1FAF46F0D3BF6DC387621DC8435AB552696EC8D9BBE7A6A9AB3
                                                                                                                                                                                                                                                                                                                                                          SHA-512:6F1BC0AD9EB850F37CDDC2422E738F0CBBFE8A7A7E064C0C989CAFBF0F7D5AE5BDFCED4B3F93952688DE3BFA338FF5A8C7258AFF8397CDACCB36B23B5D16686B
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:### Get Help ###.### Customize Firefox ###.### Get Involved ###.### About Us ###.### Getting Started ###.### Get Help ###.### Customize Firefox ###.### Get Involved ###.### About Us ###.### Getting Started ###.

                                                                                                                                                                                                                                                                                                                                                          C:\ProgramData\44\Information.txt

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):594
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.9810278254043805
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:6:pYcCFWl4BjJJ4YVISwSTeeCXu1Y1Zu0Gh+3uDFk7VXkLA67X:pYzd1gSTeXC4V2In7VXCA6r
                                                                                                                                                                                                                                                                                                                                                          MD5:E553913F87F62CB7197012421428C7F0
                                                                                                                                                                                                                                                                                                                                                          SHA1:69F87827412DADAB72A26C53D288D3FB7882C7C3
                                                                                                                                                                                                                                                                                                                                                          SHA-256:7E4B229105D19219BC43C6768FD6ACBCDE0E776AFF146CA516D71DB530EE8FCE
                                                                                                                                                                                                                                                                                                                                                          SHA-512:57D9041B36C0B33CDA454D9AF91B2ABBC03A8F3FD39F56DE527AC5C63ABD739AEC3F468A4E4FEB213D2BBD6A6168458AFD1D2F60C3A76F89500BC4456852B221
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview: ==================================================. Operating system: Windows 10 Pro (64 Bit). PC user: 928100/user. ClipBoard: . Launch: C:\Pots.exe. ==================================================. Screen resolution: 1280x1024. Current time: 02/05/2024 21:58:54. HWID: 953ABCA4ED. ==================================================. CPU: Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz. RAM: 4094MB. GPU: 3ROL7KFV. ==================================================. IP Geolocation: Fail Fail. Log Date: 05/02/2024 8:28. BSSID: 00:50:56:a7:21:15. ==================================================

                                                                                                                                                                                                                                                                                                                                                          C:\ProgramData\44\Process.txt

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):3563
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.366866693159781
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:96:MyR4XbXS/Hptf5tDLMJcRqIyXzXlHC3VHtL:Mo3/Jtf5tDLtylk7
                                                                                                                                                                                                                                                                                                                                                          MD5:E87D9C3D22980060F593A215CB846B0F
                                                                                                                                                                                                                                                                                                                                                          SHA1:10156484CAF3C71520CD89DBFB69198110CAC1A0
                                                                                                                                                                                                                                                                                                                                                          SHA-256:4CED1F60AF22F0615C85A3A5E42914D61C0B5C97C0BAB2FC2EFD6A4F8B0C0253
                                                                                                                                                                                                                                                                                                                                                          SHA-512:F705AAB6A8B593D3FD3559252E76451B7F354A4DFBB90174CB1A03220734F64B4C541BE0A92AE3ADB736A4830B9206EA1E2442D96901A207FBEF3F80FD926FF1
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:NAME: WmiPrvSE..NAME: svchost..NAME: winlogon..NAME: svchost..NAME: svchost..NAME: dwm..NAME: svchost..NAME: RuntimeBroker..NAME: svchost..NAME: svchost..NAME: dllhost..NAME: WinStore.App..NAME: cscript..NAME: RuntimeBroker..NAME: smss..NAME: svchost..NAME: svchost..NAME: Pots..NAME: dllhost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: TextInputHost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: dllhost..NAME: svchost..NAME: svchost..NAME: spoolsv..NAME: conhost..NAME: Memory Compression..NAME: conhost..NAME: csrss..NAME: Registry..NAME: lsass..NAME: RuntimeBroker..NAME: svchost..NAME: svchost..NAME: svchost..NAME: StartMenuExperienceHost..NAME: ctfmon..NAME: svchost..NAME: RuntimeBroker..NAME: svchost..NAME: dllhost..NAME: wininit..NAME: svchost..NAME: svchost..NAME: SearchApp..NAME: backgroundTaskHost..NAME: svchost..NAME: svchost..NAME: s

                                                                                                                                                                                                                                                                                                                                                          C:\ProgramData\44\Screen.png

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:PNG image data, 1280 x 1024, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):48419
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.6295438135446645
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:768:gNs+R0ELJkJRTtPf+93tqs70vEZoLWg6WkrIYhg+Pdevj8Eha:gNKELJiRT9f+Hqs7KEuLXkkYhU8Eha
                                                                                                                                                                                                                                                                                                                                                          MD5:6F98433CC96B18F2E7C719891033D8F9
                                                                                                                                                                                                                                                                                                                                                          SHA1:CA5DDC32C5E1C41C1932643F7818FA53DDEF3930
                                                                                                                                                                                                                                                                                                                                                          SHA-256:2903F14A0AE776557D642111C3D674471422CB693C728C6461FD6770F794E332
                                                                                                                                                                                                                                                                                                                                                          SHA-512:A5DCD7E31145579E12B177394D56437389AA06724DC18F14E946B057E88FF2E0BA48FA71909B5BD804246EDEF1E6015C5DF9DC6F08ECA929BCE5961CF3BF6842
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:.PNG........IHDR................C....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^..wxd..{.....g..w...^{.^..=.N.;.5A9..4.2)Q.D.*.Q.%J.. Q.D...,1.n....M.s.....h.w.=..<(....-......>..*5.......:r.Hh..........C':x.....8p.....k.}.....{....'..[R......z..$I..X.....@u3.n...n...m..f^[.`.N.k...w...^.?.r<.K.]w...A".k..c..m..u..e..y.fI....x....x?....W.oJ.$IRYu..j....c.{D.f!i.M..[.l.;by.m..ZG....(..X.QF.u.....;.....b....^.k...>.lx.g..~.iI......S._..W....[...._....OI.$I......1.u..U...].u..4.....w....n.+...u.AY..f./....?.G%.A....O=.Tx.G..>.V.X....p.}..{.W.,...x?...x....x?...x....xD`..)I.$iyV..~.(X...C`.'......u..n..f^[.`..W...........L..kN.x......?.x1L........+....-..../...h..}T.$I...w.v..rO.j.l.'....7..8..W...:.U......X...'6......?.G"=.....'..w.%u.x....x.+G..}T.$I........[G.r.l...=a&#`u..4.N...;Vyg+......._u...._7.....6m.UW]u...^.:.\...?.x.$u.x....x.+_..z..$I......~..F..r.,....X..&....Du.....f..`..O6..;o.#.;t9..c_...q$X.~}X.n

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.4593089050301797
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:48:9SP0nUgwyZXYI65yFRX2D3GNTTfyn0Mk1iA:9SDKaIjo3UzyE1L
                                                                                                                                                                                                                                                                                                                                                          MD5:D910AD167F0217587501FDCDB33CC544
                                                                                                                                                                                                                                                                                                                                                          SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                                                                                                                                                                                                                                                                                                                          SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                                                                                                                                                                                                                                                                                                                          SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp519C.tmp.tmpdb

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):5242880
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.037864444196155034
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:58rJQaXoMXp0VW9FxWBYogWJNbHi3DL92S9HI:58r54w0VW3xWBYo3JFC3t/9
                                                                                                                                                                                                                                                                                                                                                          MD5:B612FC06C34BEEBCC6EA05BDE1DCC9F4
                                                                                                                                                                                                                                                                                                                                                          SHA1:1F08BDF75A2CBC40FD342A24D99A7075648C431D
                                                                                                                                                                                                                                                                                                                                                          SHA-256:79F8BB304FA31A232F0BDA8B07B9CB87C58EBF67085B88077C2C73554E31C2C2
                                                                                                                                                                                                                                                                                                                                                          SHA-512:7AB95F0AB92A5A518D1D5920E4F8E9CEEA55DD9B3FDE9B844D37558F1EDD83ADB58177B07E508DA0A211787BD2B8ABFCDA907E7FBB0C44B957292DC549C86B73
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp51AD.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):106496
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1371512776121733
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/x4:MnlyfnGtxnfVuSVumEHVZ4
                                                                                                                                                                                                                                                                                                                                                          MD5:46A8B7CD1CB434A5C8CE3CF3C7825DD9
                                                                                                                                                                                                                                                                                                                                                          SHA1:518804A81A13456A077723A4384FBD2E20EFD1BF
                                                                                                                                                                                                                                                                                                                                                          SHA-256:9E18C03AD835DCA2E633226FDA3D0DE1FA4B46D9AAAA80FCA6D79FF4EC296B76
                                                                                                                                                                                                                                                                                                                                                          SHA-512:86B5DFAAF334756E422847DD33DB7CC4CCE68A7C817F9523F0976F57357B0A1D156C53886F1BA99EEA9375FBF10E08246EE8EFB7CFAD7D092B888EE7F85F5BD7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp51CD.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):40960
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                                                                                                                                          MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                                                                                                                                          SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                                                                                                                                          SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                                                                                                                                          SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp51ED.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):106496
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1371512776121733
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/x4:MnlyfnGtxnfVuSVumEHVZ4
                                                                                                                                                                                                                                                                                                                                                          MD5:46A8B7CD1CB434A5C8CE3CF3C7825DD9
                                                                                                                                                                                                                                                                                                                                                          SHA1:518804A81A13456A077723A4384FBD2E20EFD1BF
                                                                                                                                                                                                                                                                                                                                                          SHA-256:9E18C03AD835DCA2E633226FDA3D0DE1FA4B46D9AAAA80FCA6D79FF4EC296B76
                                                                                                                                                                                                                                                                                                                                                          SHA-512:86B5DFAAF334756E422847DD33DB7CC4CCE68A7C817F9523F0976F57357B0A1D156C53886F1BA99EEA9375FBF10E08246EE8EFB7CFAD7D092B888EE7F85F5BD7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp521D.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1216922126537057
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:72qAdB9TbTbuDDsnxCkvSAE+WslKOMq+8MaQpY54tZ7YTrMD:72qOB1nxCkvSAELyKOMq+8mKQ0M
                                                                                                                                                                                                                                                                                                                                                          MD5:7F784E8E9051D8E70834C231AE5CC670
                                                                                                                                                                                                                                                                                                                                                          SHA1:FA92DDE2E8DD8599EA458CC8488123CB60AD0DC1
                                                                                                                                                                                                                                                                                                                                                          SHA-256:1CEE1D9084D2C05B68B40073E4E6FE380128B61988409D60A9F5CBFD7AE964F6
                                                                                                                                                                                                                                                                                                                                                          SHA-512:A054A1E0F3289F4CCD25F01A81C0B3471A2CA8243E76ADD24D105A4141FBC534D20CE913A796474FB17754AB3B87C56679B8962FB860060B23F467601043EEA7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp523D.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1216922126537057
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:72qAdB9TbTbuDDsnxCkvSAE+WslKOMq+8MaQpY54tZ7YTrMD:72qOB1nxCkvSAELyKOMq+8mKQ0M
                                                                                                                                                                                                                                                                                                                                                          MD5:7F784E8E9051D8E70834C231AE5CC670
                                                                                                                                                                                                                                                                                                                                                          SHA1:FA92DDE2E8DD8599EA458CC8488123CB60AD0DC1
                                                                                                                                                                                                                                                                                                                                                          SHA-256:1CEE1D9084D2C05B68B40073E4E6FE380128B61988409D60A9F5CBFD7AE964F6
                                                                                                                                                                                                                                                                                                                                                          SHA-512:A054A1E0F3289F4CCD25F01A81C0B3471A2CA8243E76ADD24D105A4141FBC534D20CE913A796474FB17754AB3B87C56679B8962FB860060B23F467601043EEA7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp523E.tmp.tmpdb

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):98304
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                                                                                                                                          MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                                                                                                                                          SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                                                                                                                                          SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                                                                                                                                          SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp524F.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):51200
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                                                                                                                                          MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                                                                                                                                          SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                                                                                                                                          SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                                                                                                                                          SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp7C03.tmp.tmpdb

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):5242880
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.037864444196155034
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:58rJQaXoMXp0VW9FxWBYogWJNbHi3DL92S9HI:58r54w0VW3xWBYo3JFC3t/9
                                                                                                                                                                                                                                                                                                                                                          MD5:B612FC06C34BEEBCC6EA05BDE1DCC9F4
                                                                                                                                                                                                                                                                                                                                                          SHA1:1F08BDF75A2CBC40FD342A24D99A7075648C431D
                                                                                                                                                                                                                                                                                                                                                          SHA-256:79F8BB304FA31A232F0BDA8B07B9CB87C58EBF67085B88077C2C73554E31C2C2
                                                                                                                                                                                                                                                                                                                                                          SHA-512:7AB95F0AB92A5A518D1D5920E4F8E9CEEA55DD9B3FDE9B844D37558F1EDD83ADB58177B07E508DA0A211787BD2B8ABFCDA907E7FBB0C44B957292DC549C86B73
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp7C04.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):106496
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1371512776121733
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/x4:MnlyfnGtxnfVuSVumEHVZ4
                                                                                                                                                                                                                                                                                                                                                          MD5:46A8B7CD1CB434A5C8CE3CF3C7825DD9
                                                                                                                                                                                                                                                                                                                                                          SHA1:518804A81A13456A077723A4384FBD2E20EFD1BF
                                                                                                                                                                                                                                                                                                                                                          SHA-256:9E18C03AD835DCA2E633226FDA3D0DE1FA4B46D9AAAA80FCA6D79FF4EC296B76
                                                                                                                                                                                                                                                                                                                                                          SHA-512:86B5DFAAF334756E422847DD33DB7CC4CCE68A7C817F9523F0976F57357B0A1D156C53886F1BA99EEA9375FBF10E08246EE8EFB7CFAD7D092B888EE7F85F5BD7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp7C24.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):40960
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                                                                                                                                          MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                                                                                                                                          SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                                                                                                                                          SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                                                                                                                                          SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp7C34.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):106496
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1371512776121733
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/x4:MnlyfnGtxnfVuSVumEHVZ4
                                                                                                                                                                                                                                                                                                                                                          MD5:46A8B7CD1CB434A5C8CE3CF3C7825DD9
                                                                                                                                                                                                                                                                                                                                                          SHA1:518804A81A13456A077723A4384FBD2E20EFD1BF
                                                                                                                                                                                                                                                                                                                                                          SHA-256:9E18C03AD835DCA2E633226FDA3D0DE1FA4B46D9AAAA80FCA6D79FF4EC296B76
                                                                                                                                                                                                                                                                                                                                                          SHA-512:86B5DFAAF334756E422847DD33DB7CC4CCE68A7C817F9523F0976F57357B0A1D156C53886F1BA99EEA9375FBF10E08246EE8EFB7CFAD7D092B888EE7F85F5BD7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp7C45.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1216922126537057
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:72qAdB9TbTbuDDsnxCkvSAE+WslKOMq+8MaQpY54tZ7YTrMD:72qOB1nxCkvSAELyKOMq+8mKQ0M
                                                                                                                                                                                                                                                                                                                                                          MD5:7F784E8E9051D8E70834C231AE5CC670
                                                                                                                                                                                                                                                                                                                                                          SHA1:FA92DDE2E8DD8599EA458CC8488123CB60AD0DC1
                                                                                                                                                                                                                                                                                                                                                          SHA-256:1CEE1D9084D2C05B68B40073E4E6FE380128B61988409D60A9F5CBFD7AE964F6
                                                                                                                                                                                                                                                                                                                                                          SHA-512:A054A1E0F3289F4CCD25F01A81C0B3471A2CA8243E76ADD24D105A4141FBC534D20CE913A796474FB17754AB3B87C56679B8962FB860060B23F467601043EEA7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp7C75.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1216922126537057
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:72qAdB9TbTbuDDsnxCkvSAE+WslKOMq+8MaQpY54tZ7YTrMD:72qOB1nxCkvSAELyKOMq+8mKQ0M
                                                                                                                                                                                                                                                                                                                                                          MD5:7F784E8E9051D8E70834C231AE5CC670
                                                                                                                                                                                                                                                                                                                                                          SHA1:FA92DDE2E8DD8599EA458CC8488123CB60AD0DC1
                                                                                                                                                                                                                                                                                                                                                          SHA-256:1CEE1D9084D2C05B68B40073E4E6FE380128B61988409D60A9F5CBFD7AE964F6
                                                                                                                                                                                                                                                                                                                                                          SHA-512:A054A1E0F3289F4CCD25F01A81C0B3471A2CA8243E76ADD24D105A4141FBC534D20CE913A796474FB17754AB3B87C56679B8962FB860060B23F467601043EEA7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp7C86.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):51200
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                                                                                                                                          MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                                                                                                                                          SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                                                                                                                                          SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                                                                                                                                          SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmp7C96.tmp.tmpdb

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):98304
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                                                                                                                                          MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                                                                                                                                          SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                                                                                                                                          SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                                                                                                                                          SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmpAAF2.tmp.tmpdb

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):5242880
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.037864444196155034
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:58rJQaXoMXp0VW9FxWBYogWJNbHi3DL92S9HI:58r54w0VW3xWBYo3JFC3t/9
                                                                                                                                                                                                                                                                                                                                                          MD5:B612FC06C34BEEBCC6EA05BDE1DCC9F4
                                                                                                                                                                                                                                                                                                                                                          SHA1:1F08BDF75A2CBC40FD342A24D99A7075648C431D
                                                                                                                                                                                                                                                                                                                                                          SHA-256:79F8BB304FA31A232F0BDA8B07B9CB87C58EBF67085B88077C2C73554E31C2C2
                                                                                                                                                                                                                                                                                                                                                          SHA-512:7AB95F0AB92A5A518D1D5920E4F8E9CEEA55DD9B3FDE9B844D37558F1EDD83ADB58177B07E508DA0A211787BD2B8ABFCDA907E7FBB0C44B957292DC549C86B73
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmpAAF3.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):106496
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1371512776121733
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/x4:MnlyfnGtxnfVuSVumEHVZ4
                                                                                                                                                                                                                                                                                                                                                          MD5:46A8B7CD1CB434A5C8CE3CF3C7825DD9
                                                                                                                                                                                                                                                                                                                                                          SHA1:518804A81A13456A077723A4384FBD2E20EFD1BF
                                                                                                                                                                                                                                                                                                                                                          SHA-256:9E18C03AD835DCA2E633226FDA3D0DE1FA4B46D9AAAA80FCA6D79FF4EC296B76
                                                                                                                                                                                                                                                                                                                                                          SHA-512:86B5DFAAF334756E422847DD33DB7CC4CCE68A7C817F9523F0976F57357B0A1D156C53886F1BA99EEA9375FBF10E08246EE8EFB7CFAD7D092B888EE7F85F5BD7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmpAB90.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):40960
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                                                                                                                                          MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                                                                                                                                          SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                                                                                                                                          SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                                                                                                                                          SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmpABD0.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):106496
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1371512776121733
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/x4:MnlyfnGtxnfVuSVumEHVZ4
                                                                                                                                                                                                                                                                                                                                                          MD5:46A8B7CD1CB434A5C8CE3CF3C7825DD9
                                                                                                                                                                                                                                                                                                                                                          SHA1:518804A81A13456A077723A4384FBD2E20EFD1BF
                                                                                                                                                                                                                                                                                                                                                          SHA-256:9E18C03AD835DCA2E633226FDA3D0DE1FA4B46D9AAAA80FCA6D79FF4EC296B76
                                                                                                                                                                                                                                                                                                                                                          SHA-512:86B5DFAAF334756E422847DD33DB7CC4CCE68A7C817F9523F0976F57357B0A1D156C53886F1BA99EEA9375FBF10E08246EE8EFB7CFAD7D092B888EE7F85F5BD7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmpAC6D.tmp.tmpdb

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):98304
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                                                                                                                                          MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                                                                                                                                          SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                                                                                                                                          SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                                                                                                                                          SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmpAC9D.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1216922126537057
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:72qAdB9TbTbuDDsnxCkvSAE+WslKOMq+8MaQpY54tZ7YTrMD:72qOB1nxCkvSAELyKOMq+8mKQ0M
                                                                                                                                                                                                                                                                                                                                                          MD5:7F784E8E9051D8E70834C231AE5CC670
                                                                                                                                                                                                                                                                                                                                                          SHA1:FA92DDE2E8DD8599EA458CC8488123CB60AD0DC1
                                                                                                                                                                                                                                                                                                                                                          SHA-256:1CEE1D9084D2C05B68B40073E4E6FE380128B61988409D60A9F5CBFD7AE964F6
                                                                                                                                                                                                                                                                                                                                                          SHA-512:A054A1E0F3289F4CCD25F01A81C0B3471A2CA8243E76ADD24D105A4141FBC534D20CE913A796474FB17754AB3B87C56679B8962FB860060B23F467601043EEA7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmpACCD.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):1.1216922126537057
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:72qAdB9TbTbuDDsnxCkvSAE+WslKOMq+8MaQpY54tZ7YTrMD:72qOB1nxCkvSAELyKOMq+8mKQ0M
                                                                                                                                                                                                                                                                                                                                                          MD5:7F784E8E9051D8E70834C231AE5CC670
                                                                                                                                                                                                                                                                                                                                                          SHA1:FA92DDE2E8DD8599EA458CC8488123CB60AD0DC1
                                                                                                                                                                                                                                                                                                                                                          SHA-256:1CEE1D9084D2C05B68B40073E4E6FE380128B61988409D60A9F5CBFD7AE964F6
                                                                                                                                                                                                                                                                                                                                                          SHA-512:A054A1E0F3289F4CCD25F01A81C0B3471A2CA8243E76ADD24D105A4141FBC534D20CE913A796474FB17754AB3B87C56679B8962FB860060B23F467601043EEA7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\tmpACED.tmp.dat

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):51200
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                                                                                                                                          MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                                                                                                                                          SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                                                                                                                                          SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                                                                                                                                          SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\44\Browsers\Firefox\Bookmarks.txt

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):105
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8863455911790052
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:3:RGtjybXLGSWK+ZjMGvRS3ZMz9GSOLj2SjyRE2qJ:hvWF7Ipg9OL2RE2m
                                                                                                                                                                                                                                                                                                                                                          MD5:2E9D094DDA5CDC3CE6519F75943A4FF4
                                                                                                                                                                                                                                                                                                                                                          SHA1:5D989B4AC8B699781681FE75ED9EF98191A5096C
                                                                                                                                                                                                                                                                                                                                                          SHA-256:C84C98BBF5E0EF9C8D0708B5D60C5BB656B7D6BE5135D7F7A8D25557E08CF142
                                                                                                                                                                                                                                                                                                                                                          SHA-512:D1F7EED00959E902BDB2125B91721460D3FF99F3BDFC1F2A343D4F58E8D4E5E5A06C0C6CDC0379211C94510F7C00D7A8B34FA7D0CA0C3D54CBBE878F1E9812B7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:### Get Help ###.### Customize Firefox ###.### Get Involved ###.### About Us ###.### Getting Started ###.

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\44\Information.txt

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):594
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.98278772701653
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:6:pYcCFWl4BjJJ4YVISwSTeeCXIgY1Zu0Gh+3uDFk7VXkLA67X:pYzd1gSTeX94V2In7VXCA6r
                                                                                                                                                                                                                                                                                                                                                          MD5:E924056C980A7C994377EFE826A25BFF
                                                                                                                                                                                                                                                                                                                                                          SHA1:D8EFA73F9D9FF5A489383BEBC9E602D41DEA8448
                                                                                                                                                                                                                                                                                                                                                          SHA-256:82127CB726E3A3EF049A04EEC4D5638D37BCA67E289C4530C172BF080DB51653
                                                                                                                                                                                                                                                                                                                                                          SHA-512:5D503683EC679D6F1914D4214493B42F1119FFE62B60F11AE95543BDDBC5829C63E6DCD1543DB76695A6CDCC107CEFA8B0B2C938FF5C2FD146EFC38DC6EB4BC7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview: ==================================================. Operating system: Windows 10 Pro (64 Bit). PC user: 928100/user. ClipBoard: . Launch: C:\Pots.exe. ==================================================. Screen resolution: 1280x1024. Current time: 02/05/2024 21:38:44. HWID: 953ABCA4ED. ==================================================. CPU: Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz. RAM: 4094MB. GPU: 3ROL7KFV. ==================================================. IP Geolocation: Fail Fail. Log Date: 05/02/2024 8:28. BSSID: 00:50:56:a7:21:15. ==================================================

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\44\Process.txt

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):1665
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.311962066253752
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:24:QqHqqWqqqXspIYQU+qqqXsqqqqqjqmqqqqqqqqqqqqqQz4n0b0HI8IpGQUqqppqZ:lQyqrMG0HZgL
                                                                                                                                                                                                                                                                                                                                                          MD5:4AE8C89E61E2130890D0A6C0A9AFABB2
                                                                                                                                                                                                                                                                                                                                                          SHA1:BB871499CA5FCF6FCA9A50BEE608229D3A3618C7
                                                                                                                                                                                                                                                                                                                                                          SHA-256:62B3B5185AF322AD76BA7362D5C2FB555DF2227BD6FC6CD80320A213B319EE5E
                                                                                                                                                                                                                                                                                                                                                          SHA-512:B57B15A71E5F75FF65B073C3C99CDE2EDC7DE26E08EDE28BC92153FED6DB156D67C81BE57DB599BA108B69A48DBC30F878237B1DE2A12F90B17076D442CFD89D
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:NAME: WmiPrvSE..NAME: svchost..NAME: winlogon..NAME: svchost..NAME: svchost..NAME: dwm..NAME: svchost..NAME: svchost..NAME: svchost..NAME: dllhost..NAME: WinStore.App..NAME: cscript..NAME: RuntimeBroker..NAME: smss..NAME: MoUsoCoreWorker..NAME: svchost..NAME: svchost..NAME: dllhost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: TextInputHost..NAME: svchost..NAME: SgrmBroker..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: svchost..NAME: spoolsv..NAME: Pots..NAME: conhost..NAME: Memory Compression..NAME: conhost..NAME: csrss..NAME: Registry..NAME: lsass..NAME: RuntimeBroker..NAME: svchost..NAME: svchost..NAME: StartMenuExperienceHost..NAME: ctfmon..NAME: svchost..NAME: RuntimeBroker..NAME: svchost..NAME: dllhost..NAME: wininit..NAME: svchost..NAME: svchost..NAME: SearchApp..NAME: svchost..NAME: svchost..NAME: svchost

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\44\Screen.png

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:PNG image data, 1280 x 1024, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):68314
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.637745412120897
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:1536:uT3bj4XnxhkPvTXjJkA3FyN1LF4du+ffffffffBVJFfgBRYffffffffGfffffffq:uT3bjxbjJde5GdZffffffffBVJFfgBRS
                                                                                                                                                                                                                                                                                                                                                          MD5:4195707DCC2DA9D819A5611FB4714162
                                                                                                                                                                                                                                                                                                                                                          SHA1:A24AAA2094EAD160F77CD9966A6B8F1574F2DF20
                                                                                                                                                                                                                                                                                                                                                          SHA-256:47D1156FC0008B9F125D24A54A0AFA341ACB7BB113331FAD36902BEB2B7CE66F
                                                                                                                                                                                                                                                                                                                                                          SHA-512:DCE78847DED25B2A3D8412EE3C8BED4E18DB372AB8A730542530707753B8913A8C0DB3B59A2135BCC0A0D7E0F838E8E3432BB65B3108CFA6024FD3A66E2EF27F
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:.PNG........IHDR................C....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^.............*...wlH..^D@El`/.ko....\..kA.".Xh..DE..b/..DDE.......Lv2.d.l6..y..y.d....=.sf..9%.......k-k...................v.6..........M.......k.k...................v.6..........M.......k.k..Q.?..]z.....Z..........6.n.m......G...G..!....Q.m...KW.:(^&.[.t../_^../...! .....X[Y....6..SO.#C..}.?...;_'.p.z....R.q.......<X#..;..k7.P\LHg.......!`........... ..*......O..O.......{._P0..2a.......u.]w....X..gg..^c...1.uw......q.....C5..C5...5..#4....&>v..wL.r.g.q.<.x...N....O....;V....}.I..@.hB@.........e..l..:..35t.p=...../(]..........j....{u...Z..7..{.V.xHK.P.g....:CK.>SK.9KKg.._.=G..w.~{.|..A_..........h.....k..+.Wi..h.W.i...k..7h....`.-........B@........6s..v.......#.....W...>.l......@.>..&Lz^.....:.:.80....i.....C...w.....>.....E.>......o..w/...^.??6!`?-..b-.s...~~......j....D.._..w...u.qR]..A........2.f.F.....'..-.k..d..........W.......Ai.P.0.X

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu May 2 17:28:51 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):2673
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.9864393143435435
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:48:88dST+sjG9HAidAKZdA1FehwiZUklqehny+3:8pjjNUy
                                                                                                                                                                                                                                                                                                                                                          MD5:6E642F3002894CFBB2BF1F3A9C215CF8
                                                                                                                                                                                                                                                                                                                                                          SHA1:94AC7153BC0F3A8722BE0D3038659791D411BEB8
                                                                                                                                                                                                                                                                                                                                                          SHA-256:523499E463C66856E8E3E5B6127D86595C5E9C224FEA4CBE39C65CD32959777A
                                                                                                                                                                                                                                                                                                                                                          SHA-512:AD057C261E0DCDC2FDBD26F682725275718F326F375BA0E592F21EB3BE37EFDC334146D4F6BB782DC39C0CB3EDCB36CDD694A2D4F6D59FFF9CD316244E50AA09
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,...........N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xg.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........G..%.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu May 2 17:28:51 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):2675
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.004769908991682
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:48:8WdST+sjG9HAidAKZdA1seh/iZUkAQkqehEy+2:8zjjj9QZy
                                                                                                                                                                                                                                                                                                                                                          MD5:D373475C70219C3433F78792716D0FE1
                                                                                                                                                                                                                                                                                                                                                          SHA1:42770AEA9EE9D4713A3F55C4952AAC7C19E64928
                                                                                                                                                                                                                                                                                                                                                          SHA-256:F82E4CF10ABF4343F71186AD79EC0C5A26F2230B7E3D8C00D26079DFB1F5F7EF
                                                                                                                                                                                                                                                                                                                                                          SHA-512:DDDE080A9BB50A4C8B1D4FB163043A9A4F2B8AC507169E24DDDDFCD8B05F2E3FE2ADF9C1DBB60D98A7DCA64206755221CACC3685438459AFC126B034A7273AF8
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,.....z......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xg.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........G..%.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):2689
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.009308865375997
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:48:88dST+sjAHAidAKZdA14meh7sFiZUkmgqeh7smy+BX:8pjjtn4y
                                                                                                                                                                                                                                                                                                                                                          MD5:532E62DFAF7D2F986E381291606D4ED6
                                                                                                                                                                                                                                                                                                                                                          SHA1:E62DE7A0879FE4E6188DAFF49D1DAA1F90ED8D22
                                                                                                                                                                                                                                                                                                                                                          SHA-256:EFBE58DC6A87ED912712FA8929010B89AE96F55733234AAFBAE4802BAAD54F87
                                                                                                                                                                                                                                                                                                                                                          SHA-512:ACA2344301BB12C24535D8EF720D0A2A58E5143B72DC7AB689CEAF2789D9A2E4CF0234947A9604EC81F715CBBFEB8EE05489B6C7192F306447929F1474F825C7
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xg.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........G..%.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu May 2 17:28:51 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):2677
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.000816024007464
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:48:8ydST+sjG9HAidAKZdA1TehDiZUkwqehgy+R:8PjjQuy
                                                                                                                                                                                                                                                                                                                                                          MD5:CB20940706D7C23BBD84BEA5EA711E24
                                                                                                                                                                                                                                                                                                                                                          SHA1:5B1F8A9A25A55E973BD09DFCAC1A8676F978DCB1
                                                                                                                                                                                                                                                                                                                                                          SHA-256:F1C1E31AFB79C4F3F78A02ADA5BD9058393242E83914039734CE1B9872F193C7
                                                                                                                                                                                                                                                                                                                                                          SHA-512:2B166FC698D2D49D5222DC1C65BF7F41FEB5F54BB6829060D558EF9F58F0AB5BFA41CE85E60054F8FBF5AF4791CA69BE3CB14C5B4991A7DDD6ACB421E12CF6EB
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,....#A......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xg.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........G..%.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu May 2 17:28:51 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):2677
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):3.9896219471483816
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:48:8FdST+sjG9HAidAKZdA1dehBiZUk1W1qeh6y+C:8ajjw9ay
                                                                                                                                                                                                                                                                                                                                                          MD5:CE0151B277180F150C8D5478AC0DDC01
                                                                                                                                                                                                                                                                                                                                                          SHA1:B6C079E18B389DF90B0A328A747D72951D011E08
                                                                                                                                                                                                                                                                                                                                                          SHA-256:2411B6FB91983C894B25A9B81AD3430A7A723B8604CFFF4DDD7F3CCDC0AAC8A9
                                                                                                                                                                                                                                                                                                                                                          SHA-512:F5F12CDE0BF48E4E2836BC5290C1958F174731F6A1C199AF7BB648BE439D269A7E79EC95696690B037688F9136380925ADBF4EDCB1DE6F1B3E84F455E54425FF
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,....O......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xg.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........G..%.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu May 2 17:28:51 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):2679
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.000805102207576
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:48:8+dST+sjG9HAidAKZdA1duTeehOuTbbiZUk5OjqehOuTb4y+yT+:8LjjiTfTbxWOvTb4y7T
                                                                                                                                                                                                                                                                                                                                                          MD5:1D0B7F438EC783CFF7A8934CDEA2980F
                                                                                                                                                                                                                                                                                                                                                          SHA1:D5CB6421FA47F445AB4880DD081BA4732F8C7FD0
                                                                                                                                                                                                                                                                                                                                                          SHA-256:5CC581ACB3986B532D67DCF2688204B9679DC0E52C23E84F074599F5AB1DF868
                                                                                                                                                                                                                                                                                                                                                          SHA-512:42AC8CCC3D36F240933E6B329D11800F938D8CD3D6AFB4D323AE1409FE64188FE9A02B9CF23B35B37582F14037FEDD9E46D2BE43BE1EB83C53A72EF96B7F0EA3
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.Xg.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........G..%.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\ExperimentStoreData.json (copy)

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):3621
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.929750880866001
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:48:YnSwkmrOIfPUFuOdwNIOdoWLEWLtkDB/u4x5FBvipA6kbSathfkLuhakNFx679dQ:8S+OIfPUFuOdwNIOd8jvYR0uLCx6718P
                                                                                                                                                                                                                                                                                                                                                          MD5:F8AC4934CDEE4470965BCCD32541CD8D
                                                                                                                                                                                                                                                                                                                                                          SHA1:12AB3AF4C3D9052540D1F2AD27FF055A4E93B384
                                                                                                                                                                                                                                                                                                                                                          SHA-256:3A178B099ED0F0E72CA38ADF4ABD9CB345AEF6BE5255F7FBCA9BEB4EEAA6C4B2
                                                                                                                                                                                                                                                                                                                                                          SHA-512:00030FF70152E586C38EA81A81858FDBDB9289D26731FC5176039707F386C9C9E919982748D1DF0A2647F3F81BA323BACBA29E3751841ACF1324E4474E2D618D
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"9c4f630b-d3dc-4236-9fe2-a1415309e4e4","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-06T09:08:30.452Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\ExperimentStoreData.json.tmp

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):3621
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.929750880866001
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:48:YnSwkmrOIfPUFuOdwNIOdoWLEWLtkDB/u4x5FBvipA6kbSathfkLuhakNFx679dQ:8S+OIfPUFuOdwNIOd8jvYR0uLCx6718P
                                                                                                                                                                                                                                                                                                                                                          MD5:F8AC4934CDEE4470965BCCD32541CD8D
                                                                                                                                                                                                                                                                                                                                                          SHA1:12AB3AF4C3D9052540D1F2AD27FF055A4E93B384
                                                                                                                                                                                                                                                                                                                                                          SHA-256:3A178B099ED0F0E72CA38ADF4ABD9CB345AEF6BE5255F7FBCA9BEB4EEAA6C4B2
                                                                                                                                                                                                                                                                                                                                                          SHA-512:00030FF70152E586C38EA81A81858FDBDB9289D26731FC5176039707F386C9C9E919982748D1DF0A2647F3F81BA323BACBA29E3751841ACF1324E4474E2D618D
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"9c4f630b-d3dc-4236-9fe2-a1415309e4e4","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-06T09:08:30.452Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addonStartup.json.lz4 (copy)

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:Mozilla lz4 compressed data, originally 23432 bytes
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):5312
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.615424734763731
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:96:V2YbKsKNU2xWrp327tGmD4wBON6h6cHaJVJuZMd0JGkkrw2D:VTx2x2t0FDJ4NpwZMd0EJws
                                                                                                                                                                                                                                                                                                                                                          MD5:1B9C8056D3619CE5A8C59B0C09873F17
                                                                                                                                                                                                                                                                                                                                                          SHA1:1015C630E1937AA63F6AB31743782ECB5D78CCD8
                                                                                                                                                                                                                                                                                                                                                          SHA-256:A6AE5DE0733FED050AB570AD9374FF4593D554F695B5AE4E2495871D171D34A3
                                                                                                                                                                                                                                                                                                                                                          SHA-512:B1DC9CC675D5476C270A2D5B214D3DF2B3856576ED7EFE92D9A606C2D9D34E781018902AE75CE9C1E25007BB7F8D8F7B52997E6F05B845EF44BAF22F614FE899
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:mozLz40..[....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addonStartup.json.lz4.tmp

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:Mozilla lz4 compressed data, originally 23432 bytes
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):5312
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.615424734763731
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:96:V2YbKsKNU2xWrp327tGmD4wBON6h6cHaJVJuZMd0JGkkrw2D:VTx2x2t0FDJ4NpwZMd0EJws
                                                                                                                                                                                                                                                                                                                                                          MD5:1B9C8056D3619CE5A8C59B0C09873F17
                                                                                                                                                                                                                                                                                                                                                          SHA1:1015C630E1937AA63F6AB31743782ECB5D78CCD8
                                                                                                                                                                                                                                                                                                                                                          SHA-256:A6AE5DE0733FED050AB570AD9374FF4593D554F695B5AE4E2495871D171D34A3
                                                                                                                                                                                                                                                                                                                                                          SHA-512:B1DC9CC675D5476C270A2D5B214D3DF2B3856576ED7EFE92D9A606C2D9D34E781018902AE75CE9C1E25007BB7F8D8F7B52997E6F05B845EF44BAF22F614FE899
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:mozLz40..[....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\prefs-1.js

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):12144
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.480968864882453
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:mnGRvo1YYbBp6SDLZwxhaXs6+qNNI5RuFNBw8d3Sl:FeHFwxkTuEw80
                                                                                                                                                                                                                                                                                                                                                          MD5:56B62AF4373FE3F7DB292724E38BB2A9
                                                                                                                                                                                                                                                                                                                                                          SHA1:CBFCC819CE26462FBA35E7F26B59BC2E8F2675C0
                                                                                                                                                                                                                                                                                                                                                          SHA-256:0D567B4741205B404509A1300ABA176C158541734CA22EC9EDF9A86BAAC7938F
                                                                                                                                                                                                                                                                                                                                                          SHA-512:3872D5F58FB7B3989167DAD83260D62E7F0982AD9250D3B2DD574079FE0106D9F38CEFA68C3BD3BF67FAAC2EFAC8B7F60BBF3A7575E1C9B1E429CD4886BDDFB0
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "0dbf219f-4e18-464a-957c-ae336603cdcc");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1714679189);..user_pref("app.update.lastUpdateTime.background-update-timer", 1714679189);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1714679189);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 169658

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\prefs.js (copy)

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):12144
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.480968864882453
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:mnGRvo1YYbBp6SDLZwxhaXs6+qNNI5RuFNBw8d3Sl:FeHFwxkTuEw80
                                                                                                                                                                                                                                                                                                                                                          MD5:56B62AF4373FE3F7DB292724E38BB2A9
                                                                                                                                                                                                                                                                                                                                                          SHA1:CBFCC819CE26462FBA35E7F26B59BC2E8F2675C0
                                                                                                                                                                                                                                                                                                                                                          SHA-256:0D567B4741205B404509A1300ABA176C158541734CA22EC9EDF9A86BAAC7938F
                                                                                                                                                                                                                                                                                                                                                          SHA-512:3872D5F58FB7B3989167DAD83260D62E7F0982AD9250D3B2DD574079FE0106D9F38CEFA68C3BD3BF67FAAC2EFAC8B7F60BBF3A7575E1C9B1E429CD4886BDDFB0
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "0dbf219f-4e18-464a-957c-ae336603cdcc");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1714679189);..user_pref("app.update.lastUpdateTime.background-update-timer", 1714679189);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1714679189);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 169658

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionCheckpoints.json (copy)

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):90
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                                          MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                                          SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                                          SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                                          SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionCheckpoints.json.tmp

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):90
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                                          MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                                          SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                                          SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                                          SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionstore-backups\recovery.jsonlz4 (copy)

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:Mozilla lz4 compressed data, originally 5824 bytes
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):1500
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.2491975356631295
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:24:veSUGlimK3zU+INGLXV+EY62PHYB+mkDT5sEIFGULt67FHuxH0RahRq/vejkDzp7:WpGKsGglqB+mqZ+mI8R2QDzDW8
                                                                                                                                                                                                                                                                                                                                                          MD5:05F93AECD78A1328C46EEC219F815A36
                                                                                                                                                                                                                                                                                                                                                          SHA1:8FDE8DD0736AF95C474710E06922EF566ADF93FE
                                                                                                                                                                                                                                                                                                                                                          SHA-256:D23EEBECE8C99DBF565483560086EAD3675A86A9CB0B4C3AA1B3123BE52946F0
                                                                                                                                                                                                                                                                                                                                                          SHA-512:042282BC189D43793D56C925017DA3976919C0148FAB2C91E89D3310FE7AC16572E6E130DEBF00A9A6DDE67257D188C65E30BE680A437EA851E39C49A0E13B02
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie...}url":"about:home","title":"New Tab","cacheKey":0,"ID":7,"docshellUUID":"{0317831b-2f31-45e9-bdef-44f29a43887f}","resultPrincipalURI":null,"p....ToInherit_base64":"{\"0\":...\"moz-null4...:{808e5590-46e0-422a-8bbf-7e2666e92cf1}\"}}","hasUserInteractA...false,"triggeringP\.....3...E..6docIdentifier":8,"persist":true}],"lastAccessed":1714679197512,"hiddey..searchMode...userContextId|..attribut....{},"index":1,"requestedI..p0,"imag....chrome://branding/cU..nt/icon32.png"..aselect...,"_closedT5.@],"_...C....GroupCount":-1,"busy...r...Flags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximized"...BeforeMin...&..workspace...."544a81f3-86cf-4601-b565-c8cb2ca3983a","zB..1...WH..j........E..:..{.1":{..jUpdate...5,"startTim..P58005...centCrash...0},"global..Dcook.. hoa..."addons.mozilla.org","valu.. 7cu..*9745a185df1b235fd3ecf9e918cb7cd2b41b705581b7355f517422d41a. pa..p"/","na..`"taarI..bsecure...,"http

                                                                                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionstore-backups\recovery.jsonlz4.tmp

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:Mozilla lz4 compressed data, originally 5824 bytes
                                                                                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):1500
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):6.2491975356631295
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:24:veSUGlimK3zU+INGLXV+EY62PHYB+mkDT5sEIFGULt67FHuxH0RahRq/vejkDzp7:WpGKsGglqB+mqZ+mI8R2QDzDW8
                                                                                                                                                                                                                                                                                                                                                          MD5:05F93AECD78A1328C46EEC219F815A36
                                                                                                                                                                                                                                                                                                                                                          SHA1:8FDE8DD0736AF95C474710E06922EF566ADF93FE
                                                                                                                                                                                                                                                                                                                                                          SHA-256:D23EEBECE8C99DBF565483560086EAD3675A86A9CB0B4C3AA1B3123BE52946F0
                                                                                                                                                                                                                                                                                                                                                          SHA-512:042282BC189D43793D56C925017DA3976919C0148FAB2C91E89D3310FE7AC16572E6E130DEBF00A9A6DDE67257D188C65E30BE680A437EA851E39C49A0E13B02
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie...}url":"about:home","title":"New Tab","cacheKey":0,"ID":7,"docshellUUID":"{0317831b-2f31-45e9-bdef-44f29a43887f}","resultPrincipalURI":null,"p....ToInherit_base64":"{\"0\":...\"moz-null4...:{808e5590-46e0-422a-8bbf-7e2666e92cf1}\"}}","hasUserInteractA...false,"triggeringP\.....3...E..6docIdentifier":8,"persist":true}],"lastAccessed":1714679197512,"hiddey..searchMode...userContextId|..attribut....{},"index":1,"requestedI..p0,"imag....chrome://branding/cU..nt/icon32.png"..aselect...,"_closedT5.@],"_...C....GroupCount":-1,"busy...r...Flags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximized"...BeforeMin...&..workspace...."544a81f3-86cf-4601-b565-c8cb2ca3983a","zB..1...WH..j........E..:..{.1":{..jUpdate...5,"startTim..P58005...centCrash...0},"global..Dcook.. hoa..."addons.mozilla.org","valu.. 7cu..*9745a185df1b235fd3ecf9e918cb7cd2b41b705581b7355f517422d41a. pa..p"/","na..`"taarI..bsecure...,"http

                                                                                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 119

                                                                                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (6325)
                                                                                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                                                                                          Size (bytes):6330
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):5.7779989217392975
                                                                                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:192:jpk7H66668ihNsOPN4Cy7jesmX//bH6666pAm/RniBQ:lk7H66668ihNsTCytIXbH6666//RniBQ
                                                                                                                                                                                                                                                                                                                                                          MD5:C4D25345176FB087571CBB0BF82F9DDF
                                                                                                                                                                                                                                                                                                                                                          SHA1:0640D6460DA5797872B72E539C58C496BD0DAED7
                                                                                                                                                                                                                                                                                                                                                          SHA-256:84E5795454D05425DFDC2DF10399B2979C42106076067A4207603CDD6CCA0070
                                                                                                                                                                                                                                                                                                                                                          SHA-512:91E778393E400A9D195BCD175DB5AAC9C3B4068A8DC9793F27D303DD86DCFE51F4F01DD29B462D35B23BDDC248F46BDD5B2D282179E69A0823810DBBACF3E924
                                                                                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                                                                                          URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                                                                                                                                                                                                                                                                                                                          Preview:)]}'.["",["nhl toronto maple leafs","daily horoscope today","stock markets","helldivers warbonds","colleen hoover verity movie","columbus crew concacaf champions cup","unitedhealth group ceo andrew witty","san jacinto river flooding conroe"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"google:entityinfo":"CggvbS8wajZ0chInVG9yb250byBNYXBsZSBMZWFmcyDigJQgSWNlIGhvY2tleSB0ZWFtMr8RZGF0YTppbWFnZS9qcGVnO2Jhc2U2NCwvOWovNEFBUVNrWkpSZ0FCQVFBQUFRQUJBQUQvMndDRUFBa0dCd2dIQmdrSUJ3Z0tDZ2tMRFJZUERRd01EUnNVRlJBV0lCMGlJaUFkSHg4a0tEUXNKQ1l4Sng4ZkxUMHRNVFUzT2pvNkl5cy9SRDg0UXpRNU9qY0JDZ29LRFF3TkdnOFBHamNsSHlVM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOLy9BQUJFSUFFQUFRQU1CSWdBQ0VRRURFUUgveEFBY0FBQUNBZ01CQVFBQUFBQUFBQUFBQUFBRkJ3QUlBd1FHQWdIL3hBQXZFQUFDQVFNREFnUUdBZ0lEQUFBQUFBQUJBZ01FQlJFQUVpRUdNUk1pUVZFVU1rSmhjWUVISTNMaGtjSHcvOFFBR1FFQUF3RUJBUUFB

                                                                                                                                                                                                                                                                                                                                                          Static File Info

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                          Entropy (8bit):7.908154693711326
                                                                                                                                                                                                                                                                                                                                                          TrID:
                                                                                                                                                                                                                                                                                                                                                          • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                                                                                          • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                                                                                          • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                                                                                          • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                                                                          File name:Pots.exe
                                                                                                                                                                                                                                                                                                                                                          File size:1'718'038 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5:4007521af3a2baa42c6fc32f849be740
                                                                                                                                                                                                                                                                                                                                                          SHA1:051f5eb496fe2e45cf18b981b47fdb5e9a4e1ce2
                                                                                                                                                                                                                                                                                                                                                          SHA256:709668f298abc9f2b1afb5c84b3aac68090a5898aa423533e6e947097980fb49
                                                                                                                                                                                                                                                                                                                                                          SHA512:c47570750403a7faa2b67504f44974c28a793f88f290baf394a54fba7d9e98be6ed1815cf92f517712c4e87645803d695849ea584e59f39b0e4238742a724407
                                                                                                                                                                                                                                                                                                                                                          SSDEEP:24576:+TbBv5rUlIFEK3nR26X4cfbsJsO9Ax8MBhmXAOXAeEvtPK16VqAaClWm4IHmWr:ABRFF314cwmXx88hmXAm7EJ6JAaMddr
                                                                                                                                                                                                                                                                                                                                                          TLSH:82852302BDD5D9B3C46208B303686B40B97DBC301F79CEEBA3D51A5CDA615E0DB392A1
                                                                                                                                                                                                                                                                                                                                                          File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......x_c.<>..<>..<>......1>.......>......$>...I..>>...I../>...I..+>...I...>..5F..7>..5F..;>..<>..)?...I...>...I..=>...I..=>...I..=>.

                                                                                                                                                                                                                                                                                                                                                          File Icon

                                                                                                                                                                                                                                                                                                                                                          Icon Hash:1515d4d4442f2d2d

                                                                                                                                                                                                                                                                                                                                                          Static PE Info

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Entrypoint:0x41f530
                                                                                                                                                                                                                                                                                                                                                          Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                                                          Digitally signed:false
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                                          Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                                                          Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                                                                                          DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                                                          Time Stamp:0x6220BF8D [Thu Mar 3 13:15:57 2022 UTC]
                                                                                                                                                                                                                                                                                                                                                          TLS Callbacks:
                                                                                                                                                                                                                                                                                                                                                          CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                                                          OS Version Major:5
                                                                                                                                                                                                                                                                                                                                                          OS Version Minor:1
                                                                                                                                                                                                                                                                                                                                                          File Version Major:5
                                                                                                                                                                                                                                                                                                                                                          File Version Minor:1
                                                                                                                                                                                                                                                                                                                                                          Subsystem Version Major:5
                                                                                                                                                                                                                                                                                                                                                          Subsystem Version Minor:1
                                                                                                                                                                                                                                                                                                                                                          Import Hash:12e12319f1029ec4f8fcbed7e82df162

                                                                                                                                                                                                                                                                                                                                                          Entrypoint Preview

                                                                                                                                                                                                                                                                                                                                                          Instruction
                                                                                                                                                                                                                                                                                                                                                          call 00007F304C96473Bh
                                                                                                                                                                                                                                                                                                                                                          jmp 00007F304C96404Dh
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          push ebp
                                                                                                                                                                                                                                                                                                                                                          mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                          push esi
                                                                                                                                                                                                                                                                                                                                                          push dword ptr [ebp+08h]
                                                                                                                                                                                                                                                                                                                                                          mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                          call 00007F304C956E97h
                                                                                                                                                                                                                                                                                                                                                          mov dword ptr [esi], 004356D0h
                                                                                                                                                                                                                                                                                                                                                          mov eax, esi
                                                                                                                                                                                                                                                                                                                                                          pop esi
                                                                                                                                                                                                                                                                                                                                                          pop ebp
                                                                                                                                                                                                                                                                                                                                                          retn 0004h
                                                                                                                                                                                                                                                                                                                                                          and dword ptr [ecx+04h], 00000000h
                                                                                                                                                                                                                                                                                                                                                          mov eax, ecx
                                                                                                                                                                                                                                                                                                                                                          and dword ptr [ecx+08h], 00000000h
                                                                                                                                                                                                                                                                                                                                                          mov dword ptr [ecx+04h], 004356D8h
                                                                                                                                                                                                                                                                                                                                                          mov dword ptr [ecx], 004356D0h
                                                                                                                                                                                                                                                                                                                                                          ret
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          push ebp
                                                                                                                                                                                                                                                                                                                                                          mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                          push esi
                                                                                                                                                                                                                                                                                                                                                          mov esi, ecx
                                                                                                                                                                                                                                                                                                                                                          lea eax, dword ptr [esi+04h]
                                                                                                                                                                                                                                                                                                                                                          mov dword ptr [esi], 004356B8h
                                                                                                                                                                                                                                                                                                                                                          push eax
                                                                                                                                                                                                                                                                                                                                                          call 00007F304C9674DFh
                                                                                                                                                                                                                                                                                                                                                          test byte ptr [ebp+08h], 00000001h
                                                                                                                                                                                                                                                                                                                                                          pop ecx
                                                                                                                                                                                                                                                                                                                                                          je 00007F304C9641DCh
                                                                                                                                                                                                                                                                                                                                                          push 0000000Ch
                                                                                                                                                                                                                                                                                                                                                          push esi
                                                                                                                                                                                                                                                                                                                                                          call 00007F304C963799h
                                                                                                                                                                                                                                                                                                                                                          pop ecx
                                                                                                                                                                                                                                                                                                                                                          pop ecx
                                                                                                                                                                                                                                                                                                                                                          mov eax, esi
                                                                                                                                                                                                                                                                                                                                                          pop esi
                                                                                                                                                                                                                                                                                                                                                          pop ebp
                                                                                                                                                                                                                                                                                                                                                          retn 0004h
                                                                                                                                                                                                                                                                                                                                                          push ebp
                                                                                                                                                                                                                                                                                                                                                          mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                          sub esp, 0Ch
                                                                                                                                                                                                                                                                                                                                                          lea ecx, dword ptr [ebp-0Ch]
                                                                                                                                                                                                                                                                                                                                                          call 00007F304C956E12h
                                                                                                                                                                                                                                                                                                                                                          push 0043BEF0h
                                                                                                                                                                                                                                                                                                                                                          lea eax, dword ptr [ebp-0Ch]
                                                                                                                                                                                                                                                                                                                                                          push eax
                                                                                                                                                                                                                                                                                                                                                          call 00007F304C966F99h
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          push ebp
                                                                                                                                                                                                                                                                                                                                                          mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                          sub esp, 0Ch
                                                                                                                                                                                                                                                                                                                                                          lea ecx, dword ptr [ebp-0Ch]
                                                                                                                                                                                                                                                                                                                                                          call 00007F304C964158h
                                                                                                                                                                                                                                                                                                                                                          push 0043C0F4h
                                                                                                                                                                                                                                                                                                                                                          lea eax, dword ptr [ebp-0Ch]
                                                                                                                                                                                                                                                                                                                                                          push eax
                                                                                                                                                                                                                                                                                                                                                          call 00007F304C966F7Ch
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          jmp 00007F304C968A17h
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          int3
                                                                                                                                                                                                                                                                                                                                                          push 00422900h
                                                                                                                                                                                                                                                                                                                                                          push dword ptr fs:[00000000h]

                                                                                                                                                                                                                                                                                                                                                          Rich Headers

                                                                                                                                                                                                                                                                                                                                                          Programming Language:
                                                                                                                                                                                                                                                                                                                                                          • [ C ] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                                                                                                          • [IMP] VS2008 SP1 build 30729

                                                                                                                                                                                                                                                                                                                                                          Data Directories

                                                                                                                                                                                                                                                                                                                                                          NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXPORT0x3d0700x34.rdata
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IMPORT0x3d0a40x50.rdata
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESOURCE0x640000xe050.rsrc
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BASERELOC0x730000x233c.reloc
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DEBUG0x3b11c0x54.rdata
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x355f80x40.rdata
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IAT0x330000x278.rdata
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x3c5ec0x120.rdata
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                                                                          Sections

                                                                                                                                                                                                                                                                                                                                                          NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                                                          .text0x10000x31bdc0x31c002831bb8b11e3209658a53131886cdf98False0.5909380888819096data6.712962136932442IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                          .rdata0x330000xaec00xb000042f11346230ca5aa360727d9908e809False0.4579190340909091data5.261605615899847IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                          .data0x3e0000x247200x10009670b581969e508258d8bc903025de5eFalse0.451416015625data4.387459135575936IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                                                          .didat0x630000x1900x200c83554035c63bb446c6208d0c8fa0256False0.4453125data3.3327310103022305IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                                                          .rsrc0x640000xe0500xe200d5ea19db2ac860286bc5d42e5dfbbd0aFalse0.6343853705752213data6.802173495258787IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                          .reloc0x730000x233c0x240040b5e17755fd6fdd34de06e5cdb7f711False0.7749565972222222data6.623012966548067IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                                                                          Resources

                                                                                                                                                                                                                                                                                                                                                          NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                                                                          PNG0x646440xb45PNG image data, 93 x 302, 8-bit/color RGB, non-interlaced1.0027729636048528
                                                                                                                                                                                                                                                                                                                                                          PNG0x6518c0x15a9PNG image data, 186 x 604, 8-bit/color RGB, non-interlaced0.9363390441839495
                                                                                                                                                                                                                                                                                                                                                          RT_ICON0x667380x568Device independent bitmap graphic, 16 x 32 x 8, image size 256, resolution 2834 x 2834 px/m, 256 important colors0.47832369942196534
                                                                                                                                                                                                                                                                                                                                                          RT_ICON0x66ca00x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024, resolution 2834 x 2834 px/m, 256 important colors0.5410649819494585
                                                                                                                                                                                                                                                                                                                                                          RT_ICON0x675480xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2304, resolution 2834 x 2834 px/m, 256 important colors0.4933368869936034
                                                                                                                                                                                                                                                                                                                                                          RT_ICON0x683f00x468Device independent bitmap graphic, 16 x 32 x 32, image size 1024, resolution 2834 x 2834 px/m0.5390070921985816
                                                                                                                                                                                                                                                                                                                                                          RT_ICON0x688580x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4096, resolution 2834 x 2834 px/m0.41393058161350843
                                                                                                                                                                                                                                                                                                                                                          RT_ICON0x699000x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9216, resolution 2834 x 2834 px/m0.3479253112033195
                                                                                                                                                                                                                                                                                                                                                          RT_ICON0x6bea80x3d71PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced0.9809269502193401
                                                                                                                                                                                                                                                                                                                                                          RT_DIALOG0x6fc1c0x2badata0.5286532951289399
                                                                                                                                                                                                                                                                                                                                                          RT_DIALOG0x6fed80x13adata0.6560509554140127
                                                                                                                                                                                                                                                                                                                                                          RT_DIALOG0x700140xf2data0.71900826446281
                                                                                                                                                                                                                                                                                                                                                          RT_DIALOG0x701080x14adata0.6
                                                                                                                                                                                                                                                                                                                                                          RT_DIALOG0x702540x314data0.47588832487309646
                                                                                                                                                                                                                                                                                                                                                          RT_DIALOG0x705680x24adata0.6262798634812287
                                                                                                                                                                                                                                                                                                                                                          RT_STRING0x707b40x1fcdata0.421259842519685
                                                                                                                                                                                                                                                                                                                                                          RT_STRING0x709b00x246data0.41924398625429554
                                                                                                                                                                                                                                                                                                                                                          RT_STRING0x70bf80x1a6data0.514218009478673
                                                                                                                                                                                                                                                                                                                                                          RT_STRING0x70da00xdcdata0.65
                                                                                                                                                                                                                                                                                                                                                          RT_STRING0x70e7c0x47cdata0.38414634146341464
                                                                                                                                                                                                                                                                                                                                                          RT_STRING0x712f80x164data0.5056179775280899
                                                                                                                                                                                                                                                                                                                                                          RT_STRING0x7145c0x110data0.5772058823529411
                                                                                                                                                                                                                                                                                                                                                          RT_STRING0x7156c0x158data0.4563953488372093
                                                                                                                                                                                                                                                                                                                                                          RT_STRING0x716c40xe8data0.5948275862068966
                                                                                                                                                                                                                                                                                                                                                          RT_STRING0x717ac0xe6data0.5695652173913044
                                                                                                                                                                                                                                                                                                                                                          RT_GROUP_ICON0x718940x68data0.7019230769230769
                                                                                                                                                                                                                                                                                                                                                          RT_MANIFEST0x718fc0x753XML 1.0 document, ASCII text, with CRLF line terminators0.3957333333333333

                                                                                                                                                                                                                                                                                                                                                          Imports

                                                                                                                                                                                                                                                                                                                                                          DLLImport
                                                                                                                                                                                                                                                                                                                                                          KERNEL32.dllGetLastError, SetLastError, FormatMessageW, GetCurrentProcess, DeviceIoControl, SetFileTime, CloseHandle, CreateDirectoryW, RemoveDirectoryW, CreateFileW, DeleteFileW, CreateHardLinkW, GetShortPathNameW, GetLongPathNameW, MoveFileW, GetFileType, GetStdHandle, WriteFile, ReadFile, FlushFileBuffers, SetEndOfFile, SetFilePointer, SetFileAttributesW, GetFileAttributesW, FindClose, FindFirstFileW, FindNextFileW, InterlockedDecrement, GetVersionExW, GetCurrentDirectoryW, GetFullPathNameW, FoldStringW, GetModuleFileNameW, GetModuleHandleW, FindResourceW, FreeLibrary, GetProcAddress, GetCurrentProcessId, ExitProcess, SetThreadExecutionState, Sleep, LoadLibraryW, GetSystemDirectoryW, CompareStringW, AllocConsole, FreeConsole, AttachConsole, WriteConsoleW, GetProcessAffinityMask, CreateThread, SetThreadPriority, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, SetEvent, ResetEvent, ReleaseSemaphore, WaitForSingleObject, CreateEventW, CreateSemaphoreW, GetSystemTime, SystemTimeToTzSpecificLocalTime, TzSpecificLocalTimeToSystemTime, SystemTimeToFileTime, FileTimeToLocalFileTime, LocalFileTimeToFileTime, FileTimeToSystemTime, GetCPInfo, IsDBCSLeadByte, MultiByteToWideChar, WideCharToMultiByte, GlobalAlloc, LockResource, GlobalLock, GlobalUnlock, GlobalFree, LoadResource, SizeofResource, SetCurrentDirectoryW, GetExitCodeProcess, GetLocalTime, GetTickCount, MapViewOfFile, UnmapViewOfFile, CreateFileMappingW, OpenFileMappingW, GetCommandLineW, SetEnvironmentVariableW, ExpandEnvironmentStringsW, GetTempPathW, MoveFileExW, GetLocaleInfoW, GetTimeFormatW, GetDateFormatW, GetNumberFormatW, DecodePointer, SetFilePointerEx, GetConsoleMode, GetConsoleCP, HeapSize, SetStdHandle, GetProcessHeap, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineA, GetOEMCP, RaiseException, GetSystemInfo, VirtualProtect, VirtualQuery, LoadLibraryExA, IsProcessorFeaturePresent, IsDebuggerPresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetStartupInfoW, QueryPerformanceCounter, GetCurrentThreadId, GetSystemTimeAsFileTime, InitializeSListHead, TerminateProcess, LocalFree, RtlUnwind, EncodePointer, InitializeCriticalSectionAndSpinCount, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, LoadLibraryExW, QueryPerformanceFrequency, GetModuleHandleExW, GetModuleFileNameA, GetACP, HeapFree, HeapAlloc, HeapReAlloc, GetStringTypeW, LCMapStringW, FindFirstFileExA, FindNextFileA, IsValidCodePage
                                                                                                                                                                                                                                                                                                                                                          OLEAUT32.dllSysAllocString, SysFreeString, VariantClear
                                                                                                                                                                                                                                                                                                                                                          gdiplus.dllGdipAlloc, GdipDisposeImage, GdipCloneImage, GdipCreateBitmapFromStream, GdipCreateBitmapFromStreamICM, GdipCreateHBITMAPFromBitmap, GdiplusStartup, GdiplusShutdown, GdipFree

                                                                                                                                                                                                                                                                                                                                                          Network Behavior

                                                                                                                                                                                                                                                                                                                                                          Network Port Distribution

                                                                                                                                                                                                                                                                                                                                                          TCP Packets

                                                                                                                                                                                                                                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:30.979886055 CEST49700443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:30.979955912 CEST44349700104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:30.980094910 CEST49700443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:30.988280058 CEST49700443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:30.988317013 CEST44349700104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.188729048 CEST44349700104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.188910007 CEST49700443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.281038046 CEST49700443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.281112909 CEST44349700104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.281415939 CEST44349700104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.343966961 CEST49700443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.781891108 CEST49700443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.824146032 CEST44349700104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.888534069 CEST44349700104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.888600111 CEST44349700104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.888667107 CEST49700443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.903356075 CEST49700443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.998253107 CEST49701443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.998286009 CEST44349701104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.998369932 CEST49701443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.998758078 CEST49701443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.998773098 CEST44349701104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.188415051 CEST44349701104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.188533068 CEST49701443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.191239119 CEST49701443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.191243887 CEST44349701104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.191451073 CEST44349701104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.192785978 CEST49701443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.240124941 CEST44349701104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.600137949 CEST44349701104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.600189924 CEST44349701104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.600219965 CEST44349701104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.600274086 CEST49701443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.600287914 CEST44349701104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.600325108 CEST49701443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.600333929 CEST44349701104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.600343943 CEST44349701104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.600395918 CEST49701443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:32.622893095 CEST49701443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:38.209395885 CEST49673443192.168.2.16204.79.197.203
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:38.510761023 CEST49673443192.168.2.16204.79.197.203
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:39.122488022 CEST49673443192.168.2.16204.79.197.203
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:40.152148962 CEST49688443192.168.2.1623.44.201.22
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:40.322755098 CEST49673443192.168.2.16204.79.197.203
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:40.793178082 CEST49704443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:40.793216944 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:40.793306112 CEST49704443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:40.794856071 CEST49704443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:40.794866085 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.188364029 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.188447952 CEST49704443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.189992905 CEST49704443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.190001965 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.190207958 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.232752085 CEST49704443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.255177975 CEST49704443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.296124935 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.568393946 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.568439960 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.568445921 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.568501949 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.568531036 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.568598032 CEST49704443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.568613052 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.568629980 CEST49704443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.568634987 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.568670034 CEST49704443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.568696976 CEST49704443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.579137087 CEST49704443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.579149961 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.579160929 CEST49704443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:41.579164982 CEST4434970413.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:42.732743979 CEST49673443192.168.2.16204.79.197.203
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:44.506726027 CEST49706443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:44.506752014 CEST4434970623.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:44.506836891 CEST49706443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:44.507776022 CEST49706443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:44.507790089 CEST4434970623.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:44.695929050 CEST4434970623.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:44.696080923 CEST49706443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:44.761172056 CEST49706443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:44.761217117 CEST4434970623.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:44.761423111 CEST4434970623.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:44.813045025 CEST49706443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:44.946764946 CEST49706443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:44.988121033 CEST4434970623.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.059531927 CEST4434970623.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.059701920 CEST49706443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.059715986 CEST4434970623.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.059725046 CEST49706443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.059750080 CEST4434970623.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.059783936 CEST4434970623.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.059824944 CEST49706443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.102271080 CEST49707443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.102309942 CEST4434970723.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.102385998 CEST49707443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.102634907 CEST49707443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.102648973 CEST4434970723.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.285613060 CEST4434970723.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.285727024 CEST49707443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.287996054 CEST49707443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.288003922 CEST4434970723.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.288220882 CEST4434970723.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.290741920 CEST49707443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.336119890 CEST4434970723.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.509813070 CEST4434970723.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.509896994 CEST4434970723.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.509970903 CEST49707443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.510669947 CEST49707443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.510685921 CEST4434970723.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.510710955 CEST49707443192.168.2.1623.51.58.94
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:45.510720968 CEST4434970723.51.58.94192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:46.371059895 CEST49678443192.168.2.1620.189.173.10
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:46.673768997 CEST49678443192.168.2.1620.189.173.10
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:47.280766010 CEST49678443192.168.2.1620.189.173.10
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:47.535765886 CEST49673443192.168.2.16204.79.197.203
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:48.495754957 CEST49678443192.168.2.1620.189.173.10
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:50.845927954 CEST4968080192.168.2.16192.229.211.108
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:50.909818888 CEST49678443192.168.2.1620.189.173.10
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:51.149890900 CEST4968080192.168.2.16192.229.211.108
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:51.757764101 CEST4968080192.168.2.16192.229.211.108
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:52.971767902 CEST4968080192.168.2.16192.229.211.108
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:55.386890888 CEST4968080192.168.2.16192.229.211.108
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:55.722886086 CEST49678443192.168.2.1620.189.173.10
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:57.146831989 CEST49673443192.168.2.16204.79.197.203
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:00.204869032 CEST4968080192.168.2.16192.229.211.108
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:05.332904100 CEST49678443192.168.2.1620.189.173.10
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:09.810937881 CEST4968080192.168.2.16192.229.211.108
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:16.975052118 CEST4969580192.168.2.16199.232.214.172
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:17.062446117 CEST8049695199.232.214.172192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:17.062484026 CEST8049695199.232.214.172192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:17.062541008 CEST4969580192.168.2.16199.232.214.172
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:18.258868933 CEST49708443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:18.258905888 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:18.259001017 CEST49708443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:18.259345055 CEST49708443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:18.259358883 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:18.665637016 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:18.665719986 CEST49708443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:18.667068958 CEST49708443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:18.667078972 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:18.667284966 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:18.668638945 CEST49708443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:18.712129116 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.066293955 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.066315889 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.066384077 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.066387892 CEST49708443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.066431999 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.066484928 CEST49708443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.066508055 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.066519976 CEST49708443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.066521883 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.066559076 CEST49708443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.075071096 CEST49708443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.075088024 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.075108051 CEST49708443192.168.2.1613.85.23.86
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:19.075114012 CEST4434970813.85.23.86192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:30.994584084 CEST49674443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:30.994628906 CEST49675443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:30.994666100 CEST49677443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:30.994882107 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:30.994932890 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:30.995032072 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:30.995515108 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:30.995528936 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.012351036 CEST49710443192.168.2.1640.126.24.84
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.012382030 CEST4434971040.126.24.84192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.012458086 CEST49710443192.168.2.1640.126.24.84
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.012653112 CEST49710443192.168.2.1640.126.24.84
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.012664080 CEST4434971040.126.24.84192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.272315025 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.272583961 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.272969961 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.273020983 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.292298079 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.292320967 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.292428017 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.292434931 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.292532921 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.292589903 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.301902056 CEST49674443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.301908016 CEST49675443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.302706003 CEST49677443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.319721937 CEST4434971040.126.24.84192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.319808960 CEST49710443192.168.2.1640.126.24.84
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.333623886 CEST49710443192.168.2.1640.126.24.84
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.333642006 CEST4434971040.126.24.84192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.333869934 CEST4434971040.126.24.84192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.334503889 CEST49710443192.168.2.1640.126.24.84
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.334543943 CEST49710443192.168.2.1640.126.24.84
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.334573030 CEST4434971040.126.24.84192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.416132927 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.416152954 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.416179895 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.416198015 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.416223049 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.416235924 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.416269064 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.416274071 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.416294098 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.416311979 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.416337013 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.419225931 CEST49709443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.419240952 CEST44349709204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.425232887 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.425273895 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.425348997 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.425578117 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.425590992 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.553216934 CEST4434971040.126.24.84192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.553241968 CEST4434971040.126.24.84192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.553276062 CEST4434971040.126.24.84192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.553342104 CEST4434971040.126.24.84192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.553360939 CEST49710443192.168.2.1640.126.24.84
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.553395033 CEST49710443192.168.2.1640.126.24.84
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.553395033 CEST49710443192.168.2.1640.126.24.84
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.553647995 CEST49710443192.168.2.1640.126.24.84
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.553663015 CEST4434971040.126.24.84192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.553670883 CEST49710443192.168.2.1640.126.24.84
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.553675890 CEST4434971040.126.24.84192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.645787954 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.645878077 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.648694038 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.648703098 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.648801088 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.648808956 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.648932934 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.648987055 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.881928921 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.881953955 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.881970882 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.881982088 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.882010937 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.882020950 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.882055044 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.882078886 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.907876968 CEST49675443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.907876015 CEST49674443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.907972097 CEST49677443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.983932972 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.984008074 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.984016895 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.984040022 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.984067917 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.984095097 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.984122992 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.984137058 CEST4434971123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.984144926 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.984179020 CEST49711443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.986707926 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.986723900 CEST4434971223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.986793041 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.987124920 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:31.987135887 CEST4434971223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.020360947 CEST49681443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.020670891 CEST49713443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.020694017 CEST4434971351.104.15.253192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.020761013 CEST49713443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.020947933 CEST49713443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.020961046 CEST4434971351.104.15.253192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.212024927 CEST4434971223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.212084055 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.212483883 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.212496996 CEST4434971223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.212656975 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.212661982 CEST4434971223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.351070881 CEST49714443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.351103067 CEST44349714204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.351162910 CEST49714443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.351381063 CEST49714443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.351393938 CEST44349714204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.384861946 CEST49681443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.434427977 CEST4434971223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.434448957 CEST4434971223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.434488058 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.434510946 CEST4434971223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.434525013 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.434566975 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.434629917 CEST4434971223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.434669018 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.434673071 CEST4434971223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.434710979 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.435110092 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.435125113 CEST4434971223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.435132980 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.435172081 CEST49712443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.438574076 CEST49715443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.438654900 CEST44349715204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.438726902 CEST49715443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.438915014 CEST49715443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.438930988 CEST44349715204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.444021940 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.444032907 CEST4434971623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.444096088 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.444284916 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.444295883 CEST4434971623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.503551006 CEST4434971351.104.15.253192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.503631115 CEST49713443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.507556915 CEST49713443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.507561922 CEST4434971351.104.15.253192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.507797003 CEST4434971351.104.15.253192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.507864952 CEST49713443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.508251905 CEST49713443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.508327961 CEST49713443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.508332968 CEST4434971351.104.15.253192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.523313046 CEST49717443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.523330927 CEST44349717204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.523402929 CEST49717443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.523654938 CEST49717443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.523665905 CEST44349717204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.622634888 CEST44349714204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.622706890 CEST49714443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.623044968 CEST49714443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.623054028 CEST44349714204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.623402119 CEST49714443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.623408079 CEST44349714204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.666734934 CEST4434971623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.666826963 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.667263985 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.667263985 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.667272091 CEST4434971623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.667287111 CEST4434971623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.680947065 CEST49718443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.680974960 CEST44349718204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.681170940 CEST49718443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.681337118 CEST49718443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.681350946 CEST44349718204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.708988905 CEST44349715204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.709141970 CEST49715443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.709471941 CEST49715443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.709477901 CEST44349715204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.710706949 CEST49715443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.710721970 CEST44349715204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.799890041 CEST44349717204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.800045013 CEST49717443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.800347090 CEST49717443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.800352097 CEST44349717204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.800561905 CEST49717443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.800568104 CEST44349717204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.808830023 CEST4434971351.104.15.253192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.808892965 CEST4434971351.104.15.253192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.808926105 CEST49713443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.808954954 CEST49713443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.808955908 CEST49713443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.808993101 CEST49713443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.905268908 CEST4434971623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.905297041 CEST4434971623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.905313969 CEST4434971623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.905330896 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.905378103 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.905378103 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.905385971 CEST4434971623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.905621052 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.916273117 CEST44349714204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.916294098 CEST44349714204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.916352034 CEST49714443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.916352034 CEST49714443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.916366100 CEST44349714204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.916376114 CEST44349714204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.916439056 CEST44349714204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.916461945 CEST49714443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.917203903 CEST49714443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.917203903 CEST49714443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.917264938 CEST49714443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.935837030 CEST4434971623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.935885906 CEST4434971623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.935911894 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.935935020 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.935950994 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.935950994 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.935962915 CEST4434971623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.936064005 CEST49716443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.937760115 CEST49719443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.937787056 CEST4434971923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.937990904 CEST49719443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.938126087 CEST49719443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.938143969 CEST4434971923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.952595949 CEST44349718204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.952712059 CEST49718443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.952950001 CEST49718443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.952955008 CEST44349718204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.953181028 CEST49718443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.953186989 CEST44349718204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.963582993 CEST44349715204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.963603973 CEST44349715204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.963670015 CEST49715443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.963670969 CEST49715443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.963680029 CEST44349715204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.963877916 CEST44349715204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.963927031 CEST44349715204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.964137077 CEST49715443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.964376926 CEST49715443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:32.964384079 CEST44349715204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.041757107 CEST44349717204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.041779041 CEST44349717204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.041805983 CEST44349717204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.041888952 CEST49717443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.041888952 CEST49717443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.041903019 CEST44349717204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.041918993 CEST44349717204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.041980982 CEST44349717204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.042140961 CEST49717443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.042617083 CEST49717443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.042625904 CEST44349717204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.112874031 CEST49675443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.112874031 CEST49677443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.113867998 CEST49674443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.113867998 CEST49681443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.161000013 CEST4434971923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.162800074 CEST49719443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.181763887 CEST49719443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.181781054 CEST4434971923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.181971073 CEST49719443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.181987047 CEST4434971923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.190992117 CEST44349718204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.191011906 CEST44349718204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.191067934 CEST44349718204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.191198111 CEST44349718204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.191251040 CEST49718443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.194804907 CEST49718443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.225704908 CEST49718443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.225723982 CEST44349718204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.387919903 CEST4434971923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.387945890 CEST4434971923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.387963057 CEST4434971923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.388057947 CEST49719443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.388057947 CEST49719443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.388071060 CEST4434971923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.390707970 CEST49719443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.391289949 CEST4434971923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.391355038 CEST4434971923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.394709110 CEST49719443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.450711966 CEST49719443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.450730085 CEST4434971923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.483778954 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.483804941 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.486795902 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.487047911 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.487061024 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.710444927 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.710509062 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.710830927 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.710834980 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.710989952 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.710994005 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.985177994 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.985199928 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.985218048 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.985234022 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.985248089 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.985263109 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:33.985306025 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.093333960 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.093421936 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.093431950 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.093472004 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.126414061 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.126470089 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.126507044 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.126516104 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.126549006 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.126578093 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.140784979 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.140866041 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.140872955 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.140927076 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.202661991 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.202712059 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.202747107 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.202754021 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.202811956 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.202830076 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.202878952 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.227739096 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.227782965 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.227811098 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.227818012 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.227864027 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.227884054 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.227931976 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.254537106 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.254581928 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.254609108 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.254616022 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.254637003 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.254647017 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.282728910 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.282773018 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.282808065 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.282814980 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.282875061 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.291780949 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.291863918 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.291870117 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.291917086 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.317070007 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.317116022 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.317147017 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.317153931 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.317167997 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.317199945 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.325086117 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.325169086 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.325175047 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.325232983 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.339430094 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.339472055 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.339498043 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.339504957 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.339534044 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.339548111 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.345892906 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.345957994 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.345964909 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.346007109 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.359759092 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.359800100 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.359848022 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.359853983 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.359877110 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.359894991 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.365983009 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.366049051 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.366055965 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.366100073 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.381026983 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.381083965 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.381095886 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.381110907 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.381146908 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.381171942 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.386401892 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.386471033 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.386477947 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.386519909 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.399276972 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.399319887 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.399343014 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.399358988 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.399369955 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.399403095 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.405124903 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.405241966 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.405249119 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.405303955 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.417213917 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.417275906 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.417310953 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.417316914 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.417340040 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.417354107 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.422652960 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.422720909 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.422728062 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.422769070 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.435102940 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.435149908 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.435178995 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.435185909 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.435208082 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.435264111 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.439450979 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.439518929 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.439526081 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.439565897 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.447468042 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.447510958 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.447536945 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.447544098 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.447557926 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.447582006 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.451356888 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.451426029 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.451431990 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.451473951 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.458931923 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.458971977 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.459007978 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.459018946 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.459039927 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.459059000 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.463480949 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.463551998 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.463558912 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.463629961 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.470074892 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.470135927 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.470175028 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.470181942 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.470192909 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.470227003 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.473396063 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.473465919 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.473474026 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.473519087 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.480675936 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.480717897 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.480736017 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.480743885 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.480756044 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.480777979 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.480787039 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.483242989 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.483318090 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.483325005 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.483366966 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.490061998 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.490087032 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.490125895 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.490134001 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.490153074 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.490174055 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.492889881 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.492954016 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.492961884 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.493000984 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.498519897 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.498538017 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.498577118 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.498584032 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.498615026 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.498627901 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.500309944 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.500366926 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.500372887 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.500411034 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.500420094 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.500464916 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.500471115 CEST4434972023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.500500917 CEST49720443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.502307892 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.502336979 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.502407074 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.502595901 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.502609015 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.544887066 CEST49681443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.725788116 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.725954056 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.726300001 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.726308107 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.726494074 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:34.726499081 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.002084970 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.002110958 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.002127886 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.002249956 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.002249956 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.002274990 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.002434969 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.109245062 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.109389067 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.109396935 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.109591961 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.142819881 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.142838001 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.142944098 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.142952919 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.142973900 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.143007040 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.157202005 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.157284975 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.157290936 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.157406092 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.219548941 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.219566107 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.219640970 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.219650030 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.219782114 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.246468067 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.246481895 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.246620893 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.246629000 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.246764898 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.271080971 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.271097898 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.271277905 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.271285057 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.271348953 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.283443928 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.283593893 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.283598900 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.283698082 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.307961941 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.307976961 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.308101892 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.308108091 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.308209896 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.318691969 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.318828106 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.318834066 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.318919897 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.340606928 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.340624094 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.340859890 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.340867996 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.341078043 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.349014997 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.349102020 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.349107981 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.349272966 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.362127066 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.362143040 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.362211943 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.362219095 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.362404108 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.369642973 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.369752884 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.369757891 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.369858027 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.382381916 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.382397890 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.382476091 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.382483006 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.382644892 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.388573885 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.388674974 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.388680935 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.388782978 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.401854992 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.401870012 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.401959896 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.401971102 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.402095079 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.409899950 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.410020113 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.410026073 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.410073996 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.421525955 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.421540976 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.421699047 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.421705008 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.421766996 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.428059101 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.428122997 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.428128958 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.428302050 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.439220905 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.439235926 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.439315081 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.439321041 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.439481974 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.444329977 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.444490910 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.444497108 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.444562912 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.455084085 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.455099106 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.455219030 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.455225945 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.455343962 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.458862066 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.458929062 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.458935022 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.459062099 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.467272997 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.467291117 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.467363119 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.467370033 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.467494965 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.470881939 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.471028090 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.471034050 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.471286058 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.478580952 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.478595972 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.478735924 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.478743076 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.478866100 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.482196093 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.482426882 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.482433081 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.482537031 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.493486881 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.493500948 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.493848085 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.493855000 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.493963003 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.497054100 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.497203112 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.497209072 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.497304916 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.500000954 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.500015974 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.500148058 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.500154972 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.500272036 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.502708912 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.502891064 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.502897024 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.503000021 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.508065939 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.508080959 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.508264065 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.508270025 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.508342981 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.511810064 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.512000084 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.512005091 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.512152910 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.515875101 CEST49675443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.515887976 CEST49674443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.515892982 CEST49677443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.516546011 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.516597033 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.516660929 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.516666889 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.516668081 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.516711950 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.516845942 CEST49721443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.516854048 CEST4434972123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.519028902 CEST49722443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.519067049 CEST4434972223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.519210100 CEST49722443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.519386053 CEST49722443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.519397974 CEST4434972223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.742613077 CEST4434972223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.742698908 CEST49722443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.743091106 CEST49722443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.743099928 CEST4434972223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.743321896 CEST49722443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.743326902 CEST4434972223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.965919018 CEST4434972223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.965986967 CEST49722443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.966002941 CEST4434972223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.966104984 CEST49722443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.966109037 CEST4434972223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.966150045 CEST4434972223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.966171026 CEST49722443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.966176033 CEST4434972223.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.966191053 CEST49722443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.966217995 CEST49722443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.966240883 CEST49722443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.968236923 CEST49723443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.968266010 CEST4434972323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.968369961 CEST49723443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.968540907 CEST49723443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:35.968554974 CEST4434972323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.046963930 CEST49724443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.046988010 CEST44349724204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.047089100 CEST49724443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.047235012 CEST49724443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.047249079 CEST44349724204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.192678928 CEST4434972323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.192749977 CEST49723443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.193123102 CEST49723443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.193126917 CEST4434972323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.193305969 CEST49723443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.193310976 CEST4434972323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.318662882 CEST44349724204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.318751097 CEST49724443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.322768927 CEST49724443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.322772980 CEST44349724204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.340651035 CEST49724443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.340658903 CEST44349724204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.340840101 CEST49724443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.340857983 CEST44349724204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.342777014 CEST49724443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.342803955 CEST44349724204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.419202089 CEST4434972323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.419225931 CEST4434972323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.419243097 CEST4434972323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.419356108 CEST49723443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.419368029 CEST4434972323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.419401884 CEST49723443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.419410944 CEST49723443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.420613050 CEST4434972323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.420665026 CEST4434972323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.420707941 CEST49723443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.440951109 CEST49723443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.440959930 CEST4434972323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.626574993 CEST44349724204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.626658916 CEST44349724204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.626746893 CEST49724443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.630215883 CEST49724443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.630228043 CEST44349724204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.661569118 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.661598921 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.661678076 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.662031889 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.662049055 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.802690029 CEST49683443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.803062916 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.803092003 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.803221941 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.803390980 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.803401947 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.886776924 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.886856079 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.887166023 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.887173891 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.887326002 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:36.887341022 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.079888105 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.079957962 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.091819048 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.091828108 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.092046022 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.092086077 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.093564987 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.113873959 CEST49683443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.115547895 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.115569115 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.115586042 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.115611076 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.115648031 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.115658045 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.115698099 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.140110970 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208650112 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208669901 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208714962 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208723068 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208730936 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208762884 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208766937 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208789110 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208796978 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208801985 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208822012 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208849907 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208857059 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208858967 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208877087 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208905935 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.208978891 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.209022045 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.209083080 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.209115028 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.209117889 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.209158897 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.209192038 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.213978052 CEST49726443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.213988066 CEST44349726204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.237219095 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.237241983 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.237322092 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.237335920 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.237349033 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.237376928 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.241986036 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.242059946 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.271172047 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.271194935 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.271265984 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.271275997 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.271322012 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.314371109 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.314409971 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.314443111 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.314450026 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.314479113 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.314491987 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.351269007 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.351291895 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.351342916 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.351356030 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.351383924 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.351397038 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.376163960 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.376207113 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.376259089 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.376267910 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.376297951 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.376316071 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.388278961 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.388350964 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.400943995 CEST49681443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.410679102 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.410705090 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.410746098 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.410753965 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.410782099 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.410800934 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.419523954 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.419612885 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.438129902 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.438148022 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.438196898 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.438205004 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.438226938 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.438240051 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.455790043 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.455807924 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.455882072 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.455890894 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.455930948 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.462074995 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.462133884 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.475877047 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.475893021 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.475954056 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.475961924 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.475997925 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.482142925 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.482199907 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.495507956 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.495527983 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.495573044 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.495583057 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.495608091 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.495631933 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.507563114 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.507577896 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.507636070 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.507641077 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.507663965 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.507678986 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.513508081 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.513588905 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.521523952 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.521563053 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.521589994 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.521595955 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.521622896 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.521630049 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.521640062 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.521672010 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.521687031 CEST49725443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.521698952 CEST4434972523.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.523454905 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.523488998 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.523600101 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.523817062 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.523828983 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.720863104 CEST49683443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.743686914 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.743765116 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.744160891 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.744170904 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.744617939 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.744622946 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.962697983 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.962738991 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.962757111 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.962763071 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.962789059 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.962802887 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.962819099 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:37.962855101 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.066545963 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.066617012 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.066642046 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.066725016 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.094640017 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.094655991 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.094697952 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.094705105 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.094727993 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.094748020 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.113179922 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.113245010 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.113250971 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.113291979 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.172460079 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.172473907 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.172521114 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.172529936 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.172549963 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.172569036 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.184560061 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.184621096 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.184627056 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.184693098 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.210458040 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.210473061 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.210526943 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.210535049 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.210616112 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.222438097 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.222498894 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.222503901 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.222512960 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.222532034 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.222536087 CEST4434972723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.222552061 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.222568035 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.222603083 CEST49727443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.224250078 CEST49728443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.224278927 CEST4434972823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.224351883 CEST49728443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.224544048 CEST49728443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.224555969 CEST4434972823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.440509081 CEST4434972823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.440576077 CEST49728443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.441019058 CEST49728443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.441025972 CEST4434972823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.441195965 CEST49728443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.441200972 CEST4434972823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.656614065 CEST4434972823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.656636953 CEST4434972823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.656670094 CEST4434972823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.656706095 CEST49728443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.656706095 CEST49728443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.656719923 CEST4434972823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.656749010 CEST49728443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.656800985 CEST4434972823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.656831026 CEST49728443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.657313108 CEST49728443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.657313108 CEST49728443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.659101009 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.659127951 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.659384012 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.659384012 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.659408092 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.876394033 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.876861095 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.876861095 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.876878023 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.877094030 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.877098083 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.934731007 CEST49683443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.965342999 CEST49728443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:38.965367079 CEST4434972823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.111716986 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.111731052 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.111747980 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.112590075 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.112601995 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.112756014 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.229455948 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.229473114 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.229650974 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.229660988 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.229773045 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.234105110 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.234206915 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.264293909 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.264313936 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.264390945 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.264391899 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.264400959 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.264548063 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.282973051 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.283015013 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.283104897 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.283104897 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.283113003 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.283950090 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.341407061 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.341427088 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.341532946 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.341532946 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.341542006 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.342734098 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.367047071 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.367060900 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.370769024 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.370776892 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.378029108 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.378777981 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.382734060 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.400160074 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.400177002 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.402721882 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.402734041 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.409437895 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.409492016 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.409499884 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.409521103 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.409527063 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.409579039 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.409579039 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.416769981 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.416769981 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.416795969 CEST4434972923.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.418718100 CEST49729443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.422724962 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.422764063 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.428030968 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.450911045 CEST49731443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.450917006 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.450931072 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.450941086 CEST4434973113.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.457298040 CEST49731443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.486726999 CEST49731443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.486741066 CEST4434973113.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.676692009 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.676749945 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.713593006 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.713599920 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.713799000 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.713803053 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.769592047 CEST4434973113.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.769675970 CEST49731443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.772381067 CEST49731443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.772381067 CEST49731443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.772403002 CEST4434973113.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.772428036 CEST4434973113.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.772636890 CEST4434973113.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.772685051 CEST49731443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.864867926 CEST4434973113.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.864922047 CEST49731443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.864933014 CEST4434973113.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.864943027 CEST4434973113.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.864976883 CEST49731443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.865330935 CEST49731443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.865343094 CEST4434973113.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.866992950 CEST49732443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.867022038 CEST4434973213.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.867079973 CEST49732443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.867275000 CEST49732443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.867280006 CEST4434973213.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.915783882 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.915808916 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.915826082 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.915853024 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.915873051 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.915889978 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.915904999 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:39.915934086 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.037527084 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.037549019 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.037651062 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.037667036 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.037712097 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.042306900 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.042366028 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.073621988 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.073653936 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.073714018 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.073728085 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.073738098 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.073770046 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.092962027 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.093003035 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.093025923 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.093033075 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.093055010 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.093063116 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.141033888 CEST4434973213.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.141108036 CEST49732443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.141531944 CEST49732443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.141541958 CEST4434973213.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.141714096 CEST49732443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.141719103 CEST4434973213.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.153708935 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.153726101 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.153805971 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.153820038 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.153862000 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.180368900 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.180385113 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.180458069 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.180464983 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.180504084 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.192282915 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.192368031 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.214106083 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.214121103 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.214191914 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.214199066 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.214236021 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.223499060 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.223573923 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.232496977 CEST4434973213.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.232558966 CEST4434973213.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.232562065 CEST49732443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.232604027 CEST49732443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.233460903 CEST49732443192.168.2.1613.107.42.254
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.233473063 CEST4434973213.107.42.254192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.242233992 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.242249012 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.242330074 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.242336035 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.242377996 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.258886099 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.258900881 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.258963108 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.258970976 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.259006977 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.265608072 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.265683889 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.280219078 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.280251980 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.280314922 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.280330896 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.280342102 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.280369043 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.286520004 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.286606073 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.300714016 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.300731897 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.300779104 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.300787926 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.300812006 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.300823927 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.314023018 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.314037085 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.314122915 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.314130068 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.314167976 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.316174984 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.316235065 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.316241026 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.316251993 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.316273928 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.316279888 CEST4434973023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.316287994 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.316310883 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.316333055 CEST49730443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.318100929 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.318130016 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.318197012 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.318399906 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.318413019 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.319886923 CEST49675443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.320007086 CEST49677443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.320008993 CEST49674443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.332696915 CEST49734443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.332706928 CEST44349734152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.332777023 CEST49734443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.333034992 CEST49734443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.333046913 CEST44349734152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.537985086 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.538063049 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.538402081 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.538405895 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.538558006 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.538562059 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.605842113 CEST44349734152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.605916023 CEST49734443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.608442068 CEST49734443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.608448029 CEST44349734152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.608573914 CEST49734443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.608581066 CEST44349734152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.608675003 CEST44349734152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.608731985 CEST49734443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.763781071 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.763803005 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.763819933 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.763859987 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.763890982 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.763896942 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.763946056 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.776655912 CEST44349734152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.776710033 CEST49734443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.776716948 CEST44349734152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.776735067 CEST44349734152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.776760101 CEST49734443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.776781082 CEST49734443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.777192116 CEST49734443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.777201891 CEST44349734152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.779000044 CEST49735443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.779017925 CEST44349735152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.779090881 CEST49735443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.779282093 CEST49735443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.779295921 CEST44349735152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.870059967 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.870129108 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.870141983 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.870183945 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.898297071 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.898313999 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.898361921 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.898369074 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.898415089 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.898421049 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.917108059 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.917179108 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.917182922 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.917226076 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.978354931 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.978374004 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.978478909 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.978485107 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.978528023 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.989761114 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.989842892 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.989846945 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:40.989896059 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.015937090 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.015952110 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.016022921 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.016030073 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.016072989 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.028073072 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.028153896 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.028158903 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.028208017 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.032530069 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.032587051 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.032591105 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.032635927 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.032640934 CEST4434973323.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.032660961 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.032660961 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.032660961 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.032680035 CEST49733443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.034539938 CEST49736443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.034581900 CEST4434973623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.034656048 CEST49736443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.034841061 CEST49736443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.034854889 CEST4434973623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.051599979 CEST44349735152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.051656961 CEST49735443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.051963091 CEST49735443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.051968098 CEST44349735152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.052129030 CEST49735443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.052133083 CEST44349735152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.229006052 CEST44349735152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.229072094 CEST49735443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.229096889 CEST44349735152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.229109049 CEST44349735152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.229146957 CEST49735443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.229670048 CEST49735443192.168.2.16152.199.24.163
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.229698896 CEST44349735152.199.24.163192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.232089996 CEST49737443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.232119083 CEST44349737204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.232199907 CEST49737443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.232367992 CEST49737443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.232383013 CEST44349737204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.253110886 CEST4434973623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.253175020 CEST49736443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.253439903 CEST49736443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.253448963 CEST4434973623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.253586054 CEST49736443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.253591061 CEST4434973623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.341895103 CEST49683443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.467713118 CEST4434973623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.467789888 CEST49736443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.467803955 CEST4434973623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.467860937 CEST49736443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.467928886 CEST4434973623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.467971087 CEST4434973623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.467971087 CEST49736443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.468014002 CEST49736443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.468373060 CEST49736443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.468384981 CEST4434973623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.470118999 CEST49738443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.470145941 CEST4434973823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.470220089 CEST49738443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.470396996 CEST49738443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.470407009 CEST4434973823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.503166914 CEST44349737204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.503227949 CEST49737443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.503519058 CEST49737443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.503525019 CEST44349737204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.503681898 CEST49737443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.503686905 CEST44349737204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.679954052 CEST49739443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.679986000 CEST44349739204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.680082083 CEST49739443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.680244923 CEST49739443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.680257082 CEST44349739204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.680440903 CEST44349737204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.680510044 CEST49737443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.680516958 CEST44349737204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.680560112 CEST44349737204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.680561066 CEST49737443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.680603027 CEST49737443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.680865049 CEST49737443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.680877924 CEST44349737204.79.197.222192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.692576885 CEST4434973823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.692637920 CEST49738443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.692946911 CEST49738443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.692954063 CEST4434973823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.693079948 CEST49738443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.693084955 CEST4434973823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.924545050 CEST4434973823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.924573898 CEST4434973823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.924603939 CEST4434973823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.924608946 CEST49738443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.924626112 CEST4434973823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.924638987 CEST49738443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.924647093 CEST49738443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.924655914 CEST4434973823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.924663067 CEST49738443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.924700022 CEST49738443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.950325966 CEST44349739204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:41.950388908 CEST49739443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:43.124916077 CEST49681443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:46.143376112 CEST49683443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.220763922 CEST49740443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.220802069 CEST44349740104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.220890045 CEST49740443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.225634098 CEST49740443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.225650072 CEST44349740104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.416372061 CEST44349740104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.416558981 CEST49740443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.418210030 CEST49740443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.418216944 CEST44349740104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.418425083 CEST44349740104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.465657949 CEST49740443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.512124062 CEST44349740104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.638601065 CEST44349740104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.638648033 CEST44349740104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.638791084 CEST49740443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.639424086 CEST49740443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.641839027 CEST49741443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.641860962 CEST44349741104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.641961098 CEST49741443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.642216921 CEST49741443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.642225027 CEST44349741104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.824915886 CEST44349741104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.825000048 CEST49741443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.826323986 CEST49741443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.826328039 CEST44349741104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.826514006 CEST44349741104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.827819109 CEST49741443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:47.872118950 CEST44349741104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:48.065565109 CEST44349741104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:48.065610886 CEST44349741104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:48.065639973 CEST44349741104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:48.065687895 CEST49741443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:48.065700054 CEST44349741104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:48.065751076 CEST44349741104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:48.065794945 CEST49741443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:48.068011999 CEST49741443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:49.922116041 CEST49675443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:49.922131062 CEST49677443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:49.922146082 CEST49674443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.231667042 CEST49745443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.231708050 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.231766939 CEST49745443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.232496023 CEST49745443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.232513905 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.300339937 CEST49748443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.300354958 CEST44349748142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.300416946 CEST49748443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.300647974 CEST49748443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.300662041 CEST44349748142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.424309969 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.424678087 CEST49745443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.424689054 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.425720930 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.425775051 CEST49745443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.426906109 CEST49745443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.426970959 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.427423000 CEST49749443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.427464008 CEST44349749142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.427520990 CEST49749443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.427613020 CEST49750443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.427624941 CEST44349750142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.427668095 CEST49750443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.427719116 CEST49745443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.427726030 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.427963018 CEST49749443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.427970886 CEST44349749142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.428128958 CEST49750443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.428133965 CEST44349750142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.478909016 CEST49745443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.486432076 CEST44349748142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.486680031 CEST49748443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.486687899 CEST44349748142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.487785101 CEST44349748142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.487839937 CEST49748443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.488261938 CEST49748443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.488328934 CEST44349748142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.488406897 CEST49748443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.488415003 CEST44349748142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.541918993 CEST49748443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.618501902 CEST44349750142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.618798018 CEST49750443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.618815899 CEST44349750142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.619102955 CEST44349750142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.619401932 CEST49750443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.619461060 CEST44349750142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.619664907 CEST49750443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.623884916 CEST44349749142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.624094009 CEST49749443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.624119043 CEST44349749142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.625240088 CEST44349749142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.625550985 CEST49749443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.625623941 CEST49749443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.625722885 CEST44349749142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.650655031 CEST49748443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.650737047 CEST44349748142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.650912046 CEST44349748142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.650969028 CEST49748443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.650979042 CEST49748443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.664117098 CEST44349750142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.669914961 CEST49749443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.673810005 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.673897982 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.673937082 CEST49745443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.673943996 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.673971891 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.674016953 CEST49745443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.674022913 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.678373098 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.678430080 CEST49745443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.678436041 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.679723024 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.679766893 CEST49745443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.683384895 CEST49745443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.683399916 CEST44349745142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.038459063 CEST44349749142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.038767099 CEST44349749142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.038835049 CEST49749443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.039630890 CEST49749443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.039654970 CEST44349749142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.041723967 CEST49753443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.041750908 CEST44349753142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.042515039 CEST49753443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.042709112 CEST49753443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.042715073 CEST44349753142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.095678091 CEST44349750142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.095798016 CEST44349750142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.095868111 CEST49750443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.096415997 CEST49750443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.096430063 CEST44349750142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.229479074 CEST44349753142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.229748964 CEST49753443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.229768991 CEST44349753142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.230089903 CEST44349753142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.230410099 CEST49753443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.230472088 CEST44349753142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.230760098 CEST49754443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.230787992 CEST44349754142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.230824947 CEST49753443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.230879068 CEST49754443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.231132984 CEST49754443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.231146097 CEST44349754142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.272135019 CEST44349753142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.419516087 CEST44349753142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.419553041 CEST44349753142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.419601917 CEST49753443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.419620991 CEST44349753142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.419682980 CEST44349753142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.419739962 CEST49753443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.420136929 CEST49753443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.420150042 CEST44349753142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.447596073 CEST44349754142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.447909117 CEST49754443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.447928905 CEST44349754142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.448463917 CEST44349754142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.448827028 CEST49754443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.448911905 CEST44349754142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.449132919 CEST49754443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.492124081 CEST44349754142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.635776997 CEST44349754142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.635837078 CEST44349754142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.635874033 CEST44349754142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.635931969 CEST49754443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.635948896 CEST44349754142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.636269093 CEST44349754142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.636327028 CEST49754443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.636507034 CEST49754443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:51.636521101 CEST44349754142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:54.555919886 CEST49681443192.168.2.1651.104.15.253
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:54.839478970 CEST49757443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:54.839528084 CEST44349757142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:54.839624882 CEST49757443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:54.839874983 CEST49757443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:54.839885950 CEST44349757142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.044300079 CEST44349757142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.044835091 CEST49757443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.044850111 CEST44349757142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.045145035 CEST44349757142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.077436924 CEST49757443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.077502012 CEST44349757142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.144004107 CEST49757443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.752911091 CEST49683443192.168.2.16204.79.197.222
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.828603983 CEST49739443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.828627110 CEST44349739204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.828866005 CEST49739443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.828871012 CEST44349739204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.828963041 CEST49739443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.828969955 CEST44349739204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.830235958 CEST49738443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.830261946 CEST4434973823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.835186958 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.835211992 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.835297108 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.836560965 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:55.836571932 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.020761013 CEST44349739204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.020823956 CEST49739443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.020840883 CEST44349739204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.020852089 CEST44349739204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.020906925 CEST49739443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.020912886 CEST44349739204.79.197.200192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.020927906 CEST49739443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.020927906 CEST49739443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.020967960 CEST49739443192.168.2.16204.79.197.200
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.061783075 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.066247940 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.074001074 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.074008942 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.074172020 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.074176073 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.353046894 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.353127956 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.353137970 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.353190899 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.362477064 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.362485886 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.362520933 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.362548113 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.362555027 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.362592936 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.362617016 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.409961939 CEST4975980192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.470007896 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.470088005 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.470097065 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.470160961 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.498913050 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.498945951 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.499015093 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.499022007 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.499103069 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.513361931 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.513472080 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.513477087 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.513514996 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.534449100 CEST804975934.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.534516096 CEST4975980192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.534687042 CEST4975980192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.574970007 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.575018883 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.575129032 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.575139046 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.575244904 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.587357998 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.587482929 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.587488890 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.587542057 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.614485025 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.614502907 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.614587069 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.614594936 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.614891052 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.626358032 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.626431942 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.626437902 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.626482964 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.652270079 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.652297020 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.652340889 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.652353048 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.652456045 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.659611940 CEST804975934.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.661092043 CEST804975934.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.662872076 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.662941933 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.662947893 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.662996054 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.687349081 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.687364101 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.689074993 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.689080954 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.689100027 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.689268112 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.694253922 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.694323063 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.694327116 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.694372892 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.709497929 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.709513903 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.709575891 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.709585905 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.709604979 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.709633112 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.711733103 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.711786985 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.711801052 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.711822987 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.711839914 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.711863041 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.712096930 CEST4975980192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.712161064 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.712174892 CEST4434975823.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.712182999 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.712224007 CEST49758443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.714823961 CEST49760443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.714840889 CEST4434976023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.716937065 CEST49760443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.717170954 CEST49760443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.717180014 CEST4434976023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.942423105 CEST4434976023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.942481995 CEST49760443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.943478107 CEST49760443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.943484068 CEST4434976023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.943691015 CEST49760443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.943695068 CEST4434976023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.165190935 CEST4434976023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.165209055 CEST4434976023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.165246964 CEST49760443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.165257931 CEST4434976023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.165267944 CEST49760443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.165302992 CEST49760443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.165333033 CEST4434976023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.165369987 CEST49760443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.165383101 CEST4434976023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.165419102 CEST49760443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.165939093 CEST49760443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.165954113 CEST4434976023.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.169158936 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.169188976 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.169265032 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.169455051 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.169466972 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.386569023 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.396982908 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.397875071 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.397881031 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.398046970 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.398051023 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.604943037 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.604973078 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.604989052 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.605014086 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.605031967 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.605062008 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.605102062 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.723545074 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.723566055 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.723659992 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.723676920 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.723691940 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.723707914 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.727977037 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.728024960 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.757205963 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.757222891 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.757280111 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.757288933 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.757313967 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.757373095 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.798196077 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.798259974 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.798278093 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.798286915 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.798311949 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.798336029 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.833152056 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.833169937 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.833296061 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.833304882 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.833386898 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.856702089 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.856720924 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.856909037 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.856918097 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.856945038 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.856976986 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.872649908 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.873332024 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.889908075 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.889923096 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.890743017 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.890748978 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.890808105 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.890808105 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.898684025 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.898750067 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.898755074 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.898763895 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:57.898797989 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.233220100 CEST49762443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.233262062 CEST44349762104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.245136976 CEST49762443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.249272108 CEST49762443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.249286890 CEST44349762104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.432657957 CEST44349762104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.432672024 CEST44349762104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.444103956 CEST49762443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.449472904 CEST49762443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.449480057 CEST44349762104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.449722052 CEST44349762104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.503952026 CEST49762443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.560960054 CEST49762443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.604125977 CEST44349762104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.655141115 CEST44349762104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.655205011 CEST44349762104.21.73.97192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.655256987 CEST49762443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.657427073 CEST49762443192.168.2.16104.21.73.97
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.659738064 CEST49763443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.659768105 CEST44349763104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.659852028 CEST49763443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.660186052 CEST49763443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.660195112 CEST44349763104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.842513084 CEST44349763104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.842639923 CEST49763443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.844238043 CEST49763443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.844243050 CEST44349763104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.844491005 CEST44349763104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.846034050 CEST49763443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:59.888123035 CEST44349763104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.100142002 CEST44349763104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.100188017 CEST44349763104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.100214005 CEST44349763104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.100239038 CEST49763443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.100263119 CEST44349763104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.100311041 CEST44349763104.21.85.189192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.100342989 CEST49763443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.100390911 CEST49763443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.105832100 CEST49763443192.168.2.16104.21.85.189
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.233731985 CEST49764443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.233760118 CEST4434976434.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.233822107 CEST49764443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.235142946 CEST49764443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.235152960 CEST4434976434.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.260430098 CEST4976580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.262893915 CEST49766443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.262928963 CEST4434976634.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.263423920 CEST49766443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.264832020 CEST49766443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.264847994 CEST4434976634.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.286851883 CEST49767443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.286866903 CEST4434976735.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.286935091 CEST49767443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.287033081 CEST49767443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.287040949 CEST4434976735.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.385054111 CEST804976534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.385229111 CEST4976580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.471508026 CEST4434976735.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.471575022 CEST49767443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.496444941 CEST4434976434.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.497070074 CEST49764443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.525564909 CEST4434976634.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.525634050 CEST49766443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.193145037 CEST4976580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.202305079 CEST49767443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.202328920 CEST4434976735.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.202693939 CEST4434976735.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207236052 CEST49764443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207246065 CEST4434976434.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207310915 CEST49764443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207415104 CEST49766443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207434893 CEST4434976634.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207448959 CEST49767443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207523108 CEST49767443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207542896 CEST4434976434.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207621098 CEST49766443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207664013 CEST4434976735.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207722902 CEST4434976634.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207778931 CEST49764443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207794905 CEST49767443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.207864046 CEST49766443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.317854881 CEST804976534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.320645094 CEST804976534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.362934113 CEST4976580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.067192078 CEST49768443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.067230940 CEST4434976834.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.067316055 CEST49768443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.068710089 CEST49768443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.068721056 CEST4434976834.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.324827909 CEST4434976834.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.324917078 CEST49768443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.422440052 CEST49768443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.422465086 CEST4434976834.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.422511101 CEST49768443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.422646999 CEST4434976834.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.422693014 CEST49768443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.431041956 CEST4976580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.431072950 CEST4975980192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.555717945 CEST804975934.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.555772066 CEST4975980192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.558450937 CEST804976534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.558502913 CEST4976580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:05.028093100 CEST44349757142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:05.028187990 CEST44349757142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:05.033951998 CEST49757443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:06.525158882 CEST49757443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:06.525183916 CEST44349757142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:09.511095047 CEST4969780192.168.2.16192.229.211.108
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:09.598567963 CEST8049697192.229.211.108192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:09.598629951 CEST4969780192.168.2.16192.229.211.108
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:11.349842072 CEST49769443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:11.349869013 CEST4434976934.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:11.352087975 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:11.352566004 CEST49769443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:11.476813078 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:11.476887941 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.580951929 CEST49769443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.580980062 CEST4434976934.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.581216097 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.581737041 CEST49771443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.581770897 CEST4434977134.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.583359003 CEST49771443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.583534956 CEST49771443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.583545923 CEST4434977134.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.705877066 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.707906008 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.753959894 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.774239063 CEST4434977134.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.774315119 CEST49771443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.778085947 CEST49771443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.778094053 CEST4434977134.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.778321981 CEST4434977134.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.781116009 CEST49771443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.781209946 CEST49771443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.781264067 CEST4434977134.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.781318903 CEST49771443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.835341930 CEST4434976934.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.835427046 CEST49769443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.839934111 CEST49769443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.839940071 CEST4434976934.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.840037107 CEST49769443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.840065956 CEST4434976934.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.840152979 CEST49769443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.534400940 CEST49772443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.534440041 CEST4434977234.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.534688950 CEST49772443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.536274910 CEST49772443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.536287069 CEST4434977234.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.791368008 CEST4434977234.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.791444063 CEST49772443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.797271013 CEST49772443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.797278881 CEST4434977234.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.797370911 CEST49772443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.797446966 CEST4434977234.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.797524929 CEST49772443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:14.055689096 CEST49774443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:14.055723906 CEST4434977434.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:14.055938005 CEST49774443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:14.056140900 CEST49774443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:14.056153059 CEST4434977434.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:14.238976955 CEST4434977434.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:14.239058971 CEST49774443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:16.269665003 CEST49774443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:16.269686937 CEST4434977434.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:16.270004034 CEST4434977434.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:16.279227018 CEST49774443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:16.279273033 CEST49774443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:16.279407024 CEST4434977434.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:16.279457092 CEST49774443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:16.487761021 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:16.613877058 CEST804977534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:16.613995075 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:17.158067942 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:17.282740116 CEST804977534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:17.285271883 CEST804977534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:17.327765942 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:17.374917030 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:17.501456976 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:17.553966045 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:22.250518084 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:22.377537966 CEST804977534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:22.424994946 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.136181116 CEST49761443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.136221886 CEST4434976123.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.140333891 CEST49776443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.140383005 CEST4434977623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.140455961 CEST49776443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.140767097 CEST49776443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.140777111 CEST4434977623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.365375996 CEST4434977623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.365448952 CEST49776443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.365837097 CEST49776443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.365842104 CEST4434977623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.366023064 CEST49776443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.366028070 CEST4434977623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.599301100 CEST4434977623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.599368095 CEST49776443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.599384069 CEST4434977623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.599426985 CEST49776443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.599448919 CEST4434977623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.599488020 CEST49776443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.599513054 CEST4434977623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.599560976 CEST49776443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.599911928 CEST49776443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.599925041 CEST4434977623.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.624788046 CEST49777443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.624820948 CEST4434977723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.624892950 CEST49777443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.625102043 CEST49777443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.625114918 CEST4434977723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.840534925 CEST4434977723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:25.841022968 CEST49777443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.785156965 CEST49778443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.785197973 CEST4434977834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.785281897 CEST49778443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.786520958 CEST49778443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.786535978 CEST4434977834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.974755049 CEST4434977834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.974837065 CEST49778443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.980140924 CEST49778443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.980165005 CEST4434977834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.980226994 CEST49778443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.980294943 CEST4434977834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.980340004 CEST49778443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.507009029 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.633425951 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.718904018 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.718936920 CEST4434977934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.719003916 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.720294952 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.720309019 CEST4434977934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.905932903 CEST4434977934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.905996084 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.911050081 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.911056995 CEST4434977934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.911120892 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.911230087 CEST4434977934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.911276102 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.059566975 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.187078953 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.187719107 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.193514109 CEST49780443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.193547964 CEST4434978034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.195498943 CEST49780443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.195683956 CEST49780443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.195693970 CEST4434978034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.202601910 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.231014967 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.329391956 CEST804977534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.378006935 CEST4434978034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.378954887 CEST49780443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.382253885 CEST49780443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.382262945 CEST4434978034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.382482052 CEST4434978034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.382998943 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.385153055 CEST49780443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.385294914 CEST4434978034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.385320902 CEST49780443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.385325909 CEST4434978034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.385338068 CEST49780443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.047003031 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.089265108 CEST49782443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.089301109 CEST4434978235.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.089570045 CEST49782443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.089678049 CEST49782443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.089689970 CEST4434978235.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.130837917 CEST49783443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.130861998 CEST4434978334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.131009102 CEST49784443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.131051064 CEST4434978434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.131124020 CEST49785443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.131155968 CEST4434978534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.131269932 CEST49783443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.131376982 CEST49785443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.131378889 CEST49784443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.132672071 CEST49783443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.132684946 CEST4434978334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.132834911 CEST49785443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.132853031 CEST4434978534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.132885933 CEST49784443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.132900953 CEST4434978434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.173763037 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.189337015 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.223017931 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.274008989 CEST4434978235.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.274275064 CEST49786443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.274312973 CEST4434978635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.275000095 CEST49782443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.275024891 CEST49786443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.277929068 CEST49782443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.277939081 CEST4434978235.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.278171062 CEST4434978235.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.278264999 CEST49786443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.278278112 CEST4434978635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.280894995 CEST49782443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.280953884 CEST49782443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.281025887 CEST4434978235.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.281090021 CEST49782443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.316803932 CEST804977534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.318536043 CEST4434978334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.318628073 CEST49783443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.319442987 CEST4434978534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.319516897 CEST49785443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.320904970 CEST4434978434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.322895050 CEST49785443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.322904110 CEST4434978534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.323132992 CEST4434978534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.323388100 CEST49784443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.326091051 CEST49784443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.326101065 CEST4434978434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.326340914 CEST4434978434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.328922033 CEST49783443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.328939915 CEST4434978334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.329000950 CEST49783443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.329078913 CEST49785443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.329081059 CEST4434978334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.329247952 CEST4434978534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.329416037 CEST49785443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.329422951 CEST4434978534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.329818964 CEST49784443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.329916000 CEST49784443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.329962969 CEST4434978434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.330025911 CEST49783443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.330049038 CEST49784443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.360008001 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.465487003 CEST4434978635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.465565920 CEST49786443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.468679905 CEST49786443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.468686104 CEST4434978635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.468920946 CEST4434978635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.471195936 CEST49786443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.471251965 CEST49786443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.471339941 CEST4434978635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.471389055 CEST49786443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.540122032 CEST4434978534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.540174007 CEST49785443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.581269979 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.672880888 CEST49787443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.672918081 CEST4434978734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.673098087 CEST49787443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.676611900 CEST49787443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.676620960 CEST4434978734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.708004951 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.750998020 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.860315084 CEST4434978734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.860385895 CEST49787443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.864572048 CEST49787443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.864578009 CEST4434978734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.864650011 CEST49787443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.864722013 CEST4434978734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.864772081 CEST49787443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.658750057 CEST49788443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.658780098 CEST4434978834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.659878969 CEST49788443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.660063028 CEST49788443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.660070896 CEST4434978834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.841478109 CEST4434978834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.841552973 CEST49788443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.844357014 CEST49788443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.844362974 CEST4434978834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.844616890 CEST4434978834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.847290993 CEST49788443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.847372055 CEST49788443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.847465038 CEST4434978834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:31.847506046 CEST49788443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.019277096 CEST49789443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.019308090 CEST4434978934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.019850016 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.020426035 CEST49789443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.020585060 CEST49789443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.020596981 CEST4434978934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.149616003 CEST804977534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.202011108 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.207536936 CEST4434978934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.207598925 CEST49789443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.210453033 CEST49789443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.210458994 CEST4434978934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.210681915 CEST4434978934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.212977886 CEST49789443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.213031054 CEST49789443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.213103056 CEST4434978934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.213155031 CEST49789443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.834301949 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.835290909 CEST49790443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.835334063 CEST4434979034.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.841049910 CEST49790443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.842343092 CEST49790443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.842365980 CEST4434979034.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.963164091 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.012999058 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.034859896 CEST4434979034.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.034960985 CEST49790443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.039223909 CEST49790443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.039233923 CEST4434979034.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.039320946 CEST49790443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.039388895 CEST4434979034.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.039470911 CEST49790443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.107012987 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.107336044 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.234112024 CEST804977534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.234895945 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.274012089 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.288985968 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:43.245026112 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:43.249021053 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:43.371226072 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:43.375109911 CEST804977534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:44.946578979 CEST4434977723.1.33.206192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:44.946655035 CEST49777443192.168.2.1623.1.33.206
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:53.373050928 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:53.388046026 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:53.499670982 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:53.529026031 CEST804977534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:54.901829958 CEST49792443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:54.901866913 CEST44349792142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:54.901949883 CEST49792443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:54.902183056 CEST49792443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:54.902196884 CEST44349792142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:55.095978975 CEST44349792142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:55.096249104 CEST49792443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:55.096263885 CEST44349792142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:55.096554041 CEST44349792142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:55.096946955 CEST49792443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:55.097002983 CEST44349792142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:55.140049934 CEST49792443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:03.501069069 CEST4977080192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:03.533085108 CEST4977580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:03.627176046 CEST804977034.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:03.659455061 CEST804977534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:05.103632927 CEST44349792142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:05.103698969 CEST44349792142.251.35.164192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:05.103878021 CEST49792443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:06.520910025 CEST49792443192.168.2.16142.251.35.164
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:06.520945072 CEST44349792142.251.35.164192.168.2.16

                                                                                                                                                                                                                                                                                                                                                          UDP Packets

                                                                                                                                                                                                                                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:30.882356882 CEST5204653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:30.974275112 CEST53520461.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.906243086 CEST6525753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.997553110 CEST53652571.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:42.532203913 CEST138138192.168.2.16192.168.2.255
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.127412081 CEST53536951.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.142616987 CEST5073153192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.142752886 CEST5444253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.230218887 CEST53603551.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.230555058 CEST53507311.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.230778933 CEST53544421.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.906378031 CEST53586171.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:53.397383928 CEST53586771.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.312513113 CEST6277253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.410381079 CEST6053053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.498613119 CEST53605301.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.499311924 CEST6184053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.587122917 CEST53618401.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.041474104 CEST6480853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.130444050 CEST53648081.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.134443998 CEST5434553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.143517971 CEST6229953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.155613899 CEST6062553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.169183969 CEST5782953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.169712067 CEST5272353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.170275927 CEST6527153192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.171153069 CEST6217853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.222302914 CEST53543451.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.232888937 CEST53622991.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST53606251.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.245484114 CEST5484253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.259573936 CEST53527231.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.260121107 CEST53652711.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.260524035 CEST6189053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.260857105 CEST53621781.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.262130022 CEST6342553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST53548421.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334884882 CEST5551853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.348634958 CEST53618901.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.349241972 CEST6254053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.351443052 CEST53634251.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.352024078 CEST6353853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.424151897 CEST53555181.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.437335014 CEST53625401.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.440855026 CEST53635381.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.193734884 CEST5799953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.194711924 CEST5188253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.197786093 CEST6086553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.281518936 CEST53579991.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.282428980 CEST53518821.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.285813093 CEST53608651.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.286350012 CEST5806653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.374721050 CEST53580661.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.064439058 CEST6329253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.065732956 CEST6181753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.066512108 CEST5570053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.153126001 CEST53618171.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.153753042 CEST5033453192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.153820992 CEST53632921.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.154381990 CEST6327553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.156461954 CEST53557001.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.156894922 CEST5500853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.242038012 CEST53503341.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.244906902 CEST53632751.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.245626926 CEST53550081.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.417449951 CEST5383753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.506509066 CEST53538371.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.507224083 CEST6529653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.596210957 CEST53652961.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:08.017518997 CEST53539581.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:11.351396084 CEST6072853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:11.440140009 CEST53607281.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.580420017 CEST5515053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.668826103 CEST53551501.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.669496059 CEST6059353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.758086920 CEST53605931.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.601963997 CEST5466153192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.876451015 CEST53576321.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.695735931 CEST6471453192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.784279108 CEST53647141.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.785428047 CEST6046253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.875618935 CEST53604621.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.876306057 CEST6127753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.895096064 CEST53616671.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.965313911 CEST53612771.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.284084082 CEST6517053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.551703930 CEST53514471.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.089623928 CEST5832753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.131191015 CEST5933753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.177437067 CEST53583271.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.219285011 CEST53593371.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.219887018 CEST6210553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.308862925 CEST53621051.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.020308018 CEST6252253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:49.348674059 CEST53606731.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:50.095092058 CEST53645691.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:02.550545931 CEST6316053192.168.2.161.1.1.1

                                                                                                                                                                                                                                                                                                                                                          DNS Queries

                                                                                                                                                                                                                                                                                                                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:30.882356882 CEST192.168.2.161.1.1.10x5f8Standard query (0)freegeoip.appA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.906243086 CEST192.168.2.161.1.1.10x7f17Standard query (0)ipbase.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.142616987 CEST192.168.2.161.1.1.10x5c42Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.142752886 CEST192.168.2.161.1.1.10xbecfStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.312513113 CEST192.168.2.161.1.1.10x28dStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.410381079 CEST192.168.2.161.1.1.10xedfdStandard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.499311924 CEST192.168.2.161.1.1.10xa115Standard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.041474104 CEST192.168.2.161.1.1.10xe567Standard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.134443998 CEST192.168.2.161.1.1.10x5457Standard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.143517971 CEST192.168.2.161.1.1.10x2e8fStandard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.155613899 CEST192.168.2.161.1.1.10xadbeStandard query (0)www.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.169183969 CEST192.168.2.161.1.1.10x2b22Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.169712067 CEST192.168.2.161.1.1.10x2617Standard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.170275927 CEST192.168.2.161.1.1.10xc643Standard query (0)www.wikipedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.171153069 CEST192.168.2.161.1.1.10xe1c4Standard query (0)spocs.getpocket.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.245484114 CEST192.168.2.161.1.1.10xe5abStandard query (0)youtube-ui.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.260524035 CEST192.168.2.161.1.1.10x625aStandard query (0)star-mini.c10r.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.262130022 CEST192.168.2.161.1.1.10x941bStandard query (0)dyna.wikimedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334884882 CEST192.168.2.161.1.1.10x8804Standard query (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.349241972 CEST192.168.2.161.1.1.10xbd66Standard query (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.352024078 CEST192.168.2.161.1.1.10x6653Standard query (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.193734884 CEST192.168.2.161.1.1.10x3214Standard query (0)www.reddit.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.194711924 CEST192.168.2.161.1.1.10x7ecaStandard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.197786093 CEST192.168.2.161.1.1.10x163dStandard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.286350012 CEST192.168.2.161.1.1.10x7e69Standard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.064439058 CEST192.168.2.161.1.1.10x4da1Standard query (0)reddit.map.fastly.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.065732956 CEST192.168.2.161.1.1.10x66bdStandard query (0)prod.ads.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.066512108 CEST192.168.2.161.1.1.10x2d55Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.153753042 CEST192.168.2.161.1.1.10xfd8eStandard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.154381990 CEST192.168.2.161.1.1.10xdf5aStandard query (0)reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.156894922 CEST192.168.2.161.1.1.10xe3f8Standard query (0)twitter.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.417449951 CEST192.168.2.161.1.1.10xd872Standard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.507224083 CEST192.168.2.161.1.1.10x91c2Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:11.351396084 CEST192.168.2.161.1.1.10xf4b4Standard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.580420017 CEST192.168.2.161.1.1.10xfac3Standard query (0)prod.content-signature-chains.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.669496059 CEST192.168.2.161.1.1.10xda5dStandard query (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.601963997 CEST192.168.2.161.1.1.10xa851Standard query (0)shavar.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.695735931 CEST192.168.2.161.1.1.10xad0fStandard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.785428047 CEST192.168.2.161.1.1.10x18b5Standard query (0)prod.remote-settings.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.876306057 CEST192.168.2.161.1.1.10xabf7Standard query (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.284084082 CEST192.168.2.161.1.1.10x6848Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.089623928 CEST192.168.2.161.1.1.10xc751Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.131191015 CEST192.168.2.161.1.1.10x507fStandard query (0)telemetry-incoming.r53-2.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.219887018 CEST192.168.2.161.1.1.10x16dbStandard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.020308018 CEST192.168.2.161.1.1.10xb5e4Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:02.550545931 CEST192.168.2.161.1.1.10x77eaStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                                          DNS Answers

                                                                                                                                                                                                                                                                                                                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:30.974275112 CEST1.1.1.1192.168.2.160x5f8No error (0)freegeoip.app104.21.73.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:30.974275112 CEST1.1.1.1192.168.2.160x5f8No error (0)freegeoip.app172.67.160.84A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.997553110 CEST1.1.1.1192.168.2.160x7f17No error (0)ipbase.com104.21.85.189A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:27:31.997553110 CEST1.1.1.1192.168.2.160x7f17No error (0)ipbase.com172.67.209.71A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.230555058 CEST1.1.1.1192.168.2.160x5c42No error (0)www.google.com142.251.35.164A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:50.230778933 CEST1.1.1.1192.168.2.160xbecfNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.409075975 CEST1.1.1.1192.168.2.160x28dNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.409075975 CEST1.1.1.1192.168.2.160x28dNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.498613119 CEST1.1.1.1192.168.2.160xedfdNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.587122917 CEST1.1.1.1192.168.2.160xa115No error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.130444050 CEST1.1.1.1192.168.2.160xe567No error (0)example.org93.184.215.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.222302914 CEST1.1.1.1192.168.2.160x5457No error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.222302914 CEST1.1.1.1192.168.2.160x5457No error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.232888937 CEST1.1.1.1192.168.2.160x2e8fNo error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.250.176.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.251.35.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.250.64.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.251.40.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.251.40.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.251.40.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.251.32.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.251.40.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.250.65.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.251.40.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.251.41.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.250.81.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.250.65.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.250.65.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com172.217.165.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.244688988 CEST1.1.1.1192.168.2.160xadbeNo error (0)youtube-ui.l.google.com142.250.64.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.259557009 CEST1.1.1.1192.168.2.160x2b22No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.259557009 CEST1.1.1.1192.168.2.160x2b22No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.259573936 CEST1.1.1.1192.168.2.160x2617No error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.259573936 CEST1.1.1.1192.168.2.160x2617No error (0)star-mini.c10r.facebook.com157.240.241.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.260121107 CEST1.1.1.1192.168.2.160xc643No error (0)www.wikipedia.orgdyna.wikimedia.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.260121107 CEST1.1.1.1192.168.2.160xc643No error (0)dyna.wikimedia.org208.80.154.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.260857105 CEST1.1.1.1192.168.2.160xe1c4No error (0)spocs.getpocket.comprod.ads.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.260857105 CEST1.1.1.1192.168.2.160xe1c4No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.286062002 CEST1.1.1.1192.168.2.160x3599No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.286062002 CEST1.1.1.1192.168.2.160x3599No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.251.40.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.251.32.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.251.40.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.251.35.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.250.65.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com172.217.165.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.250.176.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.250.80.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.250.65.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.251.41.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.250.65.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.250.80.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.250.81.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.251.40.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.251.40.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.334036112 CEST1.1.1.1192.168.2.160xe5abNo error (0)youtube-ui.l.google.com142.250.80.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.348634958 CEST1.1.1.1192.168.2.160x625aNo error (0)star-mini.c10r.facebook.com31.13.71.36A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.351443052 CEST1.1.1.1192.168.2.160x941bNo error (0)dyna.wikimedia.org208.80.154.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.424151897 CEST1.1.1.1192.168.2.160x8804No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.424151897 CEST1.1.1.1192.168.2.160x8804No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.424151897 CEST1.1.1.1192.168.2.160x8804No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.424151897 CEST1.1.1.1192.168.2.160x8804No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.437335014 CEST1.1.1.1192.168.2.160xbd66No error (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:00.440855026 CEST1.1.1.1192.168.2.160x6653No error (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.281518936 CEST1.1.1.1192.168.2.160x3214No error (0)www.reddit.comreddit.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.281518936 CEST1.1.1.1192.168.2.160x3214No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.281518936 CEST1.1.1.1192.168.2.160x3214No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.281518936 CEST1.1.1.1192.168.2.160x3214No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.281518936 CEST1.1.1.1192.168.2.160x3214No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.282428980 CEST1.1.1.1192.168.2.160x7ecaNo error (0)twitter.com104.244.42.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.285813093 CEST1.1.1.1192.168.2.160x163dNo error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.153126001 CEST1.1.1.1192.168.2.160x66bdNo error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.153820992 CEST1.1.1.1192.168.2.160x4da1No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.153820992 CEST1.1.1.1192.168.2.160x4da1No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.153820992 CEST1.1.1.1192.168.2.160x4da1No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.153820992 CEST1.1.1.1192.168.2.160x4da1No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.156461954 CEST1.1.1.1192.168.2.160x2d55No error (0)twitter.com104.244.42.129A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:03.506509066 CEST1.1.1.1192.168.2.160xd872No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:11.440140009 CEST1.1.1.1192.168.2.160xf4b4No error (0)content-signature-2.cdn.mozilla.netcontent-signature-chains.prod.autograph.services.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:11.440140009 CEST1.1.1.1192.168.2.160xf4b4No error (0)content-signature-chains.prod.autograph.services.mozaws.netprod.content-signature-chains.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:11.440140009 CEST1.1.1.1192.168.2.160xf4b4No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.668826103 CEST1.1.1.1192.168.2.160xfac3No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.758086920 CEST1.1.1.1192.168.2.160xda5dNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:13.690577984 CEST1.1.1.1192.168.2.160xa851No error (0)shavar.services.mozilla.comshavar.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.784279108 CEST1.1.1.1192.168.2.160xad0fNo error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.784279108 CEST1.1.1.1192.168.2.160xad0fNo error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:26.875618935 CEST1.1.1.1192.168.2.160x18b5No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.373063087 CEST1.1.1.1192.168.2.160x6848No error (0)push.services.mozilla.comautopush.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.088371038 CEST1.1.1.1192.168.2.160x1f25No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.088371038 CEST1.1.1.1192.168.2.160x1f25No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.129903078 CEST1.1.1.1192.168.2.160x143eNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.219285011 CEST1.1.1.1192.168.2.160x507fNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.670435905 CEST1.1.1.1192.168.2.160xed6No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.111161947 CEST1.1.1.1192.168.2.160xb5e4No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.111161947 CEST1.1.1.1192.168.2.160xb5e4No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:02.641062021 CEST1.1.1.1192.168.2.160x77eaNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:02.641062021 CEST1.1.1.1192.168.2.160x77eaNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                                          HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                                                                                          • freegeoip.app
                                                                                                                                                                                                                                                                                                                                                          • ipbase.com
                                                                                                                                                                                                                                                                                                                                                          • slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                                                                                          • fs.microsoft.com
                                                                                                                                                                                                                                                                                                                                                          • https:
                                                                                                                                                                                                                                                                                                                                                            • www.bing.com
                                                                                                                                                                                                                                                                                                                                                            • r.bing.com
                                                                                                                                                                                                                                                                                                                                                            • browser.pipe.aria.microsoft.com
                                                                                                                                                                                                                                                                                                                                                            • fp.msedge.net
                                                                                                                                                                                                                                                                                                                                                            • l-ring.msedge.net
                                                                                                                                                                                                                                                                                                                                                            • static-ecst.licdn.com
                                                                                                                                                                                                                                                                                                                                                          • login.live.com
                                                                                                                                                                                                                                                                                                                                                          • www.google.com
                                                                                                                                                                                                                                                                                                                                                          • detectportal.firefox.com

                                                                                                                                                                                                                                                                                                                                                          HTTP Packets

                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          0192.168.2.164975934.107.221.82803224C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.534687042 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:28:56.661092043 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 07:19:26 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 40170
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          1192.168.2.164976534.107.221.82803224C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.193145037 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:01.320645094 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Wed, 01 May 2024 23:10:31 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 69510
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: success


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          2192.168.2.164977034.107.221.82803224C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.581216097 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:12.707906008 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Wed, 01 May 2024 23:10:48 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 69504
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:17.374917030 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:17.501456976 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Wed, 01 May 2024 23:10:48 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 69509
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:27.507009029 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.059566975 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.187719107 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Wed, 01 May 2024 23:10:48 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 69521
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.047003031 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.173763037 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Wed, 01 May 2024 23:10:48 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 69522
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.581269979 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.708004951 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Wed, 01 May 2024 23:10:48 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 69522
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.834301949 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.963164091 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Wed, 01 May 2024 23:10:48 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 69524
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.107336044 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.234895945 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 90
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Wed, 01 May 2024 23:10:48 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 69525
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:43.245026112 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:53.373050928 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:03.501069069 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                          Data Ascii:


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          3192.168.2.164977534.107.221.82803224C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:17.158067942 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:17.285271883 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 14:12:08 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 15429
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:22.250518084 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:22.377537966 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 14:12:08 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 15434
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.202601910 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:29.329391956 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 14:12:08 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 15441
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.189337015 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:30.316803932 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 14:12:08 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 15442
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.019850016 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:32.149616003 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 14:12:08 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 15444
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.107012987 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:33.234112024 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                                                                                                                                          Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 14:12:08 GMT
                                                                                                                                                                                                                                                                                                                                                          Age: 15445
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                                          Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: success
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:43.249021053 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:29:53.388046026 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                                                                                                          May 2, 2024 20:30:03.533085108 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                                          Data Ascii:


                                                                                                                                                                                                                                                                                                                                                          HTTPS Proxied Packets

                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          0192.168.2.1649700104.21.73.974436220C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:31 UTC67OUTGET /xml/ HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: freegeoip.app
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:31 UTC633INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:27:31 GMT
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 167
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                                                                                                                                                                                                                                          Expires: Thu, 02 May 2024 19:27:31 GMT
                                                                                                                                                                                                                                                                                                                                                          Location: https://ipbase.com/xml/
                                                                                                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=htHR5iSA2VuB34KGHJ611IveP9Ao15UYhKf4mWgumGdtnmgvTAl1xUrAs4SBwLBXU3nCLXozNOpsHq7DCqgc3PMuysgYccpV8IDhIT5zgmAy4TOf0xxwK2AI7DngO6eP"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                          CF-RAY: 87da10dbeef741e7-EWR
                                                                                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:31 UTC167INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          1192.168.2.1649701104.21.85.1894436220C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:32 UTC64OUTGET /xml/ HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: ipbase.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:32 UTC742INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:27:32 GMT
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Age: 0
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,max-age=0,must-revalidate
                                                                                                                                                                                                                                                                                                                                                          Cache-Status: "Netlify Edge"; fwd=miss
                                                                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                          X-Nf-Request-Id: 01HWX8ZHWSAZ9HV9ARNS9XFDH8
                                                                                                                                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXmN5mUxHnZu7VugaGX8KOBM3FS7BhKQfvhlZFC0wDUfl%2FVl%2BW%2FF8X4vAsDe7%2B%2B522v6zJq1G%2F5yWFT2Z8JsSUKZpAY6U3em6HhM5RtMDfLt5CfzdN6ub4r2NAvH"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                          CF-RAY: 87da10df396c8c45-EWR
                                                                                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:32 UTC627INData Raw: 63 30 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: c09<!DOCTYPE html><html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Page Not Found</title> <link href='https://fonts.googleapis.com
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:32 UTC1369INData Raw: 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 68 31 20 7b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 32 70 78 3b 0a 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 34 70 78 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2e 6d 61 69 6e 20 7b 0a 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 68 65
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: padding: 0; } h1 { margin: 0; font-size: 22px; line-height: 24px; } .main { position: relative; display: flex; flex-direction: column; align-items: center; justify-content: center; he
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:32 UTC1092INData Raw: 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 30 30 37 30 36 37 22 20 64 3d 22 4d 31 31 2e 39 39 39 38 38 33 36 2c 34 2e 30 39 33 37 30 38 30 33 20 4c 38 2e 35 35 38 30 39 35 31 37 2c 37 2e 34 33 32 39 34 39 35 33 20 43 38 2e 32 33 35 33 31 34 35 39 2c 37 2e 37 34 36 31 31 32 39 38 20 38 2e 32 33 35 33 31 34 35 39 2c 38 2e 32 35 33 38 38 37 33 36 20 38 2e 35 35 38 30 39 35 31 37 2c 38 2e 35 36 36 39 33 37 36 39 20 4c 31 32 2c 31 31 2e 39 30 36 32 39 32 31 20 4c 39 2e 38 34 31 38 37 38 37 31 2c 31 34 20 4c 34 2e 32 34 32 30 38 35 34 34 2c 38 2e 35 36 36 39 33 37 35 31 20 43 33 2e 39 31 39 33 30 34 38 35 2c 38 2e 32 35 33 38 38 37 31 39 20 33 2e 39 31 39 33 30 34 38 35 2c 37 2e 37 34 36 31 31 32 38 31 20 34 2e 32 34 32 30 38 35 34 34 2c
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <path fill="#007067" d="M11.9998836,4.09370803 L8.55809517,7.43294953 C8.23531459,7.74611298 8.23531459,8.25388736 8.55809517,8.56693769 L12,11.9062921 L9.84187871,14 L4.24208544,8.56693751 C3.91930485,8.25388719 3.91930485,7.74611281 4.24208544,
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:32 UTC6INData Raw: 31 0d 0a 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 1
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:32 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          2192.168.2.164970413.85.23.86443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:41 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=XDHot1FpkRUMcRU&MD=43c1klFP HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                                                                                          Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:41 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                          Expires: -1
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                                                                                                                                                                                                                                                          MS-CorrelationId: 4bb67286-f9c1-41d8-bcc7-6cdbccc92348
                                                                                                                                                                                                                                                                                                                                                          MS-RequestId: 98220f5a-a49e-4524-a020-c86cc582c3b3
                                                                                                                                                                                                                                                                                                                                                          MS-CV: cuXoMRKQU0yPsvPl.0
                                                                                                                                                                                                                                                                                                                                                          X-Microsoft-SLSClientCache: 2880
                                                                                                                                                                                                                                                                                                                                                          Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:27:41 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 24490
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:41 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:41 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          3192.168.2.164970623.51.58.94443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:44 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                                                                                          Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:45 UTC466INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                                                                                          Server: ECAcc (chd/079C)
                                                                                                                                                                                                                                                                                                                                                          X-CID: 11
                                                                                                                                                                                                                                                                                                                                                          X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                                                                                                                                                                                                                                          X-Ms-Region: prod-eus-z1
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=45345
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:27:45 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          X-CID: 2


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          4192.168.2.164970723.51.58.94443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:45 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                                                          If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                                                                                          Range: bytes=0-2147483646
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                                                                                          Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:45 UTC455INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          ApiVersion: Distribute 1.1
                                                                                                                                                                                                                                                                                                                                                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                                                                                          Server: ECAcc (chd/0778)
                                                                                                                                                                                                                                                                                                                                                          X-CID: 11
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=45278
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:27:45 GMT
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 55
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          X-CID: 2
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:27:45 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          5192.168.2.164970813.85.23.86443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:18 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=XDHot1FpkRUMcRU&MD=43c1klFP HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                                                                                          Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:19 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                          Expires: -1
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: "Mx1RoJH/qEwpWfKllx7sbsl28AuERz5IYdcsvtTJcgM=_2160"
                                                                                                                                                                                                                                                                                                                                                          MS-CorrelationId: 11e750cc-93c4-4af0-bdf8-e63ca5a1ffe8
                                                                                                                                                                                                                                                                                                                                                          MS-RequestId: f791b6b9-e7ed-453c-b859-9f60943994da
                                                                                                                                                                                                                                                                                                                                                          MS-CV: zz1qtT/jNUaTFsLj.0
                                                                                                                                                                                                                                                                                                                                                          X-Microsoft-SLSClientCache: 2160
                                                                                                                                                                                                                                                                                                                                                          Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:18 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 25457
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:19 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 51 22 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 db 8e 00 00 14 00 00 00 00 00 10 00 51 22 00 00 20 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 f3 43 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 0d 92 6f db e5 21 f3 43 43 4b ed 5a 09 38 55 5b df 3f 93 99 90 29 99 e7 29 ec 73 cc 4a 66 32 cf 84 32 64 c8 31 c7 11 52 38 87 90 42 66 09 99 87 32 0f 19 0a 09 51 a6 a8 08 29 53 86 4a 52 84 50 df 46 83 ba dd 7b df fb 7e ef 7d ee 7d bf ef 9e e7 d9 67 ef 35 ee b5 fe eb 3f ff b6 96 81 a2 0a 04 fc 31 40 21 5b 3f a5 ed 1b 04 0e 85 42 a0 10 04 64 12 6c a5 de aa a1 d8 ea f3 58 01 f2 f5 67 0b 5e 9b bd e8 a0 90 1d bf 40 88 9d eb 49 b4 87 9b ab 8b 9d 2b 46 c8 c7 c5 19 92
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: MSCFQ"DQ" AdCenvironment.cabo!CCKZ8U[?))sJf22d1R8Bf2Q)SJRPF{~}}g5?1@![?BdlXg^@I+F
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:19 UTC9633INData Raw: 21 6f b3 eb a6 cc f5 31 be cf 05 e2 a9 fe fa 57 6d 19 30 b3 c2 c5 66 c9 6a df f5 e7 f0 78 bd c7 a8 9e 25 e3 f9 bc ed 6b 54 57 08 2b 51 82 44 12 fb b9 53 8c cc f4 60 12 8a 76 cc 40 40 41 9b dc 5c 17 ff 5c f9 5e 17 35 98 24 56 4b 74 ef 42 10 c8 af bf 7f c6 7f f2 37 7d 5a 3f 1c f2 99 79 4a 91 52 00 af 38 0f 17 f5 2f 79 81 65 d9 a9 b5 6b e4 c7 ce f6 ca 7a 00 6f 4b 30 44 24 22 3c cf ed 03 a5 96 8f 59 29 bc b6 fd 04 e1 70 9f 32 4a 27 fd 55 af 2f fe b6 e5 8e 33 bb 62 5f 9a db 57 40 e9 f1 ce 99 66 90 8c ff 6a 62 7f dd c5 4a 0b 91 26 e2 39 ec 19 4a 71 63 9d 7b 21 6d c3 9c a3 a2 3c fa 7f 7d 96 6a 90 78 a6 6d d2 e1 9c f9 1d fc 38 d8 94 f4 c6 a5 0a 96 86 a4 bd 9e 1a ae 04 42 83 b8 b5 80 9b 22 38 20 b5 25 e5 64 ec f7 f4 bf 7e 63 59 25 0f 7a 2e 39 57 76 a2 71 aa 06 8a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: !o1Wm0fjx%kTW+QDS`v@@A\\^5$VKtB7}Z?yJR8/yekzoK0D$"<Y)p2J'U/3b_W@fjbJ&9Jqc{!m<}jxm8B"8 %d~cY%z.9Wvq


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          6192.168.2.1649709204.79.197.200443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:31 UTC812OUTGET /manifest/threshold.appcache HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Origin: https://www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=en&HV=1707317784&IPMH=3a628620&IPMID=1707317755885; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:31 UTC1372INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: private
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 3262
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/cache-manifest; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: MUIDB=5047E5942BB2460EA35B53CCF78DDB3D; expires=Tue, 27-May-2025 18:28:31 GMT; path=/; HttpOnly
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133; domain=.bing.com; expires=Tue, 27-May-2025 18:28:31 GMT; path=/; secure; SameSite=None
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133; domain=.bing.com; expires=Tue, 27-May-2025 18:28:31 GMT; path=/; secure; SameSite=None
                                                                                                                                                                                                                                                                                                                                                          X-EventID: 6633db4fde64461699a0c7a868283a81
                                                                                                                                                                                                                                                                                                                                                          UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-Ref: Ref A: E72F17594BF64F6288DFF22C8387B125 Ref B: TEB31EDGE0211 Ref C: 2024-05-02T18:28:31Z
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:30 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:31 UTC1805INData Raw: 43 41 43 48 45 20 4d 41 4e 49 46 45 53 54 0d 0a 23 20 56 65 72 73 69 6f 6e 3a 64 61 62 39 61 38 62 39 0d 0a 43 41 43 48 45 3a 0d 0a 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 0d 0a 2f 72 70 2f 5a 38 4d 42 51 4a 35 56 64 61 4c 41 45 39 2d 6c 73 4a 78 69 51 42 71 72 72 69 63 2e 6a 73 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 62 2f 31 38 2f 6a 6e 63 2c 6e 6a 2f 36 68 55 5f 4c 6e 65 61 66 49 5f 4e 46 4c 65 44 76 4d 33 36 37 65 62 46 61 4b 51 2e 6a 73 3f 62 75 3d 44 79 67 78 64 6f 49 42 68 51 47 49 41 58 39 35 66 4c 73 42 76 67 45 78 72 67 45 78 77 51 45 26 6f 72 3d 77 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 62 2f 31 62 2f 63 69 72 33 2c 6f 72 74 6c 2c
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: CACHE MANIFEST# Version:dab9a8b9CACHE:/AS/API/WindowsCortanaPane/V2/Init/rp/Z8MBQJ5VdaLAE9-lsJxiQBqrric.jshttps://r.bing.com/rb/18/jnc,nj/6hU_LneafI_NFLeDvM367ebFaKQ.js?bu=DygxdoIBhQGIAX95fLsBvgExrgExwQE&or=whttps://r.bing.com/rb/1b/cir3,ortl,
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:31 UTC1115INData Raw: 50 5a 65 61 59 55 4b 72 75 6d 59 5a 55 41 51 72 34 33 39 55 32 5a 7a 69 34 2e 6a 73 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 70 2f 6a 44 31 6f 4a 4e 4e 73 44 47 53 73 50 35 4b 36 34 55 6b 66 38 36 69 6b 2d 53 67 2e 6a 73 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 70 2f 6a 67 76 38 7a 31 6e 52 43 54 76 76 48 4c 45 41 47 7a 42 71 5a 52 74 6a 77 2d 45 2e 6a 73 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 70 2f 4a 53 42 68 6d 36 41 5a 78 31 32 51 47 71 37 69 59 63 6b 35 31 68 39 6d 67 6c 41 2e 6a 73 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 70 2f 4b 68 30 4c 58 33 51 34 62 71 6f 43 32 32 4b 70 54 5a 66 30 50 39 5a 74 4f 54 67 2e 6a 73 0d 0a 68 74 74 70 73 3a 2f 2f 72
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: PZeaYUKrumYZUAQr439U2Zzi4.jshttps://r.bing.com/rp/jD1oJNNsDGSsP5K64Ukf86ik-Sg.jshttps://r.bing.com/rp/jgv8z1nRCTvvHLEAGzBqZRtjw-E.jshttps://r.bing.com/rp/JSBhm6AZx12QGq7iYck51h9mglA.jshttps://r.bing.com/rp/Kh0LX3Q4bqoC22KpTZf0P9ZtOTg.jshttps://r
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:31 UTC342INData Raw: 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 70 2f 7a 6e 64 50 42 56 79 64 79 51 36 65 52 4b 61 69 43 5f 42 56 5a 4c 58 6e 41 49 55 2e 6a 73 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 70 2f 7a 76 49 6c 4b 77 77 6d 48 6c 56 32 50 50 33 50 65 4a 51 54 39 67 67 32 31 6f 55 2e 6a 73 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 73 2f 32 42 2f 33 6b 2f 63 69 72 33 2c 6f 72 74 6c 2c 63 63 2c 6e 63 2f 39 65 4e 49 33 79 6b 6f 78 55 42 63 66 4e 52 67 44 4a 61 46 2d 67 30 61 5f 30 63 2e 63 73 73 3f 6f 72 3d 77 0d 0a 68 74 74 70 73 3a 2f 2f 72 2e 62 69 6e 67 2e 63 6f 6d 2f 72 73 2f 36 42 2f 31 4c 42 2f 6f 72 74 6c 2c 63 63 2c 6e 63 2f 6f 6e 72 61 37 50 51 6c 39 6f 35 62 59 54 32 6c 41 53 49 31 42 45 34 44 44 45 73 2e 63 73
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ://r.bing.com/rp/zndPBVydyQ6eRKaiC_BVZLXnAIU.jshttps://r.bing.com/rp/zvIlKwwmHlV2PP3PeJQT9gg21oU.jshttps://r.bing.com/rs/2B/3k/cir3,ortl,cc,nc/9eNI3ykoxUBcfNRgDJaF-g0a_0c.css?or=whttps://r.bing.com/rs/6B/1LB/ortl,cc,nc/onra7PQl9o5bYT2lASI1BE4DDEs.cs


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          7192.168.2.164971040.126.24.84443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:31 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 4788
                                                                                                                                                                                                                                                                                                                                                          Host: login.live.com
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:31 UTC4788OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:31 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Expires: Thu, 02 May 2024 18:27:31 GMT
                                                                                                                                                                                                                                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                                                          x-ms-route-info: C538_BL2
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: 5a959124-5dea-42d6-ac60-ff31088ab04d
                                                                                                                                                                                                                                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001D8FF V: 0
                                                                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:31 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 11177
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:31 UTC11177INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          8192.168.2.164971123.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:31 UTC796OUTGET /rb/18/jnc,nj/6hU_LneafI_NFLeDvM367ebFaKQ.js?bu=DygxdoIBhQGIAX95fLsBvgExrgExwQE&or=w HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:31 UTC1226INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/x-javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Server: Kestrel
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: *
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 30 Apr 2024 05:31:42 GMT
                                                                                                                                                                                                                                                                                                                                                          X-EventID: 663219cefcda45298ea106a5299c2c39
                                                                                                                                                                                                                                                                                                                                                          UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                                                                                                                                                                                                                                                                          X-AS-InstrumentationOptions: AppServerLoggingMaster=1
                                                                                                                                                                                                                                                                                                                                                          X-AS-MACHINENAME: BNZEEAP00016A41
                                                                                                                                                                                                                                                                                                                                                          X-AS-SuppressSetCookie: 1
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          cross-origin-resource-policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=316898
                                                                                                                                                                                                                                                                                                                                                          Expires: Mon, 06 May 2024 10:30:09 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:31 GMT
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 21849
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674511.d301c45
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:31 UTC15158INData Raw: 2f 2a 21 44 69 73 61 62 6c 65 4a 61 76 61 73 63 72 69 70 74 50 72 6f 66 69 6c 65 72 2a 2f 0a 76 61 72 20 42 4d 3d 42 4d 7c 7c 7b 7d 3b 42 4d 2e 63 6f 6e 66 69 67 3d 7b 42 3a 7b 74 69 6d 65 6f 75 74 3a 31 65 33 2c 64 65 6c 61 79 3a 37 35 30 2c 6d 61 78 55 72 6c 4c 65 6e 67 74 68 3a 33 30 30 2c 73 65 6e 64 6c 69 6d 69 74 3a 32 30 2c 6d 61 78 50 61 79 6c 6f 61 64 53 69 7a 65 3a 37 65 33 7d 2c 56 3a 7b 64 69 73 74 61 6e 63 65 3a 32 30 7d 2c 4e 3a 7b 6d 61 78 55 72 6c 4c 65 6e 67 74 68 3a 33 30 30 7d 2c 45 3a 7b 62 75 66 66 65 72 3a 33 30 2c 74 69 6d 65 6f 75 74 3a 35 65 33 2c 6d 61 78 55 72 6c 4c 65 6e 67 74 68 3a 33 30 30 7d 2c 43 3a 7b 64 69 73 74 61 6e 63 65 3a 35 30 7d 7d 2c 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 66 75 6e 63 74 69 6f 6e 20 76 74 28 29 7b 69
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: /*!DisableJavascriptProfiler*/var BM=BM||{};BM.config={B:{timeout:1e3,delay:750,maxUrlLength:300,sendlimit:20,maxPayloadSize:7e3},V:{distance:20},N:{maxUrlLength:300},E:{buffer:30,timeout:5e3,maxUrlLength:300},C:{distance:50}},function(n){function vt(){i
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:31 UTC6691INData Raw: 6e 64 2c 69 29 2c 70 74 3d 74 28 6f 2e 72 65 71 75 65 73 74 53 74 61 72 74 2c 69 29 2c 77 74 3d 74 28 6f 2e 72 65 73 70 6f 6e 73 65 53 74 61 72 74 2c 69 29 2c 62 74 3d 74 28 6f 2e 72 65 73 70 6f 6e 73 65 45 6e 64 2c 69 29 2c 6f 74 3d 6e 75 6c 6c 2c 73 74 3d 6e 2e 6c 61 79 6f 75 74 28 29 3b 66 6f 72 28 74 74 3d 30 3b 74 74 3c 73 74 2e 6c 65 6e 67 74 68 3b 74 74 2b 2b 29 7b 76 61 72 20 62 3d 73 74 5b 74 74 5d 2c 64 74 3d 62 2e 5f 65 2c 68 74 3d 62 2e 5f 73 3b 69 66 28 68 74 26 26 67 3d 3d 3d 68 74 29 7b 6f 74 3d 62 2e 69 3b 62 2e 78 3c 68 2e 77 26 26 62 2e 79 3c 68 2e 68 26 26 28 66 3d 65 74 29 3b 62 72 65 61 6b 7d 7d 72 74 3d 7b 5f 72 3a 6f 2c 74 3a 65 74 2c 69 3a 70 2e 6c 65 6e 67 74 68 2c 6c 3a 6f 74 2c 68 3a 77 5b 31 5d 2c 70 3a 77 5b 32 5d 2e 6c 65 6e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: nd,i),pt=t(o.requestStart,i),wt=t(o.responseStart,i),bt=t(o.responseEnd,i),ot=null,st=n.layout();for(tt=0;tt<st.length;tt++){var b=st[tt],dt=b._e,ht=b._s;if(ht&&g===ht){ot=b.i;b.x<h.w&&b.y<h.h&&(f=et);break}}rt={_r:o,t:et,i:p.length,l:ot,h:w[1],p:w[2].len


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          9192.168.2.164971223.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC791OUTGET /rb/1b/cir3,ortl,cc,nc/oT6Um3bDKq3bSDJ4e0e-YJ5MXCI.css?bu=B8ACRa4CiwFdXckC&or=w HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC1209INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/css; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Server: Kestrel
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: *
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Wed, 21 Feb 2024 02:23:59 GMT
                                                                                                                                                                                                                                                                                                                                                          X-EventID: 6631d9528ae24d3e946829f0980bc06c
                                                                                                                                                                                                                                                                                                                                                          UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                                                                                                                                                                                                                                                                          X-AS-InstrumentationOptions: AppServerLoggingMaster=1
                                                                                                                                                                                                                                                                                                                                                          X-AS-MACHINENAME: BNZEEAP00016B24
                                                                                                                                                                                                                                                                                                                                                          X-AS-SuppressSetCookie: 1
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          cross-origin-resource-policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=300456
                                                                                                                                                                                                                                                                                                                                                          Expires: Mon, 06 May 2024 05:56:08 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:32 GMT
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 6022
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674512.d30234b
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC6022INData Raw: 2e 62 5f 73 65 61 72 63 68 62 6f 78 53 75 62 6d 69 74 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 72 70 2f 34 69 5a 49 7a 5f 6f 41 4c 31 79 70 37 64 69 5f 36 44 39 65 32 65 6e 58 69 4d 4d 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 20 2d 34 32 70 78 20 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 33 32 30 70 78 20 33 38 70 78 7d 2e 62 5f 6c 6f 67 6f 7b 77 69 64 74 68 3a 32 32 70 78 3b 68 65 69 67 68 74 3a 33 37 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 64 69 72 65 63 74 69 6f 6e 3a 6c 74 72 7d 2e 62 5f 6c 6f 67 6f 3a 61 66 74 65 72 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 64
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: .b_searchboxSubmit{background:url(/rp/4iZIz_oAL1yp7di_6D9e2enXiMM.png) no-repeat -42px 0;background-size:320px 38px}.b_logo{width:22px;height:37px;position:relative;display:inline-block;overflow:hidden;direction:ltr}.b_logo:after{position:absolute;top:0;d


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          10192.168.2.164971351.104.15.253443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC684OUTPOST /Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.0&x-apikey=33d70a864599496b982a39f036f71122-2064703e-3a9d-4d90-8362-eec08dffe8e8-7176 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Origin: https://www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-CH
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: browser.pipe.aria.microsoft.com
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 987
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC987OUTData Raw: 6d 09 0b 01 4a 33 33 64 37 30 61 38 36 34 35 39 39 34 39 36 62 39 38 32 61 33 39 66 30 33 36 66 37 31 31 32 32 2d 32 30 36 34 37 30 33 65 2d 33 61 39 64 2d 34 64 39 30 2d 38 33 36 32 2d 65 65 63 30 38 64 66 66 65 38 65 38 2d 37 31 37 36 0a 01 49 12 61 63 74 5f 64 65 66 61 75 6c 74 5f 73 6f 75 72 63 65 a9 24 38 38 63 34 32 33 65 63 2d 66 31 35 33 2d 34 34 34 35 2d 61 36 63 34 2d 62 35 65 62 32 39 63 61 62 36 31 33 d1 06 d2 ac 85 a9 e7 63 cb 08 0a 01 29 24 32 36 35 37 36 30 34 38 2d 61 30 61 34 2d 34 35 33 34 2d 39 61 36 34 2d 35 31 65 37 61 33 31 39 30 34 39 63 71 e4 9c 85 a9 e7 63 a9 14 63 75 73 74 6f 6d 2e 43 6c 69 65 6e 74 5f 45 76 65 6e 74 73 c9 06 0e 76 61 72 69 61 6e 74 5f 65 76 65 6e 74 73 cd 0d 09 09 19 0a 64 65 76 69 63 65 54 79 70 65 07 44 45 53
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: mJ33d70a864599496b982a39f036f71122-2064703e-3a9d-4d90-8362-eec08dffe8e8-7176Iact_default_source$88c423ec-f153-4445-a6c4-b5eb29cab613c)$26576048-a0a4-4534-9a64-51e7a319049cqccustom.Client_Eventsvariant_eventsdeviceTypeDES
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC462INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                                          time-delta-millis: 1933
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Methods: POST
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:32 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          11192.168.2.1649714204.79.197.200443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC2344OUTGET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=c&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=1&cvid=bcf07b8592a545e9b0029ba82eb71240&ig=366606ac77724f63880f4212b4044907 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-CH
                                                                                                                                                                                                                                                                                                                                                          X-Agent-DeviceId: 01000A4109009A83
                                                                                                                                                                                                                                                                                                                                                          X-BM-CBT: 1714674509
                                                                                                                                                                                                                                                                                                                                                          X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStore
                                                                                                                                                                                                                                                                                                                                                          X-BM-DateFormat: dd/MM/yyyy
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceDimensions: 784x640
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceDimensionsLogical: 784x640
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceScale: 100
                                                                                                                                                                                                                                                                                                                                                          X-BM-DTZ: 120
                                                                                                                                                                                                                                                                                                                                                          X-BM-Market: CH
                                                                                                                                                                                                                                                                                                                                                          X-BM-Theme: 000000;0078d7
                                                                                                                                                                                                                                                                                                                                                          X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                                                                                                                                                                                                                                                                                                                          X-Device-ClientSession: 6EBE75B5BB8C4D8DB7946C9919CFF732
                                                                                                                                                                                                                                                                                                                                                          X-Device-isOptin: false
                                                                                                                                                                                                                                                                                                                                                          X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                                                                                                                                                                                                                                                                          X-Device-OSSKU: 48
                                                                                                                                                                                                                                                                                                                                                          X-Device-Touch: false
                                                                                                                                                                                                                                                                                                                                                          X-DeviceID: 01000A4109009A83
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-ExternalExpType: JointCoord
                                                                                                                                                                                                                                                                                                                                                          X-PositionerType: Desktop
                                                                                                                                                                                                                                                                                                                                                          X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                                                                                                                                                                                                                                                                          X-Search-CortanaAvailableCapabilities: None
                                                                                                                                                                                                                                                                                                                                                          X-Search-SafeSearch: Moderate
                                                                                                                                                                                                                                                                                                                                                          X-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard Time
                                                                                                                                                                                                                                                                                                                                                          X-UserAgeClass: Unknown
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC1188INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 5402
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Expires: -1
                                                                                                                                                                                                                                                                                                                                                          P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; domain=.bing.com; path=/; HttpOnly
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: MUIDB=5047E5942BB2460EA35B53CCF78DDB3D; expires=Tue, 27-May-2025 18:28:32 GMT; path=/; HttpOnly
                                                                                                                                                                                                                                                                                                                                                          X-EventID: 6633db50a46243658afa7486a6d34949
                                                                                                                                                                                                                                                                                                                                                          UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-Ref: Ref A: E7EC61F521E94C10BDC4EAD4AFB6561F Ref B: TEB31EDGE0118 Ref C: 2024-05-02T18:28:32Z
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:32 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC3129INData Raw: 7b 22 52 65 73 6f 75 72 63 65 73 22 3a 7b 22 53 74 79 6c 65 73 22 3a 7b 22 43 73 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 43 73 73 48 65 61 64 4f 76 65 72 72 69 64 65 22 3a 7b 7d 7d 2c 22 53 63 72 69 70 74 73 22 3a 7b 22 4a 73 48 65 61 64 54 6f 70 6d 6f 73 74 22 3a 7b 7d 2c 22 4a 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 4a 73 45 6e 64 4f 66 43 68 75 6e 6b 22 3a 7b 7d 2c 22 4a 73 42 65 66 6f 72 65 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 4f 6e 4c 6f 61 64 22 3a 7b 7d 7d 7d 2c 22 53 75 67 67 65 73 74 69 6f 6e 73 22 3a 5b 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 63 68 61 74 2b 67 70 74 5c 75 30 30 32 36 66
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: {"Resources":{"Styles":{"CssHeadNormal":{},"CssHeadOverride":{}},"Scripts":{"JsHeadTopmost":{},"JsHeadNormal":{},"JsEndOfChunk":{},"JsBeforeContent":{},"JsAfterContent":{},"JsAfterOnLoad":{}}},"Suggestions":[{"Attributes":{"url":"/search?q=chat+gpt\u0026f
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC1INData Raw: 5c
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: \
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC2272INData Raw: 22 30 5c 22 3b 32 32 30 30 3a 5c 22 31 33 5c 22 3b 33 30 30 30 31 3a 5c 22 31 30 34 38 36 5c 22 3b 32 31 35 32 3a 5c 22 31 31 30 33 36 5c 22 3b 32 30 30 30 3a 5c 22 31 31 31 36 39 38 36 38 5c 22 3b 32 30 31 31 3a 5c 22 31 30 5c 22 3b 31 31 30 33 34 3a 5c 22 36 39 35 39 34 37 36 30 36 5c 22 3b 22 2c 22 68 63 73 22 3a 22 30 22 7d 2c 22 54 65 78 74 22 3a 22 ee 80 80 63 ee 80 81 72 61 7a 79 20 67 61 6d 65 73 22 2c 22 48 69 67 68 43 6f 6e 66 69 64 65 6e 63 65 4d 65 74 61 53 75 67 67 65 73 74 69 6f 6e 53 63 6f 72 65 22 3a 30 2c 22 50 72 65 66 65 74 63 68 43 6f 6e 66 69 64 65 6e 63 65 53 63 6f 72 65 22 3a 30 7d 2c 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 73 74 79 70 65 22 3a 22 51 50 22 2c 22 68 63 22 3a 22 31 22 2c 22 68 63 73 22 3a 22 31 22 2c 22 61 70
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: "0\";2200:\"13\";30001:\"10486\";2152:\"11036\";2000:\"11169868\";2011:\"10\";11034:\"695947606\";","hcs":"0"},"Text":"crazy games","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0},{"Attributes":{"stype":"QP","hc":"1","hcs":"1","ap


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          12192.168.2.164971623.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC801OUTGET /rb/1b/cir3,ortl,cc,nc/uANxnX_BheDjd2-cdR8N9DEWlds.css?bu=C9IIlQOLBKgJkwj9B7IGXV1dXQ&or=w HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC1210INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/css; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Server: Kestrel
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: *
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Fri, 18 Nov 2022 01:56:15 GMT
                                                                                                                                                                                                                                                                                                                                                          X-EventID: 6631e1cca90d4436af2da7027f335825
                                                                                                                                                                                                                                                                                                                                                          UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                                                                                                                                                                                                                                                                          X-AS-InstrumentationOptions: AppServerLoggingMaster=1
                                                                                                                                                                                                                                                                                                                                                          X-AS-MACHINENAME: BNZEEAP00016AB4
                                                                                                                                                                                                                                                                                                                                                          X-AS-SuppressSetCookie: 1
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          cross-origin-resource-policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=302559
                                                                                                                                                                                                                                                                                                                                                          Expires: Mon, 06 May 2024 06:31:11 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:32 GMT
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 20421
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674512.d30281c
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC15174INData Raw: 2e 73 77 5f 70 6c 75 73 2c 2e 73 77 5f 75 70 2c 2e 73 77 5f 64 6f 77 6e 2c 2e 73 77 5f 73 74 2c 2e 73 77 5f 73 74 68 2c 2e 73 77 5f 73 74 65 2c 2e 73 77 5f 74 70 63 62 6b 2c 2e 73 77 5f 70 6c 61 79 2c 2e 73 77 5f 70 6c 61 79 64 2c 2e 73 77 5f 70 6c 61 79 61 2c 2e 73 77 5f 70 6c 61 79 70 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 53 65 67 6f 65 20 4d 44 4c 32 20 41 73 73 65 74 73 22 7d 2e 73 77 5f 70 6c 75 73 3a 61 66 74 65 72 7b 63 6f 6e 74 65 6e 74 3a 22 ee 9c 90 22 7d 2e 73 77 5f 70 6c 61 79 3a 61 66 74 65 72 2c 2e 73 77 5f 70 6c 61 79 61 3a 61 66 74 65 72 2c 2e 73 77 5f 70 6c 61 79 64 3a 61 66 74 65 72 2c 2e 73 77 5f 70 6c 61 79 70 3a 61 66 74 65 72 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 36 70 78 3b 63 6f
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: .sw_plus,.sw_up,.sw_down,.sw_st,.sw_sth,.sw_ste,.sw_tpcbk,.sw_play,.sw_playd,.sw_playa,.sw_playp{font-family:"Segoe MDL2 Assets"}.sw_plus:after{content:""}.sw_play:after,.sw_playa:after,.sw_playd:after,.sw_playp:after{font-size:16px;line-height:16px;co
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC5247INData Raw: 70 74 2b 73 63 72 69 70 74 2b 2e 62 5f 61 6c 67 6f 2c 62 6f 64 79 5b 64 69 72 5d 20 23 62 5f 72 65 73 75 6c 74 73 3e 2e 62 5f 61 6e 73 2b 73 63 72 69 70 74 2b 73 63 72 69 70 74 2b 2e 62 5f 61 6e 73 2c 62 6f 64 79 5b 64 69 72 5d 20 23 62 5f 72 65 73 75 6c 74 73 3e 2e 62 5f 61 6c 67 6f 2b 73 63 72 69 70 74 2b 73 63 72 69 70 74 2b 2e 62 5f 61 6e 73 2c 62 6f 64 79 5b 64 69 72 5d 20 23 62 5f 72 65 73 75 6c 74 73 3e 2e 62 5f 6e 61 76 2b 73 63 72 69 70 74 2b 73 63 72 69 70 74 2b 2e 62 5f 61 6c 67 6f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 7d 62 6f 64 79 5b 64 69 72 5d 20 23 62 5f 72 65 73 75 6c 74 73 3e 6c 69 3e 2a 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 62 6f 64 79 5b 64 69 72 5d 20 2e 62 5f 63 61 70 74 69 6f 6e 3e 2a 3a 6c 61 73 74 2d 63 68 69 6c 64 2c 62 6f
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: pt+script+.b_algo,body[dir] #b_results>.b_ans+script+script+.b_ans,body[dir] #b_results>.b_algo+script+script+.b_ans,body[dir] #b_results>.b_nav+script+script+.b_algo{margin-top:4px}body[dir] #b_results>li>*:last-child,body[dir] .b_caption>*:last-child,bo


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          13192.168.2.1649715204.79.197.200443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC2345OUTGET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=cm&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=2&cvid=bcf07b8592a545e9b0029ba82eb71240&ig=482398ece9ed486e969bdd157a5c4cbc HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-CH
                                                                                                                                                                                                                                                                                                                                                          X-Agent-DeviceId: 01000A4109009A83
                                                                                                                                                                                                                                                                                                                                                          X-BM-CBT: 1714674509
                                                                                                                                                                                                                                                                                                                                                          X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStore
                                                                                                                                                                                                                                                                                                                                                          X-BM-DateFormat: dd/MM/yyyy
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceDimensions: 784x640
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceDimensionsLogical: 784x640
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceScale: 100
                                                                                                                                                                                                                                                                                                                                                          X-BM-DTZ: 120
                                                                                                                                                                                                                                                                                                                                                          X-BM-Market: CH
                                                                                                                                                                                                                                                                                                                                                          X-BM-Theme: 000000;0078d7
                                                                                                                                                                                                                                                                                                                                                          X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                                                                                                                                                                                                                                                                                                                          X-Device-ClientSession: 6EBE75B5BB8C4D8DB7946C9919CFF732
                                                                                                                                                                                                                                                                                                                                                          X-Device-isOptin: false
                                                                                                                                                                                                                                                                                                                                                          X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                                                                                                                                                                                                                                                                          X-Device-OSSKU: 48
                                                                                                                                                                                                                                                                                                                                                          X-Device-Touch: false
                                                                                                                                                                                                                                                                                                                                                          X-DeviceID: 01000A4109009A83
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-ExternalExpType: JointCoord
                                                                                                                                                                                                                                                                                                                                                          X-PositionerType: Desktop
                                                                                                                                                                                                                                                                                                                                                          X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                                                                                                                                                                                                                                                                          X-Search-CortanaAvailableCapabilities: None
                                                                                                                                                                                                                                                                                                                                                          X-Search-SafeSearch: Moderate
                                                                                                                                                                                                                                                                                                                                                          X-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard Time
                                                                                                                                                                                                                                                                                                                                                          X-UserAgeClass: Unknown
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC1188INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 5047
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Expires: -1
                                                                                                                                                                                                                                                                                                                                                          P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; domain=.bing.com; path=/; HttpOnly
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: MUIDB=5047E5942BB2460EA35B53CCF78DDB3D; expires=Tue, 27-May-2025 18:28:32 GMT; path=/; HttpOnly
                                                                                                                                                                                                                                                                                                                                                          X-EventID: 6633db5088774af89c6f4b814827f34f
                                                                                                                                                                                                                                                                                                                                                          UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-Ref: Ref A: AB06E81DFDEA4C01BB18E233F10F9D0A Ref B: TEB31EDGE0206 Ref C: 2024-05-02T18:28:32Z
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:32 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC3129INData Raw: 7b 22 52 65 73 6f 75 72 63 65 73 22 3a 7b 22 53 74 79 6c 65 73 22 3a 7b 22 43 73 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 43 73 73 48 65 61 64 4f 76 65 72 72 69 64 65 22 3a 7b 7d 7d 2c 22 53 63 72 69 70 74 73 22 3a 7b 22 4a 73 48 65 61 64 54 6f 70 6d 6f 73 74 22 3a 7b 7d 2c 22 4a 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 4a 73 45 6e 64 4f 66 43 68 75 6e 6b 22 3a 7b 7d 2c 22 4a 73 42 65 66 6f 72 65 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 4f 6e 4c 6f 61 64 22 3a 7b 7d 7d 7d 2c 22 53 75 67 67 65 73 74 69 6f 6e 73 22 3a 5b 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 63 6d 64 5c 75 30 30 32 36 66 69 6c 74 65 72
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: {"Resources":{"Styles":{"CssHeadNormal":{},"CssHeadOverride":{}},"Scripts":{"JsHeadTopmost":{},"JsHeadNormal":{},"JsEndOfChunk":{},"JsBeforeContent":{},"JsAfterContent":{},"JsAfterOnLoad":{}}},"Suggestions":[{"Attributes":{"url":"/search?q=cmd\u0026filter
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC1INData Raw: 5c
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: \
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC1917INData Raw: 22 31 33 5c 22 3b 33 30 30 30 31 3a 5c 22 31 35 31 38 35 5c 22 3b 32 31 35 32 3a 5c 22 31 36 35 30 33 5c 22 3b 32 30 30 30 3a 5c 22 36 30 35 38 30 5c 22 3b 32 30 31 31 3a 5c 22 31 30 5c 22 3b 31 31 30 33 34 3a 5c 22 36 39 35 39 34 37 36 30 36 5c 22 3b 22 2c 22 68 63 73 22 3a 22 30 22 7d 2c 22 54 65 78 74 22 3a 22 ee 80 80 63 6d ee 80 81 61 20 63 67 6d 20 74 72 61 63 6b 69 6e 67 22 2c 22 48 69 67 68 43 6f 6e 66 69 64 65 6e 63 65 4d 65 74 61 53 75 67 67 65 73 74 69 6f 6e 53 63 6f 72 65 22 3a 30 2c 22 50 72 65 66 65 74 63 68 43 6f 6e 66 69 64 65 6e 63 65 53 63 6f 72 65 22 3a 30 7d 2c 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 73 74 79 70 65 22 3a 22 51 50 22 2c 22 68 63 22 3a 22 31 22 2c 22 68 63 73 22 3a 22 31 22 2c 22 61 70 70 49 64 22 3a 22 7b 31 41
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: "13\";30001:\"15185\";2152:\"16503\";2000:\"60580\";2011:\"10\";11034:\"695947606\";","hcs":"0"},"Text":"cma cgm tracking","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0},{"Attributes":{"stype":"QP","hc":"1","hcs":"1","appId":"{1A


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          14192.168.2.1649717204.79.197.200443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC2346OUTGET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=cmd&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=3&cvid=bcf07b8592a545e9b0029ba82eb71240&ig=0f8e1babb3784fe687a278180813cb1e HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-CH
                                                                                                                                                                                                                                                                                                                                                          X-Agent-DeviceId: 01000A4109009A83
                                                                                                                                                                                                                                                                                                                                                          X-BM-CBT: 1714674509
                                                                                                                                                                                                                                                                                                                                                          X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStore
                                                                                                                                                                                                                                                                                                                                                          X-BM-DateFormat: dd/MM/yyyy
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceDimensions: 784x640
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceDimensionsLogical: 784x640
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceScale: 100
                                                                                                                                                                                                                                                                                                                                                          X-BM-DTZ: 120
                                                                                                                                                                                                                                                                                                                                                          X-BM-Market: CH
                                                                                                                                                                                                                                                                                                                                                          X-BM-Theme: 000000;0078d7
                                                                                                                                                                                                                                                                                                                                                          X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                                                                                                                                                                                                                                                                                                                          X-Device-ClientSession: 6EBE75B5BB8C4D8DB7946C9919CFF732
                                                                                                                                                                                                                                                                                                                                                          X-Device-isOptin: false
                                                                                                                                                                                                                                                                                                                                                          X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                                                                                                                                                                                                                                                                          X-Device-OSSKU: 48
                                                                                                                                                                                                                                                                                                                                                          X-Device-Touch: false
                                                                                                                                                                                                                                                                                                                                                          X-DeviceID: 01000A4109009A83
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-ExternalExpType: JointCoord
                                                                                                                                                                                                                                                                                                                                                          X-PositionerType: Desktop
                                                                                                                                                                                                                                                                                                                                                          X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                                                                                                                                                                                                                                                                          X-Search-CortanaAvailableCapabilities: None
                                                                                                                                                                                                                                                                                                                                                          X-Search-SafeSearch: Moderate
                                                                                                                                                                                                                                                                                                                                                          X-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard Time
                                                                                                                                                                                                                                                                                                                                                          X-UserAgeClass: Unknown
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC1188INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 5435
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Expires: -1
                                                                                                                                                                                                                                                                                                                                                          P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; domain=.bing.com; path=/; HttpOnly
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: MUIDB=5047E5942BB2460EA35B53CCF78DDB3D; expires=Tue, 27-May-2025 18:28:32 GMT; path=/; HttpOnly
                                                                                                                                                                                                                                                                                                                                                          X-EventID: 6633db50bf0d47b794b704616a77f150
                                                                                                                                                                                                                                                                                                                                                          UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-Ref: Ref A: 2606ACA9C12146D6A75AC265400AE809 Ref B: TEB31EDGE0116 Ref C: 2024-05-02T18:28:32Z
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:32 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC2526INData Raw: 7b 22 52 65 73 6f 75 72 63 65 73 22 3a 7b 22 53 74 79 6c 65 73 22 3a 7b 22 43 73 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 43 73 73 48 65 61 64 4f 76 65 72 72 69 64 65 22 3a 7b 7d 7d 2c 22 53 63 72 69 70 74 73 22 3a 7b 22 4a 73 48 65 61 64 54 6f 70 6d 6f 73 74 22 3a 7b 7d 2c 22 4a 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 4a 73 45 6e 64 4f 66 43 68 75 6e 6b 22 3a 7b 7d 2c 22 4a 73 42 65 66 6f 72 65 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 4f 6e 4c 6f 61 64 22 3a 7b 7d 7d 7d 2c 22 53 75 67 67 65 73 74 69 6f 6e 73 22 3a 5b 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 63 6d 64 5c 75 30 30 32 36 66 69 6c 74 65 72
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: {"Resources":{"Styles":{"CssHeadNormal":{},"CssHeadOverride":{}},"Scripts":{"JsHeadTopmost":{},"JsHeadNormal":{},"JsEndOfChunk":{},"JsBeforeContent":{},"JsAfterContent":{},"JsAfterOnLoad":{}}},"Suggestions":[{"Attributes":{"url":"/search?q=cmd\u0026filter
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC603INData Raw: 69 64 65 6e 63 65 53 63 6f 72 65 22 3a 30 7d 2c 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 63 6d 64 66 22 2c 22 71 75 65 72 79 22 3a 22 63 6d 64 66 22 2c 22 73 74 79 70 65 22 3a 22 41 53 22 2c 22 6c 6d 22 3a 22 31 30 30 30 3a 5c 22 30 5c 22 3b 32 32 30 30 3a 5c 22 31 33 5c 22 3b 33 30 30 30 31 3a 5c 22 31 37 31 39 31 5c 22 3b 32 31 35 32 3a 5c 22 31 37 33 39 31 5c 22 3b 32 30 30 30 3a 5c 22 31 33 36 38 30 5c 22 3b 32 30 31 31 3a 5c 22 38 5c 22 3b 31 31 30 33 34 3a 5c 22 36 39 35 39 34 37 36 30 36 5c 22 3b 22 2c 22 68 63 73 22 3a 22 30 22 7d 2c 22 54 65 78 74 22 3a 22 ee 80 80 63 6d 64 ee 80 81 66 22 2c 22 48 69 67 68 43 6f 6e 66 69 64 65 6e 63 65 4d 65 74 61 53 75 67 67 65 73 74 69 6f 6e 53 63 6f 72 65
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: idenceScore":0},{"Attributes":{"url":"/search?q=cmdf","query":"cmdf","stype":"AS","lm":"1000:\"0\";2200:\"13\";30001:\"17191\";2152:\"17391\";2000:\"13680\";2011:\"8\";11034:\"695947606\";","hcs":"0"},"Text":"cmdf","HighConfidenceMetaSuggestionScore
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC2306INData Raw: 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 63 6d 64 2b 68 6f 73 74 6e 61 6d 65 22 2c 22 71 75 65 72 79 22 3a 22 63 6d 64 20 68 6f 73 74 6e 61 6d 65 22 2c 22 73 74 79 70 65 22 3a 22 41 53 22 2c 22 6c 6d 22 3a 22 31 30 30 30 3a 5c 22 30 5c 22 3b 32 32 30 30 3a 5c 22 31 33 5c 22 3b 33 30 30 30 31 3a 5c 22 31 37 30 31 35 5c 22 3b 32 31 35 32 3a 5c 22 31 37 37 30 32 5c 22 3b 32 30 30 30 3a 5c 22 31 34 39 35 33 5c 22 3b 32 30 31 31 3a 5c 22 31 30 5c 22 3b 31 31 30 33 34 3a 5c 22 36 39 35 39 34 37 36 30 36 5c 22 3b 22 2c 22 68 63 73 22 3a 22 30 22 7d 2c 22 54 65 78 74 22 3a 22 ee 80 80 63 6d 64 ee 80 81 20 68 6f 73 74 6e 61 6d 65 22 2c 22 48 69 67 68 43 6f 6e 66 69 64 65 6e 63 65 4d 65 74 61 53 75 67 67 65 73 74 69 6f 6e 53
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ributes":{"url":"/search?q=cmd+hostname","query":"cmd hostname","stype":"AS","lm":"1000:\"0\";2200:\"13\";30001:\"17015\";2152:\"17702\";2000:\"14953\";2011:\"10\";11034:\"695947606\";","hcs":"0"},"Text":"cmd hostname","HighConfidenceMetaSuggestionS


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          15192.168.2.1649718204.79.197.200443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:32 UTC2347OUTGET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=cmd.&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=4&cvid=bcf07b8592a545e9b0029ba82eb71240&ig=19015a42f5b44de59b5868ced1170896 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-CH
                                                                                                                                                                                                                                                                                                                                                          X-Agent-DeviceId: 01000A4109009A83
                                                                                                                                                                                                                                                                                                                                                          X-BM-CBT: 1714674509
                                                                                                                                                                                                                                                                                                                                                          X-BM-ClientFeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStore
                                                                                                                                                                                                                                                                                                                                                          X-BM-DateFormat: dd/MM/yyyy
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceDimensions: 784x640
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceDimensionsLogical: 784x640
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceScale: 100
                                                                                                                                                                                                                                                                                                                                                          X-BM-DTZ: 120
                                                                                                                                                                                                                                                                                                                                                          X-BM-Market: CH
                                                                                                                                                                                                                                                                                                                                                          X-BM-Theme: 000000;0078d7
                                                                                                                                                                                                                                                                                                                                                          X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                                                                                                                                                                                                                                                                                                                          X-Device-ClientSession: 6EBE75B5BB8C4D8DB7946C9919CFF732
                                                                                                                                                                                                                                                                                                                                                          X-Device-isOptin: false
                                                                                                                                                                                                                                                                                                                                                          X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                                                                                                                                                                                                                                                                          X-Device-OSSKU: 48
                                                                                                                                                                                                                                                                                                                                                          X-Device-Touch: false
                                                                                                                                                                                                                                                                                                                                                          X-DeviceID: 01000A4109009A83
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-ExternalExpType: JointCoord
                                                                                                                                                                                                                                                                                                                                                          X-PositionerType: Desktop
                                                                                                                                                                                                                                                                                                                                                          X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                                                                                                                                                                                                                                                                          X-Search-CortanaAvailableCapabilities: None
                                                                                                                                                                                                                                                                                                                                                          X-Search-SafeSearch: Moderate
                                                                                                                                                                                                                                                                                                                                                          X-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard Time
                                                                                                                                                                                                                                                                                                                                                          X-UserAgeClass: Unknown
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC1188INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 4048
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Expires: -1
                                                                                                                                                                                                                                                                                                                                                          P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; domain=.bing.com; path=/; HttpOnly
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: MUIDB=5047E5942BB2460EA35B53CCF78DDB3D; expires=Tue, 27-May-2025 18:28:33 GMT; path=/; HttpOnly
                                                                                                                                                                                                                                                                                                                                                          X-EventID: 6633db512b50492383961458bc90e0ed
                                                                                                                                                                                                                                                                                                                                                          UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-Ref: Ref A: E665DB8CD17B4446A58BE13CEC78E0D1 Ref B: TEB31EDGE0214 Ref C: 2024-05-02T18:28:33Z
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:32 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC1554INData Raw: 7b 22 52 65 73 6f 75 72 63 65 73 22 3a 7b 22 53 74 79 6c 65 73 22 3a 7b 22 43 73 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 43 73 73 48 65 61 64 4f 76 65 72 72 69 64 65 22 3a 7b 7d 7d 2c 22 53 63 72 69 70 74 73 22 3a 7b 22 4a 73 48 65 61 64 54 6f 70 6d 6f 73 74 22 3a 7b 7d 2c 22 4a 73 48 65 61 64 4e 6f 72 6d 61 6c 22 3a 7b 7d 2c 22 4a 73 45 6e 64 4f 66 43 68 75 6e 6b 22 3a 7b 7d 2c 22 4a 73 42 65 66 6f 72 65 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 43 6f 6e 74 65 6e 74 22 3a 7b 7d 2c 22 4a 73 41 66 74 65 72 4f 6e 4c 6f 61 64 22 3a 7b 7d 7d 7d 2c 22 53 75 67 67 65 73 74 69 6f 6e 73 22 3a 5b 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 63 6d 64 2e 65 78 65 2b 61 6c 73 2b 61 64 6d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: {"Resources":{"Styles":{"CssHeadNormal":{},"CssHeadOverride":{}},"Scripts":{"JsHeadTopmost":{},"JsHeadNormal":{},"JsEndOfChunk":{},"JsBeforeContent":{},"JsAfterContent":{},"JsAfterOnLoad":{}}},"Suggestions":[{"Attributes":{"url":"/search?q=cmd.exe+als+adm
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC1575INData Raw: 7d 2c 22 54 65 78 74 22 3a 22 ee 80 80 63 6d 64 2e ee 80 81 65 78 65 20 73 74 61 72 74 65 6e 22 2c 22 48 69 67 68 43 6f 6e 66 69 64 65 6e 63 65 4d 65 74 61 53 75 67 67 65 73 74 69 6f 6e 53 63 6f 72 65 22 3a 30 2c 22 50 72 65 66 65 74 63 68 43 6f 6e 66 69 64 65 6e 63 65 53 63 6f 72 65 22 3a 30 7d 2c 7b 22 41 74 74 72 69 62 75 74 65 73 22 3a 7b 22 75 72 6c 22 3a 22 2f 73 65 61 72 63 68 3f 71 3d 63 6d 64 2e 65 78 65 2b 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 22 2c 22 71 75 65 72 79 22 3a 22 63 6d 64 2e 65 78 65 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 22 2c 22 73 74 79 70 65 22 3a 22 4c 54 22 2c 22 6c 6d 22 3a 22 31 30 30 30 3a 5c 22 30 5c 22 3b 32 32 30 30 3a 5c 22 31 35 5c 22 3b 33 30 30 30 31 3a 5c 22 31 37 38 39 35 5c 22 3b 32 31 35 32 3a 5c 22 31 38 39
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: },"Text":"cmd.exe starten","HighConfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0},{"Attributes":{"url":"/search?q=cmd.exe+administrator","query":"cmd.exe administrator","stype":"LT","lm":"1000:\"0\";2200:\"15\";30001:\"17895\";2152:\"189
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC919INData Raw: 6f 6e 66 69 64 65 6e 63 65 4d 65 74 61 53 75 67 67 65 73 74 69 6f 6e 53 63 6f 72 65 22 3a 30 2c 22 50 72 65 66 65 74 63 68 43 6f 6e 66 69 64 65 6e 63 65 53 63 6f 72 65 22 3a 30 7d 5d 2c 22 45 4c 54 6f 6b 65 6e 22 3a 22 22 2c 22 52 61 6e 6b 69 6e 67 53 69 67 6e 61 6c 73 22 3a 7b 22 43 6f 6e 74 61 63 74 73 52 61 74 69 6f 22 3a 22 30 22 2c 22 54 68 50 61 74 68 22 3a 22 30 22 2c 22 53 75 67 67 65 73 74 69 6f 6e 47 72 6f 75 70 73 22 3a 22 30 5c 74 30 5c 74 31 31 5c 74 31 31 5c 74 31 30 30 22 2c 22 46 69 6c 65 73 52 61 74 69 6f 22 3a 22 30 2e 31 34 33 22 2c 22 54 68 45 6d 61 69 6c 22 3a 22 30 22 2c 22 50 68 6f 74 6f 73 56 69 64 65 6f 73 4d 75 73 69 63 52 61 74 69 6f 22 3a 22 30 22 2c 22 54 68 53 65 61 72 63 68 54 68 65 57 65 62 22 3a 22 30 2e 30 30 31 22 2c 22
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: onfidenceMetaSuggestionScore":0,"PrefetchConfidenceScore":0}],"ELToken":"","RankingSignals":{"ContactsRatio":"0","ThPath":"0","SuggestionGroups":"0\t0\t11\t11\t100","FilesRatio":"0.143","ThEmail":"0","PhotosVideosMusicRatio":"0","ThSearchTheWeb":"0.001","


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          16192.168.2.164971923.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC780OUTGET /rb/48/ortl,cc,nc/4-xJy3tX6bM2BGl5zKioiEcQ1TU.css?bu=A4gCjAKPAg&or=w HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC1189INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/css; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Server: Kestrel
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: *
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Thu, 07 Dec 2023 22:46:03 GMT
                                                                                                                                                                                                                                                                                                                                                          X-EventID: 65ff4fc9244b4f3c8f232b9eb7c37791
                                                                                                                                                                                                                                                                                                                                                          UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                                                                                                                                                                                                                                                                          X-AS-InstrumentationOptions: AppServerLoggingMaster=1
                                                                                                                                                                                                                                                                                                                                                          X-AS-MACHINENAME: BNZEEAP00016B38
                                                                                                                                                                                                                                                                                                                                                          X-AS-SuppressSetCookie: 1
                                                                                                                                                                                                                                                                                                                                                          cross-origin-resource-policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=206815
                                                                                                                                                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 03:55:28 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:33 GMT
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 15967
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674513.d302de1
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC15195INData Raw: 68 74 6d 6c 7b 2d 6d 73 2d 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 6f 76 65 72 66 6c 6f 77 2d 79 3a 68 69 64 64 65 6e 3b 6f 76 65 72 66 6c 6f 77 2d 78 3a 68 69 64 64 65 6e 3b 63 75 72 73 6f 72 3a 64 65 66 61 75 6c 74 7d 62 6f 64 79 5b 64 69 72 5d 20 74 61 62 6c 65 2c 62 6f 64 79 5b 64 69 72 5d 20 74 64 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 62 6f 64 79 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 30 70 78 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 22 53 65 67 6f 65 20 55 49 22 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 53 61 6e 73 2d 53 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 30 30 30 7d 62 6f 64 79 5b 64 69 72 5d 7b 6d 61 72 67 69 6e 3a 30 7d 62 6f 64 79 20 2e 74 61 6c 6c 55 78 7b
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: html{-ms-user-select:none;overflow-y:hidden;overflow-x:hidden;cursor:default}body[dir] table,body[dir] td{margin:0;padding:0}body{font-size:15px;line-height:20px;font-family:"Segoe UI",Arial,Helvetica,Sans-Serif;color:#000}body[dir]{margin:0}body .tallUx{
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC772INData Raw: 28 2e 63 6f 72 74 61 6e 61 49 63 6f 6e 29 20 2e 69 63 6f 6e 20 69 6d 67 7b 77 69 64 74 68 3a 31 33 70 78 3b 68 65 69 67 68 74 3a 31 33 70 78 7d 2e 61 73 50 61 64 64 69 6e 67 20 2e 64 6f 75 62 6c 65 4c 69 6e 65 20 2e 73 65 63 6f 6e 64 61 72 79 49 63 6f 6e 3e 2e 69 63 6f 6e 7b 6d 69 6e 2d 77 69 64 74 68 3a 34 34 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 34 34 70 78 3b 6d 61 78 2d 68 65 69 67 68 74 3a 34 34 70 78 7d 62 6f 64 79 5b 64 69 72 5d 20 2e 61 73 50 61 64 64 69 6e 67 20 2e 64 6f 75 62 6c 65 4c 69 6e 65 20 2e 73 65 63 6f 6e 64 61 72 79 49 63 6f 6e 3e 2e 69 63 6f 6e 7b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 36 70 78 7d 2e 61 73 50 61 64 64 69 6e 67 20 2e 6e 6f 72 6d 61 6c 69 7a 65 64 42 69 67 49 63 6f 6e 20 2e 73 65 63 6f 6e 64 61 72 79 49 63 6f 6e 20 2e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: (.cortanaIcon) .icon img{width:13px;height:13px}.asPadding .doubleLine .secondaryIcon>.icon{min-width:44px;min-height:44px;max-height:44px}body[dir] .asPadding .doubleLine .secondaryIcon>.icon{padding-top:6px}.asPadding .normalizedBigIcon .secondaryIcon .


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          17192.168.2.164972023.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC907OUTGET /rb/6Z/cir3,ortl,cc,nc/-_4t3lNKw8PS2hUFxueC-WKH4m8.css?bu=MagKogquCqIKkguiCpgLogqgC6IKpwuiCq0LogqzC6IKuQuiCsAKogrGCqIKugqiCqIKiQuiCtUKogrbCqIKzwqiCqIK6wruCqIKogqGC_QKogr6Cv0KogrjC6IKvwuiCpEM&or=w HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC1247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/css; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Server: Kestrel
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: *
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 30 Apr 2024 15:39:11 GMT
                                                                                                                                                                                                                                                                                                                                                          X-EventID: 66328263e3534d8eb2b61f37fb7cd772
                                                                                                                                                                                                                                                                                                                                                          UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                                                                                                                                                                                                                                                                          X-AS-InstrumentationOptions: AppServerLoggingMaster=1
                                                                                                                                                                                                                                                                                                                                                          X-AS-MACHINENAME: BNZEEAP00016A3F
                                                                                                                                                                                                                                                                                                                                                          X-AS-SuppressSetCookie: 1
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          cross-origin-resource-policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=343803
                                                                                                                                                                                                                                                                                                                                                          Expires: Mon, 06 May 2024 17:58:36 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:33 GMT
                                                                                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Connection: Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674513.d30359c
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:33 UTC15137INData Raw: 30 30 30 30 36 30 30 30 0d 0a 40 6b 65 79 66 72 61 6d 65 73 20 61 6c 67 6f 50 6c 61 63 65 68 6f 6c 64 65 72 53 68 69 6d 6d 65 72 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 30 30 25 29 7d 31 30 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 31 30 30 25 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 2d 6d 6f 7a 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 2d 6f 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 3b 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000@keyframes algoPlaceholderShimmer{0%{transform:translateX(-100%)}100%{transform:translateX(100%)}}@keyframes fadein{0%{opacity:0}100%{opacity:1}}@-moz-keyframes fadein{0%{opacity:0}100%{opacity:1}}@-o-keyframes fadein{0%{opacity:0;}100%{opacity:
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:34 UTC9451INData Raw: 6e 74 65 78 74 4d 65 6e 75 20 2e 6d 65 6e 75 2d 69 74 65 6d 5f 64 65 74 61 69 6c 73 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 38 70 78 7d 2e 63 6f 6e 74 65 78 74 4d 65 6e 75 20 2e 64 69 76 69 64 65 72 7b 62 6f 72 64 65 72 3a 30 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 2e 32 29 7d 62 6f 64 79 5b 64 69 72 5d 20 2e 63 6f 6e 74 65 78 74 4d 65 6e 75 20 2e 64 69 76 69 64 65 72 7b 70 61 64 64 69 6e 67 3a 30 3b 6d 61 72 67 69 6e 3a 34 70 78 20 31 32 70 78 7d 2e 64 61 72 6b 54 68 65 6d 65 20 2e 63 6f 6e 74 65 78 74 4d 65 6e 75 20 2e 64 69 76 69 64 65 72 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 33 29 7d 2e 6d 65 6e 75 49 74 65 6d 7b 66
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ntextMenu .menu-item_details{padding-right:28px}.contextMenu .divider{border:0;border-top:1px solid rgba(0,0,0,.2)}body[dir] .contextMenu .divider{padding:0;margin:4px 12px}.darkTheme .contextMenu .divider{border-top-color:rgba(255,255,255,.3)}.menuItem{f
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:34 UTC16384INData Raw: 30 30 30 30 36 30 30 30 0d 0a 25 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 6e 6f 2d 72 65 70 65 61 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 33 66 32 66 31 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 58 28 2d 31 30 30 25 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 32 73 3b 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2d 66 75 6e 63 74 69 6f 6e 3a 65 61 73 65 2d 69 6e 2d 6f 75 74 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 69 72 65 63 74 69 6f 6e 3a 6e 6f 72 6d 61 6c 3b 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 3a 69 6e 66 69 6e 69 74 65 3b 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 61 6c 67 6f 50 6c 61 63 65 68 6f 6c 64 65 72 53 68 69 6d 6d 65 72 3b 63 6f
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000%;background-repeat:no-repeat;background-color:#f3f2f1;transform:translateX(-100%);animation-duration:2s;animation-timing-function:ease-in-out;animation-direction:normal;animation-iteration-count:infinite;animation-name:algoPlaceholderShimmer;co
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:34 UTC8204INData Raw: 63 6f 6e 2c 2e 74 6f 70 52 65 73 75 6c 74 73 20 2e 62 69 67 49 63 6f 6e 2e 62 69 67 67 65 72 49 63 6f 6e 20 2e 69 63 6f 6e 43 6f 6e 74 61 69 6e 65 72 7b 77 69 64 74 68 3a 39 32 70 78 3b 68 65 69 67 68 74 3a 39 32 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 39 32 70 78 7d 62 6f 64 79 5b 64 69 72 3d 27 6c 74 72 27 5d 20 2e 74 6f 70 52 65 73 75 6c 74 73 20 2e 62 69 67 49 63 6f 6e 2e 62 69 67 67 65 72 49 63 6f 6e 20 2e 64 65 74 61 69 6c 73 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 30 34 70 78 7d 62 6f 64 79 5b 64 69 72 3d 27 72 74 6c 27 5d 20 2e 74 6f 70 52 65 73 75 6c 74 73 20 2e 62 69 67 49 63 6f 6e 2e 62 69 67 67 65 72 49 63 6f 6e 20 2e 64 65 74 61 69 6c 73 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 30 34 70 78 7d 2e 74 6f 70 52 65 73 75 6c 74 73 20 2e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: con,.topResults .bigIcon.biggerIcon .iconContainer{width:92px;height:92px;font-size:92px}body[dir='ltr'] .topResults .bigIcon.biggerIcon .details{padding-left:104px}body[dir='rtl'] .topResults .bigIcon.biggerIcon .details{padding-right:104px}.topResults .
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:34 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 20 36 70 78 20 38 70 78 7d 2e 64 61 72 6b 54 68 65 6d 65 20 2e 67 72 6f 75 70 20 2e 67 72 6f 75 70 48 65 61 64 65 72 53 65 65 4d 6f 72 65 31 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 63 63 65 6e 74 31 32 29 7d 2e 67 72 6f 75 70 48 65 61 64 65 72 2e 67 72 6f 75 70 48 65 61 64 65 72 53 65 65 4d 6f 72 65 32 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 63 63 65 6e 74 31 31 29 7d 2e 64 61 72 6b 54 68 65 6d 65 20 2e 67 72 6f 75 70 48 65 61 64 65 72 2e 67 72 6f 75 70 48 65 61 64 65 72 53 65 65 4d 6f 72 65 32 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 63 63 65 6e 74 31 32 29 7d 62 6f 64 79 5b 64 69 72 3d 27 6c 74 72 27 5d 20 2e 67 72 6f 75 70 48 65 61 64 65 72 2e 67 72 6f 75 70 48 65 61 64 65 72 53 65 65 4d 6f 72 65 32 20 73 76 67 7b 6d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000 6px 8px}.darkTheme .group .groupHeaderSeeMore1{color:var(--accent12)}.groupHeader.groupHeaderSeeMore2{color:var(--accent11)}.darkTheme .groupHeader.groupHeaderSeeMore2{color:var(--accent12)}body[dir='ltr'] .groupHeader.groupHeaderSeeMore2 svg{m
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:34 UTC12INData Raw: 6d 65 73 20 66 61 64 65 69 6e 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: mes fadein
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:34 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 2d 6d 6f 7a 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 2d 6f 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 3b 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 3b 7d 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 64 65 69 6e 7b 30 25 7b 6f 70 61 63 69 74 79 3a 30 7d 31 30 30 25 7b 6f 70 61 63 69 74 79 3a 31 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 6c 6f 6f 70 69 6e 67 52 6f 74 61 74 65 7b 30 25 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 30 64 65 67 29 20 74 72 61 6e 73
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000{0%{opacity:0}100%{opacity:1}}@-moz-keyframes fadein{0%{opacity:0}100%{opacity:1}}@-o-keyframes fadein{0%{opacity:0;}100%{opacity:1;}}@-webkit-keyframes fadein{0%{opacity:0}100%{opacity:1}}@keyframes loopingRotate{0%{transform:rotate(0deg) trans
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:34 UTC12INData Raw: 73 61 62 6c 65 29 7b 6f 75 74 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: sable){out
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:34 UTC16270INData Raw: 30 30 30 30 33 46 38 32 0d 0a 6c 69 6e 65 3a 6e 6f 6e 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 63 63 65 6e 74 31 29 7d 23 72 6f 6f 74 3a 6e 6f 74 28 2e 77 69 6e 31 31 29 3a 6e 6f 74 28 2e 66 69 6c 65 45 78 70 6c 6f 72 65 72 29 3a 6e 6f 74 28 2e 7a 65 72 6f 49 6e 70 75 74 31 39 48 31 29 20 2e 74 6f 70 52 65 73 75 6c 74 73 20 2e 73 65 6c 65 63 74 61 62 6c 65 2e 73 61 5f 68 76 2e 61 72 72 6f 77 4f 72 54 61 62 41 63 74 69 6f 6e 3a 6e 6f 74 28 2e 66 6f 63 75 73 61 62 6c 65 29 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 30 30 30 7d 23 72 6f 6f 74 3a 6e 6f 74 28 2e 77 69 6e 31 31 29 3a 6e 6f 74 28 2e 66 69 6c 65 45 78 70 6c 6f 72 65 72 29 3a 6e 6f 74 28 2e 7a 65 72 6f 49 6e 70 75 74 31 39 48 31 29 20 2e 74 6f 70 52 65 73 75
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 00003F82line:none;background-color:var(--accent1)}#root:not(.win11):not(.fileExplorer):not(.zeroInput19H1) .topResults .selectable.sa_hv.arrowOrTabAction:not(.focusable){border-color:#000}#root:not(.win11):not(.fileExplorer):not(.zeroInput19H1) .topResu
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:34 UTC16384INData Raw: 30 30 30 30 36 30 30 30 0d 0a 72 74 6c 27 5d 20 2e 7a 65 72 6f 49 6e 70 75 74 31 39 48 31 20 2e 73 65 63 6f 6e 64 61 72 79 54 65 78 74 2e 73 65 6c 65 63 74 61 62 6c 65 2e 67 72 6f 75 70 54 69 74 6c 65 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 31 36 70 78 7d 2e 7a 65 72 6f 49 6e 70 75 74 31 39 48 31 20 2e 73 65 63 6f 6e 64 61 72 79 54 65 78 74 2e 73 65 6c 65 63 74 61 62 6c 65 3a 61 63 74 69 76 65 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 2e 34 29 7d 2e 7a 65 72 6f 49 6e 70 75 74 31 39 48 31 3a 6e 6f 74 28 2e 77 69 6e 31 31 29 20 2e 67 72 6f 75 70 43 6f 6e 74 61 69 6e 65 72 3a 6e 6f 74 28 2e 74 72 65 6e 64 69 6e 67 53 65 61 72 63 68 44 61 74 61 47 72 6f 75 70 29 20 2e 67 72 6f 75 70 20 2e 67 72 6f 75 70 48 65 61 64 65 72 2c 2e 7a 65 72 6f 49 6e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000rtl'] .zeroInput19H1 .secondaryText.selectable.groupTitle{margin-right:16px}.zeroInput19H1 .secondaryText.selectable:active{color:rgba(0,0,0,.4)}.zeroInput19H1:not(.win11) .groupContainer:not(.trendingSearchDataGroup) .group .groupHeader,.zeroIn


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          18192.168.2.164972123.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:34 UTC796OUTGET /rb/6Z/ortl,cc,nc/JmfAIE20nOCyQ3TY7bnLsgT0ICc.css?bu=Cf4LogqDDKIKhwyiCqIKogqiCg&or=w HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:34 UTC1247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/css; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Server: Kestrel
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: *
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Mon, 15 Apr 2024 19:02:47 GMT
                                                                                                                                                                                                                                                                                                                                                          X-EventID: 66308994f724462c943e33810f6a882b
                                                                                                                                                                                                                                                                                                                                                          UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                                                                                                                                                                                                                                                                          X-AS-InstrumentationOptions: AppServerLoggingMaster=1
                                                                                                                                                                                                                                                                                                                                                          X-AS-MACHINENAME: BNZEEAP00016AE3
                                                                                                                                                                                                                                                                                                                                                          X-AS-SuppressSetCookie: 1
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          cross-origin-resource-policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=214363
                                                                                                                                                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 06:01:17 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:34 GMT
                                                                                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Connection: Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674514.d304367
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:34 UTC15137INData Raw: 30 30 30 30 36 30 30 30 0d 0a 23 74 6f 70 52 65 73 75 6c 74 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 2e 6d 73 62 2d 70 65 6f 70 6c 65 20 2e 69 63 6f 6e 7b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 7d 23 74 6f 70 52 65 73 75 6c 74 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 2e 6d 73 62 2d 70 65 6f 70 6c 65 20 2e 69 63 6f 6e 3e 69 6d 67 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 77 69 64 74 68 3a 31 30 30 25 7d 23 67 72 6f 75 70 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 2e 6d 73 62 2d 70 65 6f 70 6c 65 20 2e 69 63 6f 6e 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 35 30 25 7d 23 67 72 6f 75 70 73 20 2e 73 75 67 67 65 73 74 69 6f 6e 2e 6d 73 62 2d 70 65 6f 70 6c 65 20 2e 69 63 6f 6e 3e 69 6d 67 7b
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000#topResults .suggestion.msb-people .icon{vertical-align:middle}#topResults .suggestion.msb-people .icon>img{border-radius:50%;height:100%;width:100%}#groups .suggestion.msb-people .icon{border-radius:50%}#groups .suggestion.msb-people .icon>img{
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:35 UTC9451INData Raw: 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 38 29 7d 2e 64 61 72 6b 54 68 65 6d 65 20 2e 70 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 2e 6d 73 62 50 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 20 23 62 5f 62 66 62 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 63 6f 6c 6f 72 3a 23 36 36 36 7d 2e 64 61 72 6b 54 68 65 6d 65 20 2e 70 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 2e 6d 73 62 50 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 20 23 62 5f 62 66 62 20 23 62 66 62 5f 63 6f 6e 74 65 6e 74 20 2e 6d 73 2d 73 65 61 72 63 68 2d 74 65 78 74 2d 68 31 7b 63 6f 6c 6f 72 3a 23 66 61 66 39 66 38 7d 2e 64 61 72 6b 54 68 65 6d 65 20 2e 70 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 2e 6d 73 62 50 72 65 76 69 65 77 43 6f
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 255,255,255,.8)}.darkTheme .previewContainer.msbPreviewContainer #b_bfb{background-color:transparent;color:#666}.darkTheme .previewContainer.msbPreviewContainer #b_bfb #bfb_content .ms-search-text-h1{color:#faf9f8}.darkTheme .previewContainer.msbPreviewCo
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:35 UTC16384INData Raw: 30 30 30 30 36 30 30 30 0d 0a 74 65 6e 74 43 6f 6e 74 61 69 6e 65 72 22 5d 20 5b 63 6c 61 73 73 2a 3d 22 6f 72 67 43 68 61 72 74 22 5d 20 5b 63 6c 61 73 73 2a 3d 22 65 78 70 61 6e 73 69 6f 6e 42 75 74 74 6f 6e 43 6f 6e 74 61 69 6e 65 72 22 5d 3e 2e 6d 73 2d 73 65 61 72 63 68 2d 74 65 78 74 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 72 67 62 61 28 30 2c 30 2c 30 2c 2e 33 29 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 76 61 72 28 2d 2d 61 63 63 65 6e 74 31 32 29 7d 2e 64 61 72 6b 54 68 65 6d 65 20 23 6d 73 62 50 61 6e 65 2e 70 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 2e 6d 73 62 50 72 65 76 69 65 77 43 6f 6e 74 61 69 6e 65 72 20 23 62 5f 62 66 62 20 2e 6d 73 2d 73 65 61 72 63 68 2d 72 69 62 62 6f 6e 20 23 62 66 62 5f 63 6f 6e 74 65 6e 74 20 5b 63 6c
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000tentContainer"] [class*="orgChart"] [class*="expansionButtonContainer"]>.ms-search-text{background:rgba(0,0,0,.3);border:1px solid var(--accent12)}.darkTheme #msbPane.previewContainer.msbPreviewContainer #b_bfb .ms-search-ribbon #bfb_content [cl
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:35 UTC8204INData Raw: 6f 75 74 4d 73 62 44 73 62 43 6f 6e 74 61 69 6e 65 72 53 63 72 6f 6c 6c 53 6d 61 6c 6c 20 2e 66 72 65 45 78 61 6d 70 6c 65 43 6f 6e 74 61 69 6e 65 72 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 30 70 78 7d 2e 6d 73 62 46 72 65 43 6f 6e 74 61 69 6e 65 72 7b 6d 61 78 2d 77 69 64 74 68 3a 33 34 30 70 78 3b 68 65 69 67 68 74 3a 31 30 30 25 7d 62 6f 64 79 5b 64 69 72 3d 27 6c 74 72 27 5d 20 2e 6d 73 62 46 72 65 43 6f 6e 74 61 69 6e 65 72 7b 70 61 64 64 69 6e 67 3a 36 30 70 78 20 30 20 30 20 32 34 70 78 7d 62 6f 64 79 5b 64 69 72 3d 27 72 74 6c 27 5d 20 2e 6d 73 62 46 72 65 43 6f 6e 74 61 69 6e 65 72 7b 70 61 64 64 69 6e 67 3a 36 30 70 78 20 32 34 70 78 20 30 20 30 7d 2e 6d 73 62 46 72 65 43 6f 6e 74 61 69 6e 65 72 20 2e 66 72 65 50 72 6f 66 69 6c 65 53 65 63 74
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: outMsbDsbContainerScrollSmall .freExampleContainer{margin-top:100px}.msbFreContainer{max-width:340px;height:100%}body[dir='ltr'] .msbFreContainer{padding:60px 0 0 24px}body[dir='rtl'] .msbFreContainer{padding:60px 24px 0 0}.msbFreContainer .freProfileSect
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:35 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 73 61 62 6c 65 2e 77 68 6f 6c 65 70 61 67 65 74 61 62 73 5f 5f 63 6f 6e 74 61 69 6e 65 72 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 36 70 78 20 36 70 78 20 30 20 30 7d 2e 64 73 62 2d 68 65 72 6f 20 2e 64 73 62 2d 68 65 72 6f 5f 5f 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 64 65 73 63 72 69 70 74 69 76 65 2d 68 6f 76 65 72 2d 63 61 72 64 5f 5f 62 69 6e 67 2d 6c 6f 67 6f 7b 61 6c 69 67 6e 2d 73 65 6c 66 3a 66 6c 65 78 2d 65 6e 64 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 7d 62 6f 64 79 5b 64 69 72 5d 20 2e 64 73 62 2d 68 65 72 6f 20 2e 64 73 62 2d 68 65 72 6f 5f 5f 63 6f 6e 74 65 6e 74 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 64 65 73 63 72 69 70 74 69 76 65 2d 68 6f 76 65 72 2d 63 61 72 64 5f 5f 62 69
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000sable.wholepagetabs__container{border-radius:6px 6px 0 0}.dsb-hero .dsb-hero__content-container .descriptive-hover-card__bing-logo{align-self:flex-end;position:absolute}body[dir] .dsb-hero .dsb-hero__content-container .descriptive-hover-card__bi
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:35 UTC12INData Raw: 69 72 74 68 64 61 79 2d 63 61 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: irthday-ca
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:35 UTC16384INData Raw: 30 30 30 30 34 30 30 30 0d 0a 72 64 2d 68 65 72 6f 2d 63 6c 61 69 6d 2d 62 75 74 74 6f 6e 3a 68 6f 76 65 72 7b 6f 70 61 63 69 74 79 3a 2e 38 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 64 73 62 2d 68 65 72 6f 2e 64 73 62 2d 62 69 72 74 68 64 61 79 2d 63 61 72 64 2d 68 65 72 6f 20 2e 62 69 72 74 68 64 61 79 2d 63 61 72 64 2d 66 6f 6f 74 65 72 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 3b 63 6f 6c 6f 72 3a 23 30 30 30 3b 68 65 69 67 68 74 3a 33 30 70 78 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 66 6c 65 78 2d 65 6e 64 3b 6f 70 61 63 69 74 79 3a 30 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 59 28 2d 33 70 78 29 3b 61 6e 69 6d 61 74 69 6f 6e 3a 62 69 72 74 68 64 61 79 2d 72 65 76 65 61 6c 20 6c 69 6e 65 61 72
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 00004000rd-hero-claim-button:hover{opacity:.8 !important}.dsb-hero.dsb-birthday-card-hero .birthday-card-footer{font-size:11px;color:#000;height:30px;display:flex;align-items:flex-end;opacity:0;transform:translateY(-3px);animation:birthday-reveal linear
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:35 UTC12INData Raw: 6d 73 62 64 73 62 5f 70 65 6f 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: msbdsb_peo
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:35 UTC16384INData Raw: 30 30 30 30 36 30 30 30 0d 0a 70 6c 65 5f 65 78 70 6c 61 6e 61 74 69 6f 6e 73 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 62 6f 64 79 5b 64 69 72 3d 27 72 74 6c 27 5d 20 23 6d 73 62 5f 64 73 62 5f 72 6f 6f 74 20 2e 6d 73 62 64 73 62 2d 6d 70 2d 63 6f 6e 74 65 6e 74 20 2e 6d 73 62 64 73 62 2d 6d 70 2d 70 70 6c 2e 6d 73 62 64 73 62 5f 70 65 6f 70 6c 65 5f 65 78 70 6c 61 6e 61 74 69 6f 6e 73 2c 62 6f 64 79 5b 64 69 72 3d 27 72 74 6c 27 5d 20 23 6d 73 62 5f 64 73 62 5f 62 72 74 6f 70 20 2e 6d 73 62 64 73 62 2d 6d 70 2d 63 6f 6e 74 65 6e 74 20 2e 6d 73 62 64 73 62 2d 6d 70 2d 70 70 6c 2e 6d 73 62 64 73 62 5f 70 65 6f 70 6c 65 5f 65 78 70 6c 61 6e 61 74 69 6f 6e 73 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 00006000ple_explanations{padding-left:0;padding-right:0}body[dir='rtl'] #msb_dsb_root .msbdsb-mp-content .msbdsb-mp-ppl.msbdsb_people_explanations,body[dir='rtl'] #msb_dsb_brtop .msbdsb-mp-content .msbdsb-mp-ppl.msbdsb_people_explanations{padding-right:
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:35 UTC8204INData Raw: 6d 73 62 5f 64 73 62 5f 62 72 74 6f 70 20 2e 6d 73 62 64 73 62 2d 6d 70 2d 63 6f 6e 74 65 6e 74 20 2e 6d 73 62 5f 64 73 62 5f 73 63 6f 70 65 5f 65 6e 74 72 79 5f 62 75 74 74 6f 6e 5f 64 6f 63 75 6d 65 6e 74 73 20 2e 6d 73 62 5f 64 73 62 5f 73 63 6f 70 65 5f 65 6e 74 72 79 5f 62 75 74 74 6f 6e 5f 74 65 78 74 7b 6c 65 66 74 3a 36 30 70 78 7d 62 6f 64 79 5b 64 69 72 3d 27 72 74 6c 27 5d 20 23 6d 73 62 5f 64 73 62 5f 72 6f 6f 74 20 2e 6d 73 62 64 73 62 2d 6d 70 2d 63 6f 6e 74 65 6e 74 20 2e 6d 73 62 5f 64 73 62 5f 73 63 6f 70 65 5f 65 6e 74 72 79 5f 62 75 74 74 6f 6e 5f 64 6f 63 75 6d 65 6e 74 73 20 2e 6d 73 62 5f 64 73 62 5f 73 63 6f 70 65 5f 65 6e 74 72 79 5f 62 75 74 74 6f 6e 5f 74 65 78 74 2c 62 6f 64 79 5b 64 69 72 3d 27 72 74 6c 27 5d 20 23 6d 73 62 5f
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: msb_dsb_brtop .msbdsb-mp-content .msb_dsb_scope_entry_button_documents .msb_dsb_scope_entry_button_text{left:60px}body[dir='rtl'] #msb_dsb_root .msbdsb-mp-content .msb_dsb_scope_entry_button_documents .msb_dsb_scope_entry_button_text,body[dir='rtl'] #msb_


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          19192.168.2.164972223.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:35 UTC774OUTGET /rb/6Z/ortl,cc,nc/QNBBNqWD9F_Blep-UqQSqnMp-FI.css?bu=AaIK&or=w HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:35 UTC1206INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/css; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Server: Kestrel
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: *
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 16 Aug 2022 20:24:42 GMT
                                                                                                                                                                                                                                                                                                                                                          X-EventID: 66308994b171422eb1f42aad11e32f5a
                                                                                                                                                                                                                                                                                                                                                          UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                                                                                                                                                                                                                                                                          X-AS-InstrumentationOptions: AppServerLoggingMaster=1
                                                                                                                                                                                                                                                                                                                                                          X-AS-MACHINENAME: BNZEEAP00016B3B
                                                                                                                                                                                                                                                                                                                                                          X-AS-SuppressSetCookie: 1
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          cross-origin-resource-policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.75}
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=214324
                                                                                                                                                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 06:00:39 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:35 GMT
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 6
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674515.d304fee
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:35 UTC6INData Raw: 7a 7b 61 3a 31 7d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: z{a:1}


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          20192.168.2.164972323.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:36 UTC746OUTGET /rp/-J3VxRIiWrHuPogk9K4b_3qk_qI.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:36 UTC902INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 15226
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Content-MD5: kzi5LKSe1j9c+JREv3KsoQ==
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Fri, 26 Apr 2024 02:07:32 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x8DC6595A1E09775
                                                                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: e1de1c8e-401e-001f-236f-9a59db000000
                                                                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=178170
                                                                                                                                                                                                                                                                                                                                                          Expires: Sat, 04 May 2024 19:58:06 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:36 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674516.d30557c
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:36 UTC15226INData Raw: 76 61 72 20 57 53 42 3b 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 63 6f 6e 73 74 20 74 3d 22 70 70 5f 22 2c 69 3d 31 30 30 2c 72 3d 32 30 30 3b 63 6c 61 73 73 20 75 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 74 2c 69 29 7b 74 68 69 73 2e 5f 70 61 67 65 3d 74 3b 74 68 69 73 2e 5f 73 65 63 74 69 6f 6e 73 3d 5b 5d 3b 74 68 69 73 2e 5f 73 65 6c 65 63 74 65 64 49 74 65 6d 49 6e 64 65 78 3d 2d 31 3b 74 68 69 73 2e 5f 69 74 65 6d 43 6c 69 63 6b 45 76 65 6e 74 48 61 6e 64 6c 65 72 3d 28 74 2c 69 29 3d 3e 7b 6c 65 74 20 72 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 53 65 6c 65 63 74 69 6f 6e 28 29 3b 72 2e 74 6f 53 74 72 69 6e 67 28 29 26 26 72 2e 66 6f 63 75 73 4e 6f 64 65 3d 3d 69 2e 74 61 72 67 65 74 7c 7c 74 2e 63 6c 69 63 6b 28 6e 2e 67 65 74 43 75 72 72 65 6e 74 54 69
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: var WSB;(function(n){const t="pp_",i=100,r=200;class u{constructor(t,i){this._page=t;this._sections=[];this._selectedItemIndex=-1;this._itemClickEventHandler=(t,i)=>{let r=document.getSelection();r.toString()&&r.focusNode==i.target||t.click(n.getCurrentTi


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          21192.168.2.1649724204.79.197.200443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:36 UTC2234OUTPOST /threshold/xls.aspx HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Origin: https://www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-CH
                                                                                                                                                                                                                                                                                                                                                          Content-type: text/xml
                                                                                                                                                                                                                                                                                                                                                          X-Agent-DeviceId: 01000A4109009A83
                                                                                                                                                                                                                                                                                                                                                          X-BM-CBT: 1714674509
                                                                                                                                                                                                                                                                                                                                                          X-BM-DateFormat: dd/MM/yyyy
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceDimensions: 784x640
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceDimensionsLogical: 784x640
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceScale: 100
                                                                                                                                                                                                                                                                                                                                                          X-BM-DTZ: 120
                                                                                                                                                                                                                                                                                                                                                          X-BM-Market: CH
                                                                                                                                                                                                                                                                                                                                                          X-BM-Theme: 000000;0078d7
                                                                                                                                                                                                                                                                                                                                                          X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                                                                                                                                                                                                                                                                                                                          X-Device-ClientSession: 6EBE75B5BB8C4D8DB7946C9919CFF732
                                                                                                                                                                                                                                                                                                                                                          X-Device-isOptin: false
                                                                                                                                                                                                                                                                                                                                                          X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                                                                                                                                                                                                                                                                          X-Device-OSSKU: 48
                                                                                                                                                                                                                                                                                                                                                          X-Device-Touch: false
                                                                                                                                                                                                                                                                                                                                                          X-DeviceID: 01000A4109009A83
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-ExternalExpType: JointCoord
                                                                                                                                                                                                                                                                                                                                                          X-PositionerType: Desktop
                                                                                                                                                                                                                                                                                                                                                          X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                                                                                                                                                                                                                                                                          X-Search-CortanaAvailableCapabilities: None
                                                                                                                                                                                                                                                                                                                                                          X-Search-SafeSearch: Moderate
                                                                                                                                                                                                                                                                                                                                                          X-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard Time
                                                                                                                                                                                                                                                                                                                                                          X-UserAgeClass: Unknown
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 43779
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:36 UTC16355OUTData Raw: 3c 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 35 30 34 37 45 35 39 34 32 42 42 32 34 36 30 45 41 33 35 42 35 33 43 43 46 37 38 44 44 42 33 44 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 65 6e 74 49 6e 73 74 3c 2f 54 3e 3c 49 47 3e 38 62 33 39 32 36 39 66 61 61 35 65 34 39 62 33 38 38 38 36 63 33 66 30 61 33 65 34 34 38 63 33 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 74 6f 74 61 6c 6e 75 6d 62 65 72 4f 66 45 6e 74 72 69 65 73 22 3a 22 30 22
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <ClientInstRequest><CID>5047E5942BB2460EA35B53CCF78DDB3D</CID><Events><E><T>Event.ClientInst</T><IG>8b39269faa5e49b38886c3f0a3e448c3</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","totalnumberOfEntries":"0"
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:36 UTC16355OUTData Raw: 48 69 73 74 6f 72 79 45 6e 61 62 6c 65 64 22 3a 31 2c 22 77 69 6e 64 6f 77 73 41 63 63 6f 75 6e 74 22 3a 22 33 22 2c 22 6d 73 61 41 63 63 6f 75 6e 74 73 43 6f 75 6e 74 22 3a 30 2c 22 61 61 64 41 63 63 6f 75 6e 74 73 43 6f 75 6e 74 22 3a 30 2c 22 64 61 72 6b 4d 6f 64 65 22 3a 31 2c 22 73 65 61 72 63 68 42 6f 78 49 6e 54 61 73 6b 62 61 72 22 3a 31 2c 22 74 61 73 6b 62 61 72 4f 72 69 65 6e 74 61 74 69 6f 6e 22 3a 34 2c 22 73 6e 72 56 65 72 73 69 6f 6e 22 3a 22 32 30 32 34 2e 30 32 2e 30 36 2e 34 33 33 31 30 33 36 35 22 2c 22 6f 73 53 4b 55 22 3a 22 34 38 22 2c 22 63 69 56 65 72 73 69 6f 6e 22 3a 22 36 35 22 2c 22 64 65 66 61 75 6c 74 42 72 6f 77 73 65 72 22 3a 22 36 22 2c 22 69 73 44 53 42 45 6e 61 62 6c 65 64 42 79 43 6c 69 65 6e 74 22 3a 66 61 6c 73 65 2c
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: HistoryEnabled":1,"windowsAccount":"3","msaAccountsCount":0,"aadAccountsCount":0,"darkMode":1,"searchBoxInTaskbar":1,"taskbarOrientation":4,"snrVersion":"2024.02.06.43310365","osSKU":"48","ciVersion":"65","defaultBrowser":"6","isDSBEnabledByClient":false,
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:36 UTC11069OUTData Raw: 54 53 3e 31 37 31 34 36 37 34 35 31 31 31 33 35 3c 2f 54 53 3e 3c 4f 76 72 3e 3c 72 65 71 75 65 73 74 49 6e 66 6f 20 6b 65 79 3d 22 52 61 77 51 75 65 72 79 22 20 76 61 6c 75 65 3d 22 63 6d 64 22 2f 3e 3c 72 65 71 75 65 73 74 49 6e 66 6f 20 6b 65 79 3d 22 49 73 51 75 65 72 79 22 20 76 61 6c 75 65 3d 22 66 61 6c 73 65 22 2f 3e 3c 72 65 71 75 65 73 74 49 6e 66 6f 20 6b 65 79 3d 22 46 6f 72 6d 22 20 76 61 6c 75 65 3d 22 22 2f 3e 3c 75 73 65 72 49 6e 66 6f 20 6b 65 79 3d 22 41 70 70 4e 61 6d 65 22 20 76 61 6c 75 65 3d 22 53 6d 61 72 74 53 65 61 72 63 68 22 2f 3e 3c 2f 4f 76 72 3e 3c 2f 4d 3e 3c 2f 47 72 6f 75 70 3e 3c 47 72 6f 75 70 3e 3c 4d 3e 3c 49 47 3e 31 39 30 31 35 61 34 32 66 35 62 34 34 64 65 35 39 62 35 38 36 38 63 65 64 31 31 37 30 38 39 36 3c 2f 49
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: TS>1714674511135</TS><Ovr><requestInfo key="RawQuery" value="cmd"/><requestInfo key="IsQuery" value="false"/><requestInfo key="Form" value=""/><userInfo key="AppName" value="SmartSearch"/></Ovr></M></Group><Group><M><IG>19015a42f5b44de59b5868ced1170896</I
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:36 UTC426INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-Ref: Ref A: 979A7D3C408247F1B8B5B985286E111C Ref B: TEB31EDGE0218 Ref C: 2024-05-02T18:28:36Z
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:35 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          22192.168.2.164972523.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:36 UTC746OUTGET /rp/08bnaIBoy_KCL8o_oLnFuWxYOrY.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC903INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 243389
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Content-MD5: dYyzGbnzUkEyDnstv0Pdpg==
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Thu, 25 Apr 2024 19:08:51 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x8DC655B249CDEE3
                                                                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: a951db5a-001e-0072-0164-9a1a64000000
                                                                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=173483
                                                                                                                                                                                                                                                                                                                                                          Expires: Sat, 04 May 2024 18:40:00 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:37 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674517.d305d7f
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC15481INData Raw: 76 61 72 20 57 53 42 3b 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 76 61 72 20 74 3b 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 69 3b 28 66 75 6e 63 74 69 6f 6e 28 69 29 7b 66 75 6e 63 74 69 6f 6e 20 6c 28 29 7b 76 61 72 20 6e 3b 69 66 28 28 6e 3d 65 28 29 29 21 3d 3d 6e 75 6c 6c 26 26 6e 21 3d 3d 76 6f 69 64 20 30 29 72 65 74 75 72 6e 20 6e 2e 69 73 44 61 72 6b 4d 6f 64 65 7d 66 75 6e 63 74 69 6f 6e 20 61 28 29 7b 76 61 72 20 6e 3b 72 65 74 75 72 6e 28 28 6e 3d 65 28 29 29 3d 3d 3d 6e 75 6c 6c 7c 7c 6e 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 6e 2e 65 72 72 6f 72 42 6f 75 6e 64 61 72 79 52 65 73 65 74 4b 65 79 29 7c 7c 30 7d 66 75 6e 63 74 69 6f 6e 20 72 28 29 7b 63 6f 6e 73 74 7b 6d 61 69 6e 50 61 67 65 53 74 61 74 65 3a 6e 7d 3d 6f 28 29
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: var WSB;(function(n){var t;(function(t){var i;(function(i){function l(){var n;if((n=e())!==null&&n!==void 0)return n.isDarkMode}function a(){var n;return((n=e())===null||n===void 0?void 0:n.errorBoundaryResetKey)||0}function r(){const{mainPageState:n}=o()
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC16384INData Raw: 6e 67 74 68 3d 3d 30 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 6c 65 74 20 65 3d 30 2c 63 3d 72 2e 72 65 63 6f 6d 6d 65 6e 64 65 64 50 65 6f 70 6c 65 2e 6c 65 6e 67 74 68 2c 75 3d 31 2c 6f 3d 30 3b 69 66 28 66 29 7b 63 6f 6e 73 74 20 69 3d 72 2e 72 65 63 6f 6d 6d 65 6e 64 65 64 50 65 6f 70 6c 65 2e 6c 65 6e 67 74 68 2c 6c 3d 28 73 3d 66 2e 70 61 67 65 53 69 7a 65 29 21 3d 3d 6e 75 6c 6c 26 26 73 21 3d 3d 76 6f 69 64 20 30 3f 73 3a 28 68 3d 6e 2e 54 65 73 74 48 6f 6f 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 3d 3d 3d 6e 75 6c 6c 7c 7c 6e 2e 54 65 73 74 48 6f 6f 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 6e 2e 54 65 73 74 48 6f 6f 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 2e 6d 73 62 44 73 62 52 65 63 6f 6d 6d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ngth==0)return null;let e=0,c=r.recommendedPeople.length,u=1,o=0;if(f){const i=r.recommendedPeople.length,l=(s=f.pageSize)!==null&&s!==void 0?s:(h=n.TestHookUrlParameters===null||n.TestHookUrlParameters===void 0?void 0:n.TestHookUrlParameters.msbDsbRecomm
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC1828INData Raw: 22 66 65 65 64 22 2c 22 61 72 69 61 2d 6c 61 62 65 6c 22 3a 6e 2e 6d 73 62 44 73 62 48 6f 73 74 2e 67 65 74 4c 6f 63 53 74 72 69 6e 67 28 22 48 65 72 6f 46 69 6c 65 73 54 69 74 6c 65 22 29 7d 2c 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 6e 2e 56 69 65 77 2e 44 53 42 2e 54 65 6d 70 6c 61 74 65 73 2e 4d 65 67 61 43 61 72 6f 75 73 65 6c 43 6f 6d 70 6f 6e 65 6e 74 2c 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 7b 7d 2c 63 29 2c 72 2e 6d 61 70 28 28 6e 2c 74 29 3d 3e 7b 63 6f 6e 73 74 20 72 3d 74 2b 31 3b 72 65 74 75 72 6e 20 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 69 2e 48 65 72 6f 43 61 72 64 52 6f 75 74 65 72 2c 7b 68 65 72 6f 41 6e 73 77 65 72 3a 6e 2c 73 65 74 50 6f 73 69 74 69 6f 6e 3a 72 2c 73 65 74 53 69 7a 65 3a 73
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: "feed","aria-label":n.msbDsbHost.getLocString("HeroFilesTitle")},React.createElement(n.View.DSB.Templates.MegaCarouselComponent,Object.assign({},c),r.map((n,t)=>{const r=t+1;return React.createElement(i.HeroCardRouter,{heroAnswer:n,setPosition:r,setSize:s
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC16384INData Raw: 43 61 72 64 22 2c 22 61 72 69 61 2d 6c 61 62 65 6c 22 3a 6e 2e 6d 73 62 44 73 62 48 6f 73 74 2e 67 65 74 4c 6f 63 53 74 72 69 6e 67 28 22 45 64 75 43 61 72 64 54 69 74 6c 65 22 29 7d 2c 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 69 2e 45 64 75 43 61 72 64 2c 6e 75 6c 6c 29 29 29 2c 66 3d 28 29 3d 3e 7b 63 6f 6e 73 74 20 74 3d 69 2e 75 73 65 45 64 75 41 73 73 69 67 6e 6d 65 6e 74 41 6e 73 77 65 72 28 29 2c 72 3d 69 2e 75 73 65 45 64 75 43 6c 61 73 73 41 6e 73 77 65 72 28 29 3b 72 65 74 75 72 6e 20 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 2c 7b 22 64 61 74 61 2d 72 65 67 69 6f 6e 22 3a 22 45 64 75 22 7d 2c 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 4e 61
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: Card","aria-label":n.msbDsbHost.getLocString("EduCardTitle")},React.createElement(i.EduCard,null))),f=()=>{const t=i.useEduAssignmentAnswer(),r=i.useEduClassAnswer();return React.createElement("div",{"data-region":"Edu"},React.createElement("div",{classNa
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC12120INData Raw: 68 22 2c 7b 64 3a 22 4d 34 20 30 2e 37 36 33 39 36 4c 32 2e 37 35 38 39 36 20 32 2e 30 30 30 35 34 4c 33 2e 39 39 34 36 31 20 33 2e 32 33 37 31 32 4c 33 2e 32 33 31 38 39 20 34 4c 31 2e 39 39 37 33 31 20 32 2e 37 36 33 34 32 4c 30 2e 37 36 32 37 32 36 20 34 4c 30 20 33 2e 32 33 37 31 32 4c 31 2e 32 33 35 36 36 20 32 2e 30 30 30 35 34 4c 30 20 30 2e 37 36 32 38 38 31 4c 30 2e 37 36 32 37 32 36 20 30 4c 31 2e 39 39 37 33 31 20 31 2e 32 33 37 36 36 4c 33 2e 32 33 31 38 39 20 30 4c 34 20 30 2e 37 36 33 39 36 5a 22 2c 66 69 6c 6c 3a 22 77 68 69 74 65 22 7d 29 29 2c 65 2e 73 74 61 74 75 73 3d 3d 22 54 65 6e 74 61 74 69 76 65 22 26 26 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 76 67 22 2c 7b 72 6f 6c 65 3a 22 69 6d 67 22 2c 63 6c 61 73 73
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: h",{d:"M4 0.76396L2.75896 2.00054L3.99461 3.23712L3.23189 4L1.99731 2.76342L0.762726 4L0 3.23712L1.23566 2.00054L0 0.762881L0.762726 0L1.99731 1.23766L3.23189 0L4 0.76396Z",fill:"white"})),e.status=="Tentative"&&React.createElement("svg",{role:"img",class
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC16384INData Raw: 75 74 74 6f 6e 22 2c 7b 72 6f 6c 65 3a 22 6c 69 6e 6b 22 2c 22 61 72 69 61 2d 6c 61 62 65 6c 22 3a 65 28 75 74 2c 6c 2c 6e 2e 6d 73 62 44 73 62 48 6f 73 74 2e 67 65 74 4c 6f 63 53 74 72 69 6e 67 28 22 4f 70 65 6e 49 6e 42 72 6f 77 73 65 72 48 69 6e 74 54 65 78 74 22 29 2c 70 2c 77 29 2c 22 61 72 69 61 2d 70 6f 73 69 6e 73 65 74 22 3a 6f 2c 22 61 72 69 61 2d 73 65 74 73 69 7a 65 22 3a 73 2c 63 6c 61 73 73 4e 61 6d 65 3a 22 6d 73 62 64 73 62 2d 66 69 6c 65 2d 68 65 72 6f 22 2c 69 64 3a 72 74 2c 74 61 62 49 6e 64 65 78 3a 74 2e 54 41 42 5f 4e 41 56 49 47 41 54 49 4f 4e 5f 54 41 42 5f 49 4e 44 45 58 2c 6f 6e 43 6c 69 63 6b 3a 28 29 3d 3e 7b 66 74 28 64 29 7d 7d 2c 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 2c 7b 63 6c 61 73 73
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: utton",{role:"link","aria-label":e(ut,l,n.msbDsbHost.getLocString("OpenInBrowserHintText"),p,w),"aria-posinset":o,"aria-setsize":s,className:"msbdsb-file-hero",id:rt,tabIndex:t.TAB_NAVIGATION_TAB_INDEX,onClick:()=>{ft(d)}},React.createElement("div",{class
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC16384INData Raw: 22 6d 73 62 64 73 62 5f 70 65 72 73 6f 6e 5f 69 63 6f 6e 5f 66 61 6c 6c 62 61 63 6b 22 7d 29 29 7d 72 65 74 75 72 6e 20 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 69 6d 67 22 2c 7b 63 6c 61 73 73 4e 61 6d 65 3a 66 2c 73 72 63 3a 60 64 61 74 61 3a 69 6d 61 67 65 2f 70 6e 67 3b 62 61 73 65 36 34 2c 24 7b 75 7d 60 2c 61 6c 74 3a 73 7d 29 7d 3b 69 2e 48 65 61 64 65 72 53 65 63 74 69 6f 6e 3d 28 29 3d 3e 6e 2e 63 6f 6e 66 69 67 2e 75 73 65 43 6f 62 61 6c 74 43 53 53 3f 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 6c 2c 6e 75 6c 6c 29 3a 6e 75 6c 6c 3b 63 6f 6e 73 74 20 6c 3d 28 29 3d 3e 7b 63 6f 6e 73 74 20 74 3d 69 2e 75 73 65 54 65 6e 61 6e 74 44 69 73 70 6c 61 79 4e 61 6d 65 28 29 2c 72 3d 6e 2e 6d 73 62 44 73 62 48 6f 73
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: "msbdsb_person_icon_fallback"}))}return React.createElement("img",{className:f,src:`data:image/png;base64,${u}`,alt:s})};i.HeaderSection=()=>n.config.useCobaltCSS?React.createElement(l,null):null;const l=()=>{const t=i.useTenantDisplayName(),r=n.msbDsbHos
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC7952INData Raw: 69 66 28 6f 26 26 6e 2e 54 65 73 74 48 6f 6f 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 29 7b 63 6f 6e 73 74 20 6e 3d 60 5b 45 72 72 6f 72 5d 5b 4d 73 62 44 73 62 5d 20 24 7b 65 7d 20 66 61 69 6c 65 64 20 74 6f 20 72 65 6e 64 65 72 3a 20 24 7b 74 7d 60 3b 72 65 74 75 72 6e 20 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 4e 61 6d 65 3a 22 6d 73 62 64 73 62 5f 65 72 72 6f 72 62 6f 75 6e 64 61 72 79 5f 6d 73 69 74 5f 62 6c 6f 63 6b 22 7d 2c 75 2c 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 4e 61 6d 65 3a 22 6d 73 62 64 73 62 5f 65 72 72 6f 72 62 6f 75 6e 64 61 72 79 5f 6d 73 69 74 5f 65 72 72 6f 72 22 7d 2c 6e 29 29 7d 72 65 74 75 72 6e 20 52 65 61 63 74 2e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: if(o&&n.TestHookUrlParameters){const n=`[Error][MsbDsb] ${e} failed to render: ${t}`;return React.createElement("div",{className:"msbdsb_errorboundary_msit_block"},u,React.createElement("div",{className:"msbdsb_errorboundary_msit_error"},n))}return React.
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC16384INData Raw: 74 61 62 49 6e 64 65 78 3a 74 2e 54 41 42 5f 4e 41 56 49 47 41 54 49 4f 4e 5f 54 41 42 5f 49 4e 44 45 58 2c 69 64 3a 60 6d 73 62 5f 64 73 62 5f 70 61 67 69 6e 61 74 69 6f 6e 5f 66 6c 69 70 70 65 72 5f 24 7b 65 7d 5f 24 7b 72 7d 60 2c 63 6c 61 73 73 4e 61 6d 65 3a 60 6d 73 62 5f 64 73 62 5f 70 61 67 69 6e 61 74 69 6f 6e 5f 66 6c 69 70 70 65 72 20 24 7b 6f 7d 60 2c 6f 6e 43 6c 69 63 6b 3a 28 29 3d 3e 7b 6c 28 76 29 7d 2c 22 61 72 69 61 2d 6c 61 62 65 6c 22 3a 79 7d 2c 61 29 2c 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 4e 61 6d 65 3a 22 62 5f 68 69 64 65 22 7d 2c 68 29 29 7d 3b 69 2e 50 61 67 69 6e 61 74 69 6f 6e 46 6c 69 70 70 65 72 73 43 6f 6e 74 72 6f 6c 3d 28 7b 70 61 67 69 6e 61 74 69 6f 6e 49 64 3a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: tabIndex:t.TAB_NAVIGATION_TAB_INDEX,id:`msb_dsb_pagination_flipper_${e}_${r}`,className:`msb_dsb_pagination_flipper ${o}`,onClick:()=>{l(v)},"aria-label":y},a),React.createElement("div",{className:"b_hide"},h))};i.PaginationFlippersControl=({paginationId:
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC8048INData Raw: 74 52 65 71 75 65 73 74 41 73 79 6e 63 28 29 29 2c 61 77 61 69 74 20 74 68 69 73 2e 73 74 6f 72 65 51 75 65 72 79 53 75 67 67 65 73 74 69 6f 6e 73 44 61 74 61 41 73 79 6e 63 28 73 29 29 2c 6e 2e 63 6f 6e 66 69 67 2e 6d 73 62 44 73 62 42 61 64 67 69 6e 67 29 7b 6c 65 74 20 74 3d 61 77 61 69 74 20 6e 2e 6d 73 62 44 73 62 48 6f 73 74 2e 67 65 74 4d 74 48 61 73 4e 65 77 43 6f 6e 74 65 6e 74 41 73 79 6e 63 28 29 3b 74 7c 7c 28 74 3d 21 21 28 6e 2e 54 65 73 74 48 6f 6f 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 3d 3d 3d 6e 75 6c 6c 7c 7c 6e 2e 54 65 73 74 48 6f 6f 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 6e 2e 54 65 73 74 48 6f 6f 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 2e 6d 73 62 44 73 62 42 61 64 67 69 6e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: tRequestAsync()),await this.storeQuerySuggestionsDataAsync(s)),n.config.msbDsbBadging){let t=await n.msbDsbHost.getMtHasNewContentAsync();t||(t=!!(n.TestHookUrlParameters===null||n.TestHookUrlParameters===void 0?void 0:n.TestHookUrlParameters.msbDsbBadgin


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          23192.168.2.1649726204.79.197.222443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC462OUTGET /conf/v2/asgw/fpconfig.min.json?monitorId=asgw HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Origin: https://www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-CH
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: fp.msedge.net
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC429INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,max-age=900
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 18239
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          ETag: "1174736351"
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Request-Context: appId=cid-v1:b183296d-485b-49fc-81c7-a511e61d1309
                                                                                                                                                                                                                                                                                                                                                          X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-Ref: Ref A: 62D8403745C04BEB8EA8C762940EDD97 Ref B: TEB31EDGE0321 Ref C: 2024-05-02T18:28:37Z
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:36 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC3750INData Raw: 7b 22 73 22 3a 35 30 30 30 2c 22 6e 22 3a 33 2c 22 65 22 3a 5b 7b 22 65 22 3a 22 2a 2e 61 7a 72 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 35 30 30 30 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 2a 2e 63 6c 6f 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 32 30 30 30 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 2a 2e 63 6c 6f 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 31 30 30 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 2a 2e 6e 72 62 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 34 32 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 61 66 64 78 74 65 73 74 2e 7a 30 31 2e 61 7a 75 72 65 66 64 2e 6e 65 74 22 2c 22 77 22 3a 35 30 30 2c 22 6d 22 3a 31 7d 2c 7b
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: {"s":5000,"n":3,"e":[{"e":"*.azr.footprintdns.com","w":5000,"m":128},{"e":"*.clo.footprintdns.com","w":2000,"m":1},{"e":"*.clo.footprintdns.com","w":100,"m":128},{"e":"*.nrb.footprintdns.com","w":420,"m":3},{"e":"afdxtest.z01.azurefd.net","w":500,"m":1},{
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC48INData Raw: 6f 6d 22 2c 22 77 22 3a 31 30 30 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 64 6f 68 32 30 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: om","w":100,"m":128},{"e":"doh20prdapp01-canary-
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC4096INData Raw: 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 64 6f 68 32 30 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 64 6f 68 32 31 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 64 6f 68 32 31 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 64 6f 68 32 32 70 72 64 61 70 70 30 31 2d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: opaph.netmon.azure.com","w":3,"m":1},{"e":"doh20prdapp01-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"doh21prdapp01-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"doh21prdapp02-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"doh22prdapp01-
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC4096INData Raw: 22 3a 31 7d 2c 7b 22 65 22 3a 22 69 61 64 30 31 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 69 61 64 32 30 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 6a 67 61 32 30 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 6a 67 61 32 30 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ":1},{"e":"iad01prdapp02-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"iad20prdapp02-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"jga20prdapp01-canary-opaph.netmon.azure.com","w":3,"m":1},{"e":"jga20prdapp01-canary-opaph.netmon.azure.com","w"
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC4096INData Raw: 2c 7b 22 65 22 3a 22 70 61 72 32 30 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 70 61 72 32 31 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 70 61 72 32 31 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 70 61 72 32 32 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 70 61 72 32 33 70 72 64
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ,{"e":"par20prdapp02-canary.netmon.azure.com","w":3,"m":128},{"e":"par21prdapp01-canary.netmon.azure.com","w":3,"m":128},{"e":"par21prdapp02-canary.netmon.azure.com","w":3,"m":128},{"e":"par22prdapp01-canary.netmon.azure.com","w":3,"m":128},{"e":"par23prd
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC2153INData Raw: 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 74 72 69 6e 67 2e 63 6c 6f 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 31 30 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 74 2d 72 69 6e 67 2e 6d 73 65 64 67 65 2e 6e 65 74 22 2c 22 77 22 3a 32 30 30 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 74 2d 72 69 6e 67 2d 66 61 6c 6c 62 61 63 6b 2e 6d 73 65 64 67 65 2e 6e 65 74 22 2c 22 77 22 3a 31 30 30 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 74 2d 72 69 6e 67 2d 66 61 6c 6c 62 61 63 6b 73 31 2e 6d 73 65 64 67 65 2e 6e 65 74 22 2c 22 77 22 3a 32 30 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 74 2d 72 69 6e 67 2d 66 61 6c 6c 62 61 63 6b 73 32 2e 6d 73 65 64 67 65 2e 6e 65 74 22 2c 22 77 22 3a 32 30 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: m":128},{"e":"tring.clo.footprintdns.com","w":100,"m":3},{"e":"t-ring.msedge.net","w":2000,"m":3},{"e":"t-ring-fallback.msedge.net","w":1000,"m":3},{"e":"t-ring-fallbacks1.msedge.net","w":200,"m":3},{"e":"t-ring-fallbacks2.msedge.net","w":200,"m":3},{"e":


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          24192.168.2.164972723.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC746OUTGET /rp/2SI2mtfMtDWaePA1vUq3fLd0D3M.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC902INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 98132
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Content-MD5: sGMZz5Mku/wxerQ082nBPA==
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 30 Apr 2024 22:41:05 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x8DC69669EEC8917
                                                                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: d3ca5d6f-401e-0052-71fe-9b9637000000
                                                                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=349190
                                                                                                                                                                                                                                                                                                                                                          Expires: Mon, 06 May 2024 19:28:27 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:37 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674517.d30674f
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:37 UTC15482INData Raw: 76 61 72 20 57 53 42 3b 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 66 75 6e 63 74 69 6f 6e 20 6e 66 28 6e 2c 69 29 7b 76 61 72 20 72 2c 75 3b 6c 65 74 20 66 3d 5b 5d 3b 69 66 28 69 29 69 66 28 6e 29 66 3d 69 2e 73 6c 69 63 65 28 29 3b 65 6c 73 65 7b 6c 65 74 20 6e 3d 6e 65 77 20 53 65 74 3b 66 6f 72 28 6c 65 74 20 66 3d 30 3b 66 3c 69 2e 6c 65 6e 67 74 68 3b 66 2b 2b 29 7b 6c 65 74 20 65 3d 28 75 3d 28 72 3d 69 5b 66 5d 29 3d 3d 3d 6e 75 6c 6c 7c 7c 72 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 72 2e 76 65 72 62 29 3d 3d 3d 6e 75 6c 6c 7c 7c 75 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 75 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3b 65 26 26 74 5b 65 5d 26 26 6e 2e 61 64 64 28 69 5b 66 5d 29 7d 66 3d 41 72 72 61 79 2e 66 72 6f 6d 28 6e 2e 76
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: var WSB;(function(n){function nf(n,i){var r,u;let f=[];if(i)if(n)f=i.slice();else{let n=new Set;for(let f=0;f<i.length;f++){let e=(u=(r=i[f])===null||r===void 0?void 0:r.verb)===null||u===void 0?void 0:u.toLowerCase();e&&t[e]&&n.add(i[f])}f=Array.from(n.v
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:38 UTC9094INData Raw: 65 64 29 3b 74 3e 2d 31 26 26 28 74 68 69 73 2e 67 72 6f 75 70 73 5b 74 5d 2e 69 73 47 72 6f 75 70 43 6f 6e 74 61 69 6e 65 72 46 75 6c 6c 79 45 78 70 61 6e 64 65 64 3d 21 74 68 69 73 2e 67 72 6f 75 70 73 5b 74 5d 2e 69 73 47 72 6f 75 70 43 6f 6e 74 61 69 6e 65 72 46 75 6c 6c 79 45 78 70 61 6e 64 65 64 2c 74 68 69 73 2e 5f 73 65 6c 65 63 74 65 64 49 74 65 6d 2e 69 73 47 72 6f 75 70 43 6f 6e 74 61 69 6e 65 72 46 75 6c 6c 79 45 78 70 61 6e 64 65 64 3d 74 68 69 73 2e 67 72 6f 75 70 73 5b 74 5d 2e 69 73 47 72 6f 75 70 43 6f 6e 74 61 69 6e 65 72 46 75 6c 6c 79 45 78 70 61 6e 64 65 64 29 7d 3b 6e 2e 48 6f 73 74 2e 62 69 6e 64 53 68 6f 77 6e 28 28 29 3d 3e 7b 74 68 69 73 2e 5f 73 65 6c 65 63 74 65 64 49 74 65 6d 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 6c 61 73 74 4d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ed);t>-1&&(this.groups[t].isGroupContainerFullyExpanded=!this.groups[t].isGroupContainerFullyExpanded,this._selectedItem.isGroupContainerFullyExpanded=this.groups[t].isGroupContainerFullyExpanded)};n.Host.bindShown(()=>{this._selectedItem=null,this._lastM
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:38 UTC16384INData Raw: 67 67 65 73 74 69 6f 6e 73 7c 7c 63 7c 7c 21 74 68 69 73 2e 5f 73 65 6c 65 63 74 65 64 49 74 65 6d 7c 7c 68 7c 7c 74 68 69 73 2e 69 73 53 63 6f 70 65 45 6c 65 6d 65 6e 74 28 74 68 69 73 2e 5f 73 65 6c 65 63 74 65 64 49 74 65 6d 29 29 69 66 28 75 29 7b 69 66 28 6e 2e 52 75 6e 74 69 6d 65 43 6f 6e 66 69 67 2e 50 72 65 76 69 65 77 50 61 6e 65 41 76 61 69 6c 61 62 6c 65 26 26 74 68 69 73 2e 5f 70 72 65 76 69 65 77 50 61 6e 65 26 26 74 68 69 73 2e 5f 73 65 6c 65 63 74 65 64 49 74 65 6d 26 26 21 74 68 69 73 2e 69 73 53 63 6f 70 65 45 6c 65 6d 65 6e 74 28 74 68 69 73 2e 5f 73 65 6c 65 63 74 65 64 49 74 65 6d 29 29 7b 74 68 69 73 2e 5f 70 72 65 76 69 65 77 50 61 6e 65 2e 6f 6e 41 66 74 65 72 4b 65 79 44 6f 77 6e 57 68 65 6e 4e 65 77 53 65 6c 65 63 74 69 6f 6e 28
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ggestions||c||!this._selectedItem||h||this.isScopeElement(this._selectedItem))if(u){if(n.RuntimeConfig.PreviewPaneAvailable&&this._previewPane&&this._selectedItem&&!this.isScopeElement(this._selectedItem)){this._previewPane.onAfterKeyDownWhenNewSelection(
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:38 UTC8192INData Raw: 2e 73 75 67 67 65 73 74 69 6f 6e 73 3d 6e 2e 73 75 67 67 65 73 74 69 6f 6e 73 2e 73 6c 69 63 65 28 30 2c 74 29 7d 29 7d 28 6e 2e 63 6f 6e 66 69 67 2e 6f 70 74 69 6d 69 7a 65 52 65 6e 64 65 72 47 72 6f 75 70 73 7c 7c 21 74 68 69 73 2e 5f 67 72 6f 75 70 52 65 6e 64 65 72 69 6e 67 44 69 73 61 62 6c 65 64 29 26 26 28 28 28 28 69 3d 74 68 69 73 2e 5f 63 6f 6e 74 65 6e 74 51 75 65 72 79 29 3d 3d 3d 6e 75 6c 6c 7c 7c 69 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 69 2e 73 63 6f 70 65 29 3d 3d 6e 2e 53 63 6f 70 65 2e 41 6c 6c 7c 7c 28 28 72 3d 74 68 69 73 2e 5f 63 6f 6e 74 65 6e 74 51 75 65 72 79 29 3d 3d 3d 6e 75 6c 6c 7c 7c 72 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 72 2e 69 73 57 6f 72 6b 53 63 6f 70 65 5a 49 29 29 26 26 74 68 69 73 2e 61 64
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: .suggestions=n.suggestions.slice(0,t)})}(n.config.optimizeRenderGroups||!this._groupRenderingDisabled)&&((((i=this._contentQuery)===null||i===void 0?void 0:i.scope)==n.Scope.All||((r=this._contentQuery)===null||r===void 0?void 0:r.isWorkScopeZI))&&this.ad
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:38 UTC16384INData Raw: 65 6e 64 65 72 54 52 49 63 6f 6e 73 41 73 79 6e 63 22 29 29 29 3a 28 74 26 26 74 68 69 73 2e 5f 72 65 6e 64 65 72 47 72 6f 75 70 73 49 63 6f 6e 73 43 42 73 2e 70 75 73 68 28 74 29 2c 74 68 69 73 2e 5f 72 65 6e 64 65 72 47 72 6f 75 70 73 54 69 6d 65 72 46 6f 72 49 63 6f 6e 73 7c 7c 28 74 68 69 73 2e 5f 72 65 6e 64 65 72 47 72 6f 75 70 73 54 69 6d 65 72 46 6f 72 49 63 6f 6e 73 3d 6e 2e 73 61 66 65 53 65 74 54 69 6d 65 6f 75 74 28 28 29 3d 3e 7b 74 68 69 73 2e 5f 72 65 6e 64 65 72 47 72 6f 75 70 73 54 69 6d 65 72 46 6f 72 49 63 6f 6e 73 3d 6e 75 6c 6c 2c 66 28 29 7d 2c 73 69 2c 22 72 65 6e 64 65 72 47 52 50 49 63 6f 6e 73 41 73 79 6e 63 22 29 29 29 7d 3b 69 66 28 2b 2b 72 2e 69 63 6f 6e 73 50 65 6e 64 69 6e 67 52 65 74 75 72 6e 2c 21 69 2e 73 75 70 70 72 65
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: enderTRIconsAsync"))):(t&&this._renderGroupsIconsCBs.push(t),this._renderGroupsTimerForIcons||(this._renderGroupsTimerForIcons=n.safeSetTimeout(()=>{this._renderGroupsTimerForIcons=null,f()},si,"renderGRPIconsAsync")))};if(++r.iconsPendingReturn,!i.suppre
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:38 UTC8192INData Raw: 2e 41 6c 6c 7d 63 61 74 63 68 28 72 29 7b 72 65 74 75 72 6e 21 31 7d 72 65 74 75 72 6e 21 31 7d 69 73 57 6f 72 6b 55 70 73 65 6c 6c 45 78 70 69 72 65 64 28 74 29 7b 63 6f 6e 73 74 20 69 3d 6e 65 77 20 44 61 74 65 2c 75 3d 69 2e 67 65 74 44 61 74 65 28 29 2c 72 3d 69 2e 67 65 74 54 69 6d 65 28 29 2c 66 3d 69 2e 73 65 74 44 61 74 65 28 75 2b 28 6e 2e 63 6f 6e 66 69 67 2e 6d 73 62 57 6f 72 6b 53 63 6f 70 65 42 61 6e 6e 65 72 45 78 70 69 72 79 49 6e 44 61 79 73 7c 7c 30 29 29 3b 69 66 28 74 26 26 74 2e 65 78 70 69 72 65 44 61 74 65 26 26 21 74 68 69 73 2e 69 73 4f 6c 64 56 65 72 73 69 6f 6e 28 74 2e 76 65 72 73 69 6f 6e 29 29 72 65 74 75 72 6e 20 72 3e 74 2e 69 6d 70 72 65 73 73 69 6f 6e 73 45 78 70 69 72 65 44 61 74 65 26 26 72 3c 74 2e 65 78 70 69 72 65 44
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: .All}catch(r){return!1}return!1}isWorkUpsellExpired(t){const i=new Date,u=i.getDate(),r=i.getTime(),f=i.setDate(u+(n.config.msbWorkScopeBannerExpiryInDays||0));if(t&&t.expireDate&&!this.isOldVersion(t.version))return r>t.impressionsExpireDate&&r<t.expireD
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:38 UTC16384INData Raw: 3d 3d 3d 75 6e 64 65 66 69 6e 65 64 26 26 6e 2e 41 73 79 6e 63 2e 73 61 66 65 43 68 61 69 6e 28 22 67 65 74 4a 75 6d 70 4c 69 73 74 44 65 73 63 72 69 70 74 69 6f 6e 22 2c 28 29 3d 3e 74 2e 6a 75 6d 70 4c 69 73 74 49 74 65 6d 2e 67 65 74 44 65 73 63 72 69 70 74 69 6f 6e 41 73 79 6e 63 28 29 2c 69 3d 3e 7b 74 2e 74 6f 6f 6c 74 69 70 3d 69 2c 74 68 69 73 2e 67 72 6f 75 70 73 2e 73 6f 6d 65 28 69 3d 3e 6e 2e 63 6f 6e 74 61 69 6e 73 28 69 2e 73 75 67 67 65 73 74 69 6f 6e 73 2c 74 29 29 26 26 74 68 69 73 2e 72 65 6e 64 65 72 47 72 6f 75 70 73 28 29 7d 29 7d 74 68 69 73 2e 73 65 74 52 65 6d 6f 76 65 49 63 6f 6e 28 74 29 3b 6c 65 74 20 75 3d 69 28 74 68 69 73 2e 5f 72 65 73 75 6c 74 73 43 6f 75 6e 74 65 72 2e 67 72 6f 75 70 73 2c 72 2e 74 79 70 65 57 69 74 68 53
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ===undefined&&n.Async.safeChain("getJumpListDescription",()=>t.jumpListItem.getDescriptionAsync(),i=>{t.tooltip=i,this.groups.some(i=>n.contains(i.suggestions,t))&&this.renderGroups()})}this.setRemoveIcon(t);let u=i(this._resultsCounter.groups,r.typeWithS
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:38 UTC8020INData Raw: 2e 53 63 6f 70 65 2e 41 6c 6c 7c 7c 6e 2e 63 61 6e 53 68 6f 77 57 6f 72 6b 53 63 6f 70 65 5a 69 50 61 67 65 43 6f 6e 74 65 6e 74 28 74 68 69 73 2e 5f 70 61 72 74 69 61 6c 51 75 65 72 79 29 29 26 26 74 68 69 73 2e 73 6f 72 74 4d 52 55 4c 69 73 74 28 29 2c 6e 2e 63 6f 6e 66 69 67 2e 6f 70 74 69 6d 69 7a 65 52 65 6e 64 65 72 47 72 6f 75 70 73 26 26 74 68 69 73 2e 5f 67 72 6f 75 70 52 65 6e 64 65 72 69 6e 67 44 69 73 61 62 6c 65 64 26 26 28 74 68 69 73 2e 5f 67 72 6f 75 70 52 65 6e 64 65 72 69 6e 67 44 69 73 61 62 6c 65 64 3d 21 31 2c 74 68 69 73 2e 72 65 6e 64 65 72 47 72 6f 75 70 73 28 29 29 2c 31 7d 73 6f 72 74 4d 52 55 4c 69 73 74 28 29 7b 6c 65 74 20 74 3d 74 68 69 73 2e 67 72 6f 75 70 73 2e 66 69 6c 74 65 72 28 74 3d 3e 74 2e 74 79 70 65 3d 3d 6e 2e 47
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: .Scope.All||n.canShowWorkScopeZiPageContent(this._partialQuery))&&this.sortMRUList(),n.config.optimizeRenderGroups&&this._groupRenderingDisabled&&(this._groupRenderingDisabled=!1,this.renderGroups()),1}sortMRUList(){let t=this.groups.filter(t=>t.type==n.G


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          25192.168.2.164972823.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:38 UTC746OUTGET /rp/7_FbKeymGYZ7_-9xcBQEPEV22sg.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:38 UTC902INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 10421
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Content-MD5: TQMeuiFRnkHgKxB9RxF4ug==
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Mon, 15 Jan 2024 10:51:16 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x8DC15B7E646E352
                                                                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: 88e5dd5f-501e-009b-3a86-97dc2e000000
                                                                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=247267
                                                                                                                                                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 15:09:45 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:38 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674518.d306fd7
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:38 UTC10421INData Raw: 76 61 72 20 57 53 42 3b 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 63 6f 6e 73 74 20 68 3d 32 2c 63 3d 35 2c 69 3d 32 30 30 2c 65 3d 38 36 34 65 35 2c 6c 3d 22 2f 6d 73 72 65 77 61 72 64 73 2f 61 70 69 2f 76 31 2f 67 65 74 75 73 65 72 69 6e 66 6f 22 2c 61 3d 22 2f 6d 73 72 65 77 61 72 64 73 2f 61 70 69 2f 76 31 2f 63 6f 64 65 78 65 6c 69 67 69 62 6c 65 22 2c 76 3d 22 68 74 74 70 73 3a 2f 2f 61 63 63 6f 75 6e 74 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 72 65 77 61 72 64 73 3f 72 65 66 3d 57 53 42 22 2c 79 3d 6e 3d 3e 7b 72 65 74 75 72 6e 22 68 74 74 70 73 3a 2f 2f 61 63 63 6f 75 6e 74 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 72 65 77 61 72 64 73 2f 63 72 65 61 74 65 75 73 65 72 3f 70 75 62 6c 3d 43 4f 52 54 49 50 26 63 72 65 61 3d 4d 59 30 31 39 48 26
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: var WSB;(function(n){const h=2,c=5,i=200,e=864e5,l="/msrewards/api/v1/getuserinfo",a="/msrewards/api/v1/codexeligible",v="https://account.microsoft.com/rewards?ref=WSB",y=n=>{return"https://account.microsoft.com/rewards/createuser?publ=CORTIP&crea=MY019H&


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          26192.168.2.164972923.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:38 UTC746OUTGET /rp/9gCRzs8Nm2Gzn_DGoE0Pp_SoJfU.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC902INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 127446
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Content-MD5: OR9OLtAXxjX9mUoteO2+hg==
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Fri, 05 Jan 2024 19:09:43 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x8DC0E21E0244722
                                                                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: 30d1c058-b01e-0024-110b-8a1c7f000000
                                                                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=66433
                                                                                                                                                                                                                                                                                                                                                          Expires: Fri, 03 May 2024 12:55:52 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:39 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674519.d30761d
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC15482INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 6e 2c 74 29 7b 66 75 6e 63 74 69 6f 6e 20 69 28 6e 2c 74 29 7b 72 65 74 75 72 6e 20 4c 6f 63 53 74 72 69 6e 67 4d 61 6e 61 67 65 72 2e 72 65 67 69 73 74 65 72 28 7b 75 69 43 75 6c 74 75 72 65 3a 6e 2c 6e 61 6d 65 3a 22 4d 69 63 72 6f 73 6f 66 74 53 65 61 72 63 68 22 2c 6e 61 6d 65 73 70 61 63 65 3a 22 57 69 6e 64 6f 77 73 53 65 61 72 63 68 42 6f 78 22 7d 2c 7b 48 69 64 65 46 72 6f 6d 52 65 63 65 6e 74 48 69 73 74 6f 72 79 3a 74 5b 30 5d 2c 4d 73 62 46 72 65 45 78 61 6d 70 6c 65 48 65 61 64 65 72 54 65 78 74 3a 74 5b 31 5d 2c 4d 73 62 46 72 65 46 69 6c 65 73 53 70 61 6e 3a 74 5b 32 5d 2c 4d 73 62 46 72 65 46 69 6c 65 73 54 65 78 74 3a 74 5b 33 5d 2c 4d 73 62 46 72 65 46 69 6c 65 73 54 69 74 6c 65 3a 74 5b 34 5d 2c 4d 73 62 46
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: (function(n,t){function i(n,t){return LocStringManager.register({uiCulture:n,name:"MicrosoftSearch",namespace:"WindowsSearchBox"},{HideFromRecentHistory:t[0],MsbFreExampleHeaderText:t[1],MsbFreFilesSpan:t[2],MsbFreFilesText:t[3],MsbFreFilesTitle:t[4],MsbF
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC16384INData Raw: 65 69 78 20 64 65 20 6c 27 68 69 73 74 6f 72 69 61 6c 20 64 65 20 72 65 63 65 72 63 61 22 2c 22 54 72 6f 62 61 72 20 63 6f 73 65 73 20 61 20 6c 61 20 66 61 65 6e 61 20 61 72 61 20 c3 a9 73 20 6d c3 a9 73 20 66 c3 a0 63 69 6c 22 2c 22 6e 6f 6d 20 64 27 61 72 78 69 75 22 2c 22 50 72 6f 76 65 75 20 64 65 20 72 65 63 65 72 63 61 72 22 2c 22 46 69 74 78 65 72 73 22 2c 22 7b 30 7d 2c 20 76 6f 73 20 64 6f 6e 65 6d 20 6c 61 20 62 65 6e 76 69 6e 67 75 64 61 20 61 20 6c 61 20 72 65 63 65 72 63 61 20 6c 61 62 6f 72 61 6c 21 22 2c 22 72 65 63 75 72 73 6f 73 20 69 6e 74 65 72 6e 73 22 2c 22 50 72 6f 76 65 75 20 64 65 20 72 65 63 65 72 63 61 72 22 2c 22 45 6e 6c 6c 61 c3 a7 6f 73 22 2c 22 45 73 63 72 69 76 69 75 20 70 65 72 20 61 20 72 65 63 65 72 63 61 72 20 70 65 72
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: eix de l'historial de recerca","Trobar coses a la faena ara s ms fcil","nom d'arxiu","Proveu de recercar","Fitxers","{0}, vos donem la benvinguda a la recerca laboral!","recursos interns","Proveu de recercar","Enllaos","Escriviu per a recercar per
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC1924INData Raw: 61 20 66 69 6c 65 22 2c 22 4d 67 61 20 4d 65 6e 73 61 68 65 22 2c 2c 22 41 6b 69 6e 67 20 70 72 6f 66 69 6c 65 22 2c 22 4d 67 61 20 6b 61 6d 61 6b 61 69 6c 61 6e 67 20 70 61 67 68 61 68 61 6e 61 70 20 73 61 20 74 72 61 62 61 68 6f 22 2c 22 49 6e 69 72 65 72 65 6b 6f 6d 65 6e 64 61 20 70 61 72 61 20 73 61 20 69 79 6f 22 2c 22 4b 75 6d 70 69 72 6d 61 68 69 6e 20 61 6e 67 20 69 79 6f 6e 67 20 61 63 63 6f 75 6e 74 20 70 61 72 61 20 6d 61 67 68 61 6e 61 70 20 6e 67 20 69 6d 70 6f 72 6d 61 73 79 6f 6e 20 73 61 20 74 72 61 62 61 68 6f 20 6d 75 6c 61 20 73 61 20 7b 30 7d 22 2c 22 50 69 6e 64 75 74 69 6e 20 61 6e 67 20 53 68 69 66 74 2b 45 6e 74 65 72 20 70 61 72 61 20 6d 61 67 68 61 6e 61 70 20 6e 67 20 72 65 73 75 6c 74 61 20 6e 67 20 74 72 61 62 61 68 6f 20 73
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: a file","Mga Mensahe",,"Aking profile","Mga kamakailang paghahanap sa trabaho","Inirerekomenda para sa iyo","Kumpirmahin ang iyong account para maghanap ng impormasyon sa trabaho mula sa {0}","Pindutin ang Shift+Enter para maghanap ng resulta ng trabaho s
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC16384INData Raw: 72 c3 a9 73 75 6c 74 61 74 73 22 5d 29 28 22 67 61 22 2c 5b 22 46 6f 6c 61 69 67 68 20 c3 b3 6e 20 73 74 61 69 72 20 63 68 75 61 72 64 61 69 67 68 22 2c 22 54 c3 a1 20 73 c3 a9 20 6e c3 ad 6f 73 20 c3 a9 61 73 63 61 20 72 75 64 61 c3 ad 20 61 20 61 69 6d 73 69 c3 ba 20 61 67 20 61 6e 20 6f 62 61 69 72 20 61 6e 6f 69 73 22 2c 22 61 69 6e 6d 20 61 6e 20 63 68 6f 6d 68 61 69 64 22 2c 22 42 61 69 6e 20 74 72 69 61 69 6c 20 61 73 20 63 75 61 72 64 61 63 68 20 6c 65 20 68 61 67 68 61 69 64 68 22 2c 22 43 6f 6d 68 61 69 64 22 2c 22 46 c3 a1 69 6c 74 65 20 63 68 75 69 67 20 63 75 61 72 64 61 63 68 20 6f 69 62 72 65 2c 20 7b 30 7d 21 22 2c 22 61 63 6d 68 61 69 6e 6e c3 ad 20 69 6e 6d 68 65 c3 a1 6e 61 63 68 61 22 2c 22 42 61 69 6e 20 74 72 69 61 69 6c 20 61 73 20
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: rsultats"])("ga",["Folaigh n stair chuardaigh","T s nos asca ruda a aimsi ag an obair anois","ainm an chomhaid","Bain triail as cuardach le haghaidh","Comhaid","Filte chuig cuardach oibre, {0}!","acmhainn inmhenacha","Bain triail as
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC12120INData Raw: 81 97 e3 81 a6 e3 80 81 e4 bd 9c e6 a5 ad e7 b5 90 e6 9e 9c e3 82 92 e8 a1 a8 e7 a4 ba e3 81 97 e3 81 be e3 81 99 e3 80 82 22 2c 22 e3 82 a2 e3 82 ab e3 82 a6 e3 83 b3 e3 83 88 e3 82 92 e7 a2 ba e8 aa 8d e3 81 97 e3 81 a6 e3 80 81 e4 bb 95 e4 ba 8b e6 83 85 e5 a0 b1 e3 82 92 e6 a4 9c e7 b4 a2 e3 81 99 e3 82 8b 22 2c 22 e3 81 99 e3 81 b9 e3 81 a6 e8 a1 a8 e7 a4 ba 22 2c 22 e3 81 99 e3 81 b9 e3 81 a6 22 2c 22 e5 89 b2 e3 82 8a e5 bd 93 e3 81 a6 22 2c 2c 22 e4 bc 9a e8 a9 b1 22 2c 22 e3 83 95 e3 82 a1 e3 82 a4 e3 83 ab 22 2c 22 e3 83 a1 e3 83 83 e3 82 bb e3 83 bc e3 82 b8 22 2c 22 e9 80 a3 e7 b5 a1 e5 85 88 22 2c 2c 22 e5 a0 b4 e6 89 80 22 2c 2c 22 e6 8a 98 e3 82 8a e3 81 9f e3 81 9f e3 81 be e3 82 8c e3 81 a6 e3 81 84 e3 81 be e3 81 99 22 2c 22 e4 bd 9c e6
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ","","","","",,"","","","",,"",,"","
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC16384INData Raw: 8b 22 2c 22 e0 a4 ab e0 a4 be e0 a4 af e0 a4 b2 e0 a5 80 22 2c 22 e0 a4 95 e0 a4 be e0 a4 ae 20 e0 a4 b8 e0 a5 8b e0 a4 a6 e0 a4 be e0 a4 82 e0 a4 a4 20 e0 a4 af e0 a5 87 e0 a4 b5 e0 a4 95 e0 a4 be e0 a4 b0 2c 20 7b 30 7d 21 22 2c 22 e0 a4 86 e0 a4 82 e0 a4 a4 e0 a4 b0 e0 a5 80 e0 a4 95 20 e0 a4 b8 e0 a4 be e0 a4 a7 e0 a4 a8 e0 a4 b8 e0 a4 be e0 a4 ae e0 a5 81 e0 a4 97 e0 a5 8d e0 a4 b0 e0 a5 8d e0 a4 af e0 a5 8b 22 2c 22 e0 a4 b8 e0 a5 8b e0 a4 a6 e0 a4 aa e0 a4 be e0 a4 9a e0 a5 8b 20 e0 a4 af e0 a4 a4 e0 a5 8d e0 a4 a8 20 e0 a4 95 e0 a4 b0 e0 a4 9a e0 a5 8b 22 2c 22 e0 a4 b2 e0 a4 bf e0 a4 82 e0 a4 95 22 2c 22 7b 30 7d 20 e0 a4 a4 e0 a4 b2 e0 a5 8d e0 a4 af e0 a4 be e0 a4 a8 20 e0 a4 b2 e0 a5 8b e0 a4 95 e0 a4 be e0 a4 82 e0 a4 95 2c 20 e0 a4 ab e0 a4
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ",""," , {0}!"," "," ","","{0} ,
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC16384INData Raw: 22 5d 29 28 22 6d 73 22 2c 5b 22 53 65 6d 62 75 6e 79 69 6b 61 6e 20 64 61 72 69 70 61 64 61 20 73 65 6a 61 72 61 68 20 63 61 72 69 61 6e 22 2c 22 4d 65 6e 63 61 72 69 20 73 65 73 75 61 74 75 20 64 69 20 74 65 6d 70 61 74 20 6b 65 72 6a 61 20 6b 69 6e 69 20 73 65 6d 61 6b 69 6e 20 6d 75 64 61 68 22 2c 22 6e 61 6d 61 20 66 61 69 6c 22 2c 22 43 75 62 61 20 63 61 72 69 22 2c 22 46 61 69 6c 22 2c 22 53 65 6c 61 6d 61 74 20 64 61 74 61 6e 67 20 6b 65 20 63 61 72 69 61 6e 20 6b 65 72 6a 61 2c 20 7b 30 7d 21 22 2c 22 73 75 6d 62 65 72 20 64 61 6c 61 6d 61 6e 22 2c 22 43 75 62 61 20 63 61 72 69 22 2c 22 50 61 75 74 61 6e 22 2c 22 54 61 69 70 6b 61 6e 20 75 6e 74 75 6b 20 6d 65 6e 63 61 72 69 20 69 6e 64 69 76 69 64 75 2c 20 66 61 69 6c 20 64 61 6e 20 68 61 73 69
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: "])("ms",["Sembunyikan daripada sejarah carian","Mencari sesuatu di tempat kerja kini semakin mudah","nama fail","Cuba cari","Fail","Selamat datang ke carian kerja, {0}!","sumber dalaman","Cuba cari","Pautan","Taipkan untuk mencari individu, fail dan hasi
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC7952INData Raw: 72 61 72 20 72 65 73 75 6c 74 61 64 6f 73 20 65 73 63 6f 6c 61 72 65 73 22 2c 22 61 62 65 72 74 6f 22 2c 22 52 65 73 75 6c 74 61 64 6f 73 20 64 65 20 54 72 61 62 61 6c 68 6f 22 2c 22 56 65 72 20 6d 65 6e 6f 73 22 2c 22 56 65 72 20 6d 61 69 73 22 2c 22 7b 30 7d 20 2d 20 4d 61 69 73 20 72 65 73 75 6c 74 61 64 6f 73 22 5d 29 28 22 71 75 7a 22 2c 5b 22 4d 61 73 6b 61 6e 61 20 74 61 71 77 69 72 69 73 71 61 20 77 69 6c 6c 61 6b 75 71 74 61 20 70 61 6b 61 79 22 2c 22 49 6d 61 6b 75 6e 61 20 73 61 73 61 20 6c 6c 61 6d 6b 61 79 c3 b1 61 20 74 61 72 69 63 68 6b 61 6e 22 2c 22 6b 69 70 75 70 61 20 73 75 74 69 6e 22 2c 22 48 75 6b 74 61 20 6d 61 73 6b 61 79 6b 61 63 68 61 79 22 2c 22 4b 69 70 75 6b 75 6e 61 22 2c 22 41 6c 6c 69 6e 20 71 61 6d 75 79 6e 69 6b 69 20 6c
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: rar resultados escolares","aberto","Resultados de Trabalho","Ver menos","Ver mais","{0} - Mais resultados"])("quz",["Maskana taqwirisqa willakuqta pakay","Imakuna sasa llamkaya tarichkan","kipupa sutin","Hukta maskaykachay","Kipukuna","Allin qamuyniki l
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC16384INData Raw: 2c 22 d0 bd d0 b0 d0 b7 d0 b8 d0 b2 20 d0 b4 d0 b0 d1 82 d0 be d1 82 d0 b5 d0 ba d0 b5 22 2c 22 d0 9f d0 be d0 ba d1 83 d1 88 d0 b0 d1 98 d1 82 d0 b5 20 d0 b4 d0 b0 20 d0 bf d0 be d1 82 d1 80 d0 b0 d0 b6 d0 b8 d1 82 d0 b5 22 2c 22 d0 94 d0 b0 d1 82 d0 be d1 82 d0 b5 d0 ba d0 b5 22 2c 22 d0 94 d0 be d0 b1 d1 80 d0 be d0 b4 d0 be d1 88 d0 bb d0 b8 20 d1 83 20 d1 80 d0 b0 d0 b4 d0 bd d1 83 20 d0 bf d1 80 d0 b5 d1 82 d1 80 d0 b0 d0 b3 d1 83 2c 20 7b 30 7d 21 22 2c 22 d1 83 d0 bd d1 83 d1 82 d1 80 d0 b0 d1 88 d1 9a d0 b8 20 d0 b8 d0 b7 d0 b2 d0 be d1 80 d0 b8 22 2c 22 d0 9f d0 be d0 ba d1 83 d1 88 d0 b0 d1 98 d1 82 d0 b5 20 d0 b4 d0 b0 20 d0 bf d0 be d1 82 d1 80 d0 b0 d0 b6 d0 b8 d1 82 d0 b5 22 2c 22 d0 92 d0 b5 d0 b7 d0 b5 22 2c 22 d0 9e d1 82 d0 ba d1 83 d1
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ," "," ",""," , {0}!"," "," ","","
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC8048INData Raw: d9 86 d8 a7 d9 85 d9 89 20 d9 8a d8 a7 d9 83 d9 89 20 d8 aa db 95 d8 ae db 95 d9 84 d9 84 db 87 d8 b3 d9 89 22 2c 22 d8 a8 db 87 d9 86 d9 89 20 d9 83 d9 89 d8 b1 da af db 88 d8 b2 db 88 d9 be 20 d8 a8 db 90 d9 82 d9 89 da ad 3a 22 2c 22 d9 83 d9 89 d8 b4 d9 89 d9 84 db 95 d8 b1 22 2c 22 d8 a6 d8 a7 d9 84 d8 a7 d9 82 d9 89 d8 af d8 a7 d8 b4 d9 84 d8 a7 d8 b1 22 2c 22 da af db 87 d8 b1 db 87 d9 be d9 be d8 a7 22 2c 22 db 8b db 95 d8 b2 d9 89 d9 be db 95 22 2c 22 db 8b db 95 d8 b2 d9 89 d9 be d9 89 d9 84 d9 89 d8 b1 d9 89 d9 85 22 2c 22 d9 83 d8 a7 d9 84 db 90 d9 86 d8 af d8 a7 d8 b1 22 2c 22 d9 83 d8 a7 d9 84 db 90 d9 86 d8 af d8 a7 d8 b1 d9 89 d9 85 22 2c 22 d8 af db 95 d8 b1 d8 b3 d9 84 db 95 d8 b1 22 2c 22 d8 af db 95 d8 b1 d8 b3 d9 84 d9 89 d8 b1 d9 89
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: "," :","","","","","","","","","


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          27192.168.2.164973023.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC746OUTGET /rp/CDDIF_cKw6SKs1SbFxtJKa_2Odo.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC903INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 227235
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Content-MD5: uiaoeW/AEyGztUbs6EWC1w==
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Mon, 29 Apr 2024 18:44:18 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x8DC687C60BDBC3A
                                                                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: f7ee29b9-d01e-0003-5489-9afc4f000000
                                                                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=189563
                                                                                                                                                                                                                                                                                                                                                          Expires: Sat, 04 May 2024 23:08:02 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:39 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674519.d3080b4
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC15481INData Raw: 76 61 72 20 57 53 42 3b 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 66 75 6e 63 74 69 6f 6e 20 70 28 6e 2c 74 29 7b 72 65 74 75 72 6e 20 6e 3d 3d 3d 74 3f 21 30 3a 6e 26 26 74 3f 64 28 6e 2e 61 74 74 72 69 62 75 74 65 73 2c 74 2e 61 74 74 72 69 62 75 74 65 73 29 26 26 77 28 6e 2e 70 61 72 61 6d 65 74 65 72 73 2c 74 2e 70 61 72 61 6d 65 74 65 72 73 29 3a 21 31 7d 66 75 6e 63 74 69 6f 6e 20 77 28 74 2c 69 29 7b 72 65 74 75 72 6e 20 74 3d 3d 3d 69 3f 21 30 3a 74 26 26 69 3f 74 2e 70 6c 61 63 65 68 6f 6c 64 65 72 54 65 78 74 3d 3d 69 2e 70 6c 61 63 65 68 6f 6c 64 65 72 54 65 78 74 26 26 74 2e 6c 69 67 68 74 47 6c 65 61 6d 44 61 74 61 4f 72 55 72 6c 3d 3d 69 2e 6c 69 67 68 74 47 6c 65 61 6d 44 61 74 61 4f 72 55 72 6c 26 26 74 2e 64 61 72 6b 47 6c 65 61 6d 44 61 74
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: var WSB;(function(n){function p(n,t){return n===t?!0:n&&t?d(n.attributes,t.attributes)&&w(n.parameters,t.parameters):!1}function w(t,i){return t===i?!0:t&&i?t.placeholderText==i.placeholderText&&t.lightGleamDataOrUrl==i.lightGleamDataOrUrl&&t.darkGleamDat
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC16384INData Raw: 73 65 2e 72 65 73 6f 6c 76 65 28 29 29 3b 6e 2e 48 6f 73 74 2e 62 69 6e 64 53 65 61 72 63 68 41 70 70 65 61 72 61 6e 63 65 49 6e 76 6f 6b 65 64 28 61 73 79 6e 63 28 29 3d 3e 7b 76 61 72 20 72 2c 75 2c 66 2c 65 2c 6f 2c 73 3b 6c 65 74 20 74 3d 74 68 69 73 2e 5f 64 73 62 56 69 65 77 4d 6f 64 65 6c 3b 63 6f 6e 73 74 20 69 3d 74 3d 3d 3d 6e 75 6c 6c 7c 7c 74 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 74 2e 67 65 74 53 65 61 72 63 68 41 70 70 65 61 72 61 6e 63 65 47 6c 65 61 6d 43 6f 6e 74 65 6e 74 28 29 2c 68 3d 28 6f 3d 28 65 3d 28 66 3d 28 75 3d 28 72 3d 69 3d 3d 3d 6e 75 6c 6c 7c 7c 69 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 69 2e 67 6c 65 61 6d 44 61 74 61 29 3d 3d 3d 6e 75 6c 6c 7c 7c 72 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: se.resolve());n.Host.bindSearchAppearanceInvoked(async()=>{var r,u,f,e,o,s;let t=this._dsbViewModel;const i=t===null||t===void 0?void 0:t.getSearchAppearanceGleamContent(),h=(o=(e=(f=(u=(r=i===null||i===void 0?void 0:i.gleamData)===null||r===void 0?void 0
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC1962INData Raw: 76 61 72 20 72 2c 66 3b 63 6f 6e 73 74 20 65 3d 6e 2e 41 63 63 65 73 73 54 6f 6b 65 6e 4d 61 6e 61 67 65 72 2e 67 65 74 57 69 6e 64 6f 77 73 41 63 63 6f 75 6e 74 54 79 70 65 28 29 3b 69 66 28 74 68 69 73 2e 6c 6f 67 42 61 63 6b 67 72 6f 75 6e 64 54 61 73 6b 28 60 44 73 62 4d 61 6e 61 67 65 72 5f 70 65 6e 64 52 65 66 72 65 73 68 5f 53 74 61 72 74 5f 24 7b 74 7d 5f 72 65 61 73 6f 6e 5f 24 7b 69 7d 60 29 2c 65 21 3d 30 29 7b 69 66 28 65 21 3d 31 7c 7c 6e 2e 69 73 44 73 62 45 6e 61 62 6c 65 64 46 6f 72 45 6e 74 65 72 70 72 69 73 65 28 29 29 69 66 28 6e 2e 63 6f 6e 66 69 67 2e 6d 73 62 44 73 62 4d 6f 76 65 49 6e 74 65 72 76 61 6c 54 69 6d 65 29 74 68 69 73 2e 72 65 66 72 65 73 68 56 69 65 77 4d 6f 64 65 6c 73 28 74 2c 69 29 3b 65 6c 73 65 20 69 66 28 6e 2e 6d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: var r,f;const e=n.AccessTokenManager.getWindowsAccountType();if(this.logBackgroundTask(`DsbManager_pendRefresh_Start_${t}_reason_${i}`),e!=0){if(e!=1||n.isDsbEnabledForEnterprise())if(n.config.msbDsbMoveIntervalTime)this.refreshViewModels(t,i);else if(n.m
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC16384INData Raw: 74 2e 69 73 49 6e 42 6c 65 6e 64 65 64 4d 6f 64 65 28 29 29 26 26 21 6e 2e 73 68 6f 75 6c 64 44 69 73 70 6c 61 79 4d 73 62 44 73 62 49 6e 57 6f 72 6b 53 63 6f 70 65 28 28 66 3d 74 68 69 73 2e 63 75 72 72 65 6e 74 51 75 65 72 79 29 3d 3d 3d 6e 75 6c 6c 7c 7c 66 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 66 2e 69 73 57 6f 72 6b 53 63 6f 70 65 5a 49 29 3f 28 72 2e 70 75 73 68 28 74 68 69 73 2e 5f 6d 73 62 5f 64 73 62 56 69 65 77 4d 6f 64 65 6c 29 2c 72 2e 70 75 73 68 28 74 68 69 73 2e 5f 64 73 62 56 69 65 77 4d 6f 64 65 6c 29 29 3a 72 2e 70 75 73 68 28 74 68 69 73 2e 5f 6d 73 62 5f 64 73 62 56 69 65 77 4d 6f 64 65 6c 29 3a 6e 2e 69 73 43 6f 6e 73 75 6d 65 72 44 73 62 45 6e 61 62 6c 65 64 46 6f 72 45 6e 74 65 72 70 72 69 73 65 28 29 26 26 28 6e 2e 63
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: t.isInBlendedMode())&&!n.shouldDisplayMsbDsbInWorkScope((f=this.currentQuery)===null||f===void 0?void 0:f.isWorkScopeZI)?(r.push(this._msb_dsbViewModel),r.push(this._dsbViewModel)):r.push(this._msb_dsbViewModel):n.isConsumerDsbEnabledForEnterprise()&&(n.c
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC12120INData Raw: 65 66 69 6e 65 64 2c 6e 2e 6d 73 62 44 73 62 48 6f 73 74 3d 3d 3d 6e 75 6c 6c 7c 7c 6e 2e 6d 73 62 44 73 62 48 6f 73 74 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 6e 2e 6d 73 62 44 73 62 48 6f 73 74 2e 69 73 49 6e 42 6c 65 6e 64 65 64 4d 6f 64 65 28 29 29 29 7d 7d 6c 6f 61 64 44 69 73 6d 69 73 73 65 64 4d 6f 6d 65 6e 74 73 46 72 6f 6d 43 61 63 68 65 28 29 7b 63 6f 6e 73 74 20 74 3d 6e 2e 4c 69 67 68 74 77 65 69 67 68 74 53 74 6f 72 61 67 65 2e 67 65 74 49 74 65 6d 28 74 68 69 73 2e 44 69 73 6d 69 73 73 65 64 4d 6f 6d 65 6e 74 73 53 74 6f 72 61 67 65 4b 65 79 29 3b 69 66 28 74 29 7b 74 68 69 73 2e 64 69 73 6d 69 73 73 65 64 4d 6f 6d 65 6e 74 73 43 6f 6e 74 65 6e 74 43 61 63 68 65 3d 4a 53 4f 4e 2e 70 61 72 73 65 28 74 29 3b 6c 65 74 20 6e 3d 21 31
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: efined,n.msbDsbHost===null||n.msbDsbHost===void 0?void 0:n.msbDsbHost.isInBlendedMode()))}}loadDismissedMomentsFromCache(){const t=n.LightweightStorage.getItem(this.DismissedMomentsStorageKey);if(t){this.dismissedMomentsContentCache=JSON.parse(t);let n=!1
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC16384INData Raw: 72 3c 6e 2e 44 61 74 65 54 69 6d 65 52 65 66 65 72 65 6e 63 65 26 26 6e 2e 6c 6f 67 28 60 67 65 74 43 75 72 72 65 6e 74 44 61 74 65 44 53 42 28 29 20 72 65 74 75 72 6e 20 69 6e 63 6f 72 72 65 63 74 20 74 69 6d 65 21 20 67 65 74 43 75 72 72 65 6e 74 44 61 74 65 44 53 42 28 29 3a 20 27 24 7b 75 7d 27 20 60 29 2c 74 3d 54 68 72 65 73 68 6f 6c 64 55 74 69 6c 69 74 69 65 73 2e 73 65 74 55 72 6c 50 61 72 61 6d 65 74 65 72 28 74 2c 22 63 6c 69 65 6e 74 44 61 74 65 54 69 6d 65 22 2c 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 75 29 29 7d 69 73 56 61 6c 69 64 44 53 42 4d 75 6c 74 69 4d 6f 6d 65 6e 74 73 43 6f 6e 74 65 6e 74 28 74 29 7b 69 66 28 6e 2e 54 65 73 74 48 6f 6f 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 3d 3d 3d 6e 75 6c 6c 7c 7c 6e 2e 54 65
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: r<n.DateTimeReference&&n.log(`getCurrentDateDSB() return incorrect time! getCurrentDateDSB(): '${u}' `),t=ThresholdUtilities.setUrlParameter(t,"clientDateTime",encodeURIComponent(u))}isValidDSBMultiMomentsContent(t){if(n.TestHookUrlParameters===null||n.Te
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC16384INData Raw: 6b 5f 49 6e 76 61 6c 69 64 44 53 42 43 6f 6e 74 65 6e 74 5f 46 61 6c 6c 62 61 63 6b 52 65 71 75 65 73 74 22 2c 22 52 65 71 75 65 73 74 20 55 72 6c 3a 20 22 2b 69 2b 22 3b 20 54 72 61 63 65 49 44 3a 20 22 2b 75 2b 22 3b 20 53 74 61 74 75 73 43 6f 64 65 3a 20 22 2b 28 68 3d 3d 3d 6e 75 6c 6c 7c 7c 68 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 68 2e 73 74 61 74 75 73 29 2b 22 3b 20 44 61 74 61 3a 20 22 2b 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 63 29 29 29 2c 74 3f 74 68 69 73 2e 68 61 6e 64 6c 65 50 61 73 74 4d 6f 6d 65 6e 74 73 46 65 74 63 68 65 64 28 63 2c 65 29 3a 74 68 69 73 2e 68 61 6e 64 6c 65 4d 75 6c 74 69 4d 6f 6d 65 6e 74 73 46 65 74 63 68 65 64 28 63 2c 65 2c 31 29 2c 6e 2e 69 73 44 53 42 46 75 6c 6c 57 69 64 74 68 46 6c 69 67 68 74
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: k_InvalidDSBContent_FallbackRequest","Request Url: "+i+"; TraceID: "+u+"; StatusCode: "+(h===null||h===void 0?void 0:h.status)+"; Data: "+JSON.stringify(c))),t?this.handlePastMomentsFetched(c,e):this.handleMultiMomentsFetched(c,e,1),n.isDSBFullWidthFlight
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC7952INData Raw: 3d 3d 31 26 26 6e 2e 48 6f 73 74 2e 69 73 54 53 49 6e 53 65 61 72 63 68 42 6f 78 41 76 61 69 6c 61 62 6c 65 28 29 26 26 74 3d 3d 30 29 7b 6e 2e 73 65 74 50 6c 61 63 65 68 6f 6c 64 65 72 74 65 78 74 52 6f 74 61 74 65 43 6f 75 6e 74 28 6e 2e 67 65 74 50 6c 61 63 65 68 6f 6c 64 65 72 74 65 78 74 52 6f 74 61 74 65 43 6f 75 6e 74 28 29 2b 31 29 3b 6e 2e 69 73 55 73 65 72 44 69 73 61 62 6c 65 54 53 49 6e 53 65 61 72 63 68 42 6f 78 28 29 7c 7c 28 6e 2e 75 70 64 61 74 65 54 72 65 6e 64 69 6e 67 73 65 61 72 63 68 43 61 63 68 65 53 6f 72 74 28 29 2c 74 68 69 73 2e 75 70 64 61 74 65 50 6c 61 63 65 68 6f 6c 64 65 72 74 65 78 74 28 29 29 3b 72 65 74 75 72 6e 7d 6c 65 74 20 75 3d 21 31 2c 66 3d 28 74 26 36 29 3d 3d 36 3b 69 66 28 74 68 69 73 2e 73 68 6f 75 6c 64 52 65
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ==1&&n.Host.isTSInSearchBoxAvailable()&&t==0){n.setPlaceholdertextRotateCount(n.getPlaceholdertextRotateCount()+1);n.isUserDisableTSInSearchBox()||(n.updateTrendingsearchCacheSort(),this.updatePlaceholdertext());return}let u=!1,f=(t&6)==6;if(this.shouldRe
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC16384INData Raw: 54 79 70 65 3a 28 63 3d 72 3d 3d 3d 6e 75 6c 6c 7c 7c 72 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 72 2e 6d 6f 6d 65 6e 74 4d 65 74 61 64 61 74 61 29 3d 3d 3d 6e 75 6c 6c 7c 7c 63 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 63 2e 4d 6f 6d 65 6e 74 54 79 70 65 2c 68 65 72 6f 54 69 74 6c 65 3a 28 6c 3d 66 3d 3d 3d 6e 75 6c 6c 7c 7c 66 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 66 2e 70 72 6f 70 73 2e 46 69 65 6c 64 73 53 74 6f 72 65 29 3d 3d 3d 6e 75 6c 6c 7c 7c 6c 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 6c 2e 54 69 74 6c 65 2c 73 63 65 6e 61 72 69 6f 3a 28 61 3d 66 3d 3d 3d 6e 75 6c 6c 7c 7c 66 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 66 2e 70 72 6f 70 73 29 3d 3d 3d 6e 75 6c 6c 7c 7c 61 3d 3d 3d 76 6f 69 64 20
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: Type:(c=r===null||r===void 0?void 0:r.momentMetadata)===null||c===void 0?void 0:c.MomentType,heroTitle:(l=f===null||f===void 0?void 0:f.props.FieldsStore)===null||l===void 0?void 0:l.Title,scenario:(a=f===null||f===void 0?void 0:f.props)===null||a===void
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC8048INData Raw: 35 30 38 43 37 2e 33 31 37 30 34 20 33 2e 38 34 31 38 20 37 2e 35 38 39 33 36 20 34 2e 30 32 38 36 35 20 37 2e 38 32 31 35 20 34 2e 32 36 35 36 32 43 38 2e 30 35 33 36 34 20 34 2e 35 30 32 36 20 38 2e 32 33 36 36 37 20 34 2e 37 38 30 36 20 38 2e 33 37 30 36 20 35 2e 30 39 39 36 31 43 38 2e 35 30 34 35 32 20 35 2e 34 31 38 36 32 20 38 2e 35 37 31 34 38 20 35 2e 37 36 30 34 32 20 38 2e 35 37 31 34 38 20 36 2e 31 32 35 43 38 2e 35 37 31 34 38 20 36 2e 34 38 39 35 38 20 38 2e 35 30 34 35 32 20 36 2e 38 33 31 33 38 20 38 2e 33 37 30 36 20 37 2e 31 35 30 33 39 43 38 2e 32 33 36 36 37 20 37 2e 34 36 39 34 20 38 2e 30 35 33 36 34 20 37 2e 37 34 37 34 20 37 2e 38 32 31 35 20 37 2e 39 38 34 33 38 43 37 2e 35 38 39 33 36 20 38 2e 32 32 31 33 35 20 37 2e 33 31 37 30
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 508C7.31704 3.8418 7.58936 4.02865 7.8215 4.26562C8.05364 4.5026 8.23667 4.7806 8.3706 5.09961C8.50452 5.41862 8.57148 5.76042 8.57148 6.125C8.57148 6.48958 8.50452 6.83138 8.3706 7.15039C8.23667 7.4694 8.05364 7.7474 7.8215 7.98438C7.58936 8.22135 7.3170


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          28192.168.2.164973113.107.42.254443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC481OUTGET /apc/trans.gif?dc1aa3056d31478dcc0798188196ffde HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-CH
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: l-ring.msedge.net
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC705INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 43
                                                                                                                                                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 26 Mar 2024 19:19:51 GMT
                                                                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x0DA2C2C0C44B11E89E6C66FF4F731D7D
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Expose-Headers: X-EndPoint, X-FrontEnd, X-UserHostAddress, X-MSEdge-Ref, X-MachineName
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                          X-Endpoint: TEB31r4b
                                                                                                                                                                                                                                                                                                                                                          X-Frontend: AFD
                                                                                                                                                                                                                                                                                                                                                          X-Machinename: TEB31EDGE0306
                                                                                                                                                                                                                                                                                                                                                          X-Userhostaddress: 191.96.150.0
                                                                                                                                                                                                                                                                                                                                                          X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-Ref: Ref A: B1FD4C731BB340CAB6DDA27529D22012 Ref B: TEB31EDGE0306 Ref C: 2024-05-02T18:28:39Z
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:39 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:39 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          29192.168.2.164973213.107.42.254443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC481OUTGET /apc/trans.gif?7bf22ffe445c3280828f728bc0dbb2b3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-CH
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: l-ring.msedge.net
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC705INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 43
                                                                                                                                                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 26 Mar 2024 19:19:51 GMT
                                                                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x0DA2C2C0C44B11E89E6C66FF4F731D7D
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Expose-Headers: X-EndPoint, X-FrontEnd, X-UserHostAddress, X-MSEdge-Ref, X-MachineName
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                          X-Endpoint: TEB31r4b
                                                                                                                                                                                                                                                                                                                                                          X-Frontend: AFD
                                                                                                                                                                                                                                                                                                                                                          X-Machinename: TEB31EDGE0407
                                                                                                                                                                                                                                                                                                                                                          X-Userhostaddress: 191.96.150.0
                                                                                                                                                                                                                                                                                                                                                          X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-Ref: Ref A: DCBD89A6D8EE4629877E671F71F50344 Ref B: TEB31EDGE0407 Ref C: 2024-05-02T18:28:40Z
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:40 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          30192.168.2.164973323.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC746OUTGET /rp/D9FhCSTDySWxlHlhKoVwndhxwR0.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC903INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 100058
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Content-MD5: 4qFt2n0298XfVFlo35ehqQ==
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 30 Apr 2024 22:39:21 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x8DC6966611A76D0
                                                                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: 67893cde-501e-001d-12fe-9b1097000000
                                                                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=349420
                                                                                                                                                                                                                                                                                                                                                          Expires: Mon, 06 May 2024 19:32:20 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:40 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674520.d3089a0
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC15481INData Raw: 76 61 72 20 57 53 42 3b 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 76 61 72 20 74 3b 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 66 75 6e 63 74 69 6f 6e 20 74 28 2e 2e 2e 6e 29 7b 6c 65 74 20 74 3d 5b 5d 3b 66 6f 72 28 6c 65 74 20 69 20 6f 66 20 6e 29 69 66 28 69 29 69 66 28 74 79 70 65 6f 66 20 69 3d 3d 22 73 74 72 69 6e 67 22 29 74 2e 70 75 73 68 28 69 29 3b 65 6c 73 65 20 66 6f 72 28 6c 65 74 20 6e 20 69 6e 20 69 29 69 5b 6e 5d 26 26 74 2e 70 75 73 68 28 6e 29 3b 72 65 74 75 72 6e 20 74 2e 6c 65 6e 67 74 68 3e 30 3f 74 2e 6a 6f 69 6e 28 22 20 22 29 3a 6e 75 6c 6c 7d 66 75 6e 63 74 69 6f 6e 20 69 28 6e 29 7b 72 65 74 75 72 6e 20 54 68 72 65 73 68 6f 6c 64 55 74 69 6c 69 74 69 65 73 2e 67 65 74 55 72 6c 50 61 72 61 6d 65 74 65 72 28 6c 6f 63 61 74 69 6f 6e 2e 73
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: var WSB;(function(n){var t;(function(n){function t(...n){let t=[];for(let i of n)if(i)if(typeof i=="string")t.push(i);else for(let n in i)i[n]&&t.push(n);return t.length>0?t.join(" "):null}function i(n){return ThresholdUtilities.getUrlParameter(location.s
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC9095INData Raw: 3b 28 74 3d 74 68 69 73 2e 70 72 6f 70 73 29 3d 3d 3d 6e 75 6c 6c 7c 7c 74 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 74 2e 6e 6f 74 69 66 79 49 63 6f 6e 50 65 6e 64 69 6e 67 28 69 2c 74 68 69 73 2e 70 72 6f 70 73 2e 69 73 46 69 72 73 74 2c 74 68 69 73 2e 70 72 6f 70 73 2e 77 68 65 72 65 29 3b 74 68 69 73 2e 70 72 6f 70 73 2e 73 75 67 67 65 73 74 69 6f 6e 2e 67 65 74 49 63 6f 6e 28 6e 2e 52 6f 6f 74 56 69 65 77 4d 6f 64 65 6c 2e 67 65 74 49 6d 61 67 65 53 69 7a 65 28 6e 2e 48 6f 73 74 2e 67 65 74 51 75 65 72 79 28 29 2c 74 68 69 73 2e 70 72 6f 70 73 2e 73 75 67 67 65 73 74 69 6f 6e 2c 74 68 69 73 2e 70 72 6f 70 73 2e 69 73 46 69 72 73 74 29 2c 74 3d 3e 7b 6e 2e 70 6f 70 75 6c 61 74 65 49 6d 61 67 65 52 61 74 69 6f 28 74 2c 74 68 69 73 2e 70 72 6f
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ;(t=this.props)===null||t===void 0?void 0:t.notifyIconPending(i,this.props.isFirst,this.props.where);this.props.suggestion.getIcon(n.RootViewModel.getImageSize(n.Host.getQuery(),this.props.suggestion,this.props.isFirst),t=>{n.populateImageRatio(t,this.pro
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC16384INData Raw: 69 73 2e 70 72 6f 70 73 2e 73 75 67 67 65 73 74 69 6f 6e 2e 73 75 70 70 72 65 73 73 65 64 3d 21 30 29 3a 74 68 69 73 2e 73 65 74 53 74 61 74 65 28 7b 73 74 6f 72 65 41 70 70 73 49 6e 73 74 61 6c 6c 65 64 3a 21 31 7d 29 7d 29 7d 72 65 6e 64 65 72 28 29 7b 76 61 72 20 65 2c 6f 2c 73 2c 68 3b 63 6f 6e 73 74 7b 73 75 67 67 65 73 74 69 6f 6e 3a 69 2c 6f 70 65 6e 50 72 65 76 69 65 77 50 61 6e 65 42 75 74 74 6f 6e 3a 61 2c 69 73 53 65 61 72 63 68 48 6f 6d 65 3a 63 2c 74 6f 70 52 65 73 75 6c 74 3a 76 2c 63 6c 69 63 6b 48 61 6e 64 6c 65 72 3a 77 2c 63 6f 6e 74 65 78 74 4d 65 6e 75 48 61 6e 64 6c 65 72 3a 62 2c 77 69 74 68 57 65 62 53 69 62 6c 69 6e 67 3a 6b 7d 3d 74 68 69 73 2e 70 72 6f 70 73 3b 69 66 28 6e 2e 63 6f 6e 66 69 67 2e 65 6e 61 62 6c 65 57 69 6e 53 74
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: is.props.suggestion.suppressed=!0):this.setState({storeAppsInstalled:!1})})}render(){var e,o,s,h;const{suggestion:i,openPreviewPaneButton:a,isSearchHome:c,topResult:v,clickHandler:w,contextMenuHandler:b,withWebSibling:k}=this.props;if(n.config.enableWinSt
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC8192INData Raw: 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 6c 69 22 2c 6e 75 6c 6c 2c 22 20 e2 80 a2 20 22 2c 69 5b 74 5d 2e 74 65 78 74 2c 22 20 22 29 29 3b 6c 65 74 20 6f 3d 28 29 3d 3e 7b 74 79 70 65 6f 66 20 72 2e 66 6f 6f 74 65 72 43 6c 69 63 6b 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 72 2e 66 6f 6f 74 65 72 43 6c 69 63 6b 28 29 3a 6e 2e 53 74 61 74 69 63 48 74 6d 6c 45 6c 65 6d 65 6e 74 73 2e 66 6f 6f 74 65 72 2e 63 6c 69 63 6b 28 29 7d 2c 6c 3d 6e 3d 3e 7b 6e 2e 6b 65 79 3d 3d 3d 22 45 6e 74 65 72 22 26 26 6f 28 29 7d 3b 72 65 74 75 72 6e 20 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 4e 61 6d 65 3a 6e 2e 63 6f 6e 66 69 67 2e 65 64 67 65 54 72 61 6e 73 66 65 72 4f 6e 54 69 6d 65 6f 75 74 3f 22 6f 6e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: act.createElement("li",null," ",i[t].text," "));let o=()=>{typeof r.footerClick=="function"?r.footerClick():n.StaticHtmlElements.footer.click()},l=n=>{n.key==="Enter"&&o()};return React.createElement("div",{className:n.config.edgeTransferOnTimeout?"on
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC16384INData Raw: 73 4e 61 6d 65 3a 74 2e 63 6c 61 73 73 4e 61 6d 65 73 28 22 73 65 63 74 69 6f 6e 49 74 65 6d 20 73 65 6c 65 63 74 61 62 6c 65 22 2c 7b 73 61 5f 68 76 3a 72 2e 73 65 6c 65 63 74 65 64 7d 2c 7b 63 6f 6c 6c 61 70 73 65 64 49 74 65 6d 3a 73 7d 29 2c 6f 6e 43 6c 69 63 6b 3a 74 3d 3e 7b 6f 28 72 2c 74 2e 6e 61 74 69 76 65 45 76 65 6e 74 29 2c 6e 2e 64 69 73 6d 69 73 73 41 70 70 57 68 65 6e 52 75 6e 41 73 41 64 6d 69 6e 28 72 2e 69 64 29 7d 2c 6f 6e 43 6f 6e 74 65 78 74 4d 65 6e 75 3a 75 26 26 65 26 26 66 26 26 28 6e 3d 3e 65 28 66 2c 6e 2e 6e 61 74 69 76 65 45 76 65 6e 74 2c 72 29 29 2c 74 69 74 6c 65 3a 72 2e 74 6f 6f 6c 74 69 70 2c 22 61 72 69 61 2d 73 65 6c 65 63 74 65 64 22 3a 72 2e 73 65 6c 65 63 74 65 64 2c 22 61 72 69 61 2d 6c 61 62 65 6c 22 3a 72 2e 6e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: sName:t.classNames("sectionItem selectable",{sa_hv:r.selected},{collapsedItem:s}),onClick:t=>{o(r,t.nativeEvent),n.dismissAppWhenRunAsAdmin(r.id)},onContextMenu:u&&e&&f&&(n=>e(f,n.nativeEvent,r)),title:r.tooltip,"aria-selected":r.selected,"aria-label":r.n
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC8192INData Raw: 36 45 44 44 22 2c 22 73 74 6f 70 2d 6f 70 61 63 69 74 79 22 3a 22 30 22 7d 29 29 2c 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 6c 69 70 50 61 74 68 22 2c 7b 69 64 3a 60 63 6c 69 70 30 5f 24 7b 6e 7d 60 7d 2c 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 72 65 63 74 22 2c 7b 77 69 64 74 68 3a 22 32 30 22 2c 68 65 69 67 68 74 3a 22 32 30 22 2c 66 69 6c 6c 3a 22 77 68 69 74 65 22 7d 29 29 29 29 7d 7d 74 2e 43 68 61 74 57 69 74 68 42 69 6e 67 49 63 6f 6e 3d 6f 3b 74 2e 53 65 61 72 63 68 43 68 61 74 49 63 6f 6e 3d 69 3b 74 2e 4f 70 74 69 6f 6e 73 43 75 72 73 6f 72 49 63 6f 6e 3d 73 3b 74 2e 41 70 70 53 74 6f 72 65 53 74 61 72 3d 68 3b 74 2e 4f 70 65 6e 49 6e 53 74 6f 72 65 41 70 70 3d 63 3b 74 2e 52 69 67 68 74 41 72 72
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 6EDD","stop-opacity":"0"})),React.createElement("clipPath",{id:`clip0_${n}`},React.createElement("rect",{width:"20",height:"20",fill:"white"}))))}}t.ChatWithBingIcon=o;t.SearchChatIcon=i;t.OptionsCursorIcon=s;t.AppStoreStar=h;t.OpenInStoreApp=c;t.RightArr
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC16384INData Raw: 3d 3e 6e 2e 66 6f 63 75 73 65 64 54 6f 6f 6c 54 69 70 48 61 6e 64 6c 65 72 28 22 23 72 65 77 61 72 64 73 42 61 64 67 65 42 75 74 74 6f 6e 22 2c 22 74 69 74 6c 65 22 2c 6f 29 2c 6f 6e 42 6c 75 72 3a 28 29 3d 3e 6e 2e 66 6f 63 75 73 65 64 54 6f 6f 6c 54 69 70 48 61 6e 64 6c 65 72 28 22 23 72 65 77 61 72 64 73 42 61 64 67 65 42 75 74 74 6f 6e 22 2c 22 74 69 74 6c 65 22 2c 6f 29 2c 22 64 61 74 61 2d 68 22 3a 63 2e 67 65 74 48 56 61 6c 75 65 28 29 2c 69 64 3a 22 72 65 77 61 72 64 73 42 61 64 67 65 42 75 74 74 6f 6e 22 7d 2c 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 4e 61 6d 65 3a 22 73 63 6f 70 65 2d 74 69 6c 65 5f 5f 62 75 74 74 6f 6e 22 7d 2c 74 68 69 73 2e 70 72 6f 70 73 2e 73 68 6f 75 6c 64 53 68 6f 77
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: =>n.focusedToolTipHandler("#rewardsBadgeButton","title",o),onBlur:()=>n.focusedToolTipHandler("#rewardsBadgeButton","title",o),"data-h":c.getHValue(),id:"rewardsBadgeButton"},React.createElement("div",{className:"scope-tile__button"},this.props.shouldShow
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC8192INData Raw: 3b 69 66 28 28 69 2e 62 75 74 74 6f 6e 4d 65 73 73 61 67 65 7c 7c 69 2e 62 75 74 74 6f 6e 43 6c 69 63 6b 48 61 6e 64 6c 65 72 29 26 26 69 2e 73 68 6f 77 42 75 74 74 6f 6e 4d 65 73 73 61 67 65 26 26 69 2e 69 73 4c 69 6e 6b 54 65 78 74 29 7b 6c 65 74 20 72 3d 69 2e 62 75 74 74 6f 6e 49 63 6f 6e 3f 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 70 61 6e 22 2c 6e 75 6c 6c 2c 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 74 2e 49 63 6f 6e 2c 7b 69 63 6f 6e 3a 69 2e 62 75 74 74 6f 6e 49 63 6f 6e 7d 29 29 3a 6e 75 6c 6c 3b 65 3d 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 62 75 74 74 6f 6e 22 2c 7b 69 64 3a 22 46 6c 79 6f 75 74 48 79 70 65 72 4c 69 6e 6b 42 75 74 74 6f 6e 22 2c 63 6c 61 73 73 4e 61 6d 65 3a 22
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ;if((i.buttonMessage||i.buttonClickHandler)&&i.showButtonMessage&&i.isLinkText){let r=i.buttonIcon?React.createElement("span",null,React.createElement(t.Icon,{icon:i.buttonIcon})):null;e=React.createElement("button",{id:"FlyoutHyperLinkButton",className:"
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC1754INData Raw: 3a 67 2c 22 61 72 69 61 2d 6c 69 76 65 22 3a 22 70 6f 6c 69 74 65 22 2c 74 61 62 49 6e 64 65 78 3a 2d 31 2c 63 6c 61 73 73 4e 61 6d 65 3a 74 2e 63 6c 61 73 73 4e 61 6d 65 73 28 22 67 72 6f 75 70 48 65 61 64 65 72 22 2c 22 77 6f 72 6b 53 75 62 56 65 72 74 69 63 61 6c 48 65 61 64 65 72 22 2c 7b 73 61 5f 68 76 3a 21 21 28 72 3d 3d 3d 6e 75 6c 6c 7c 7c 72 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 72 2e 73 65 6c 65 63 74 65 64 53 74 79 6c 65 53 75 73 70 65 6e 64 65 64 29 7d 29 2c 6f 6e 43 6c 69 63 6b 3a 72 74 7d 2c 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 4e 61 6d 65 3a 22 67 72 6f 75 70 54 69 74 6c 65 22 7d 2c 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 70 61 6e 22 2c 6e 75
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: :g,"aria-live":"polite",tabIndex:-1,className:t.classNames("groupHeader","workSubVerticalHeader",{sa_hv:!!(r===null||r===void 0?void 0:r.selectedStyleSuspended)}),onClick:rt},React.createElement("div",{className:"groupTitle"},React.createElement("span",nu


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          31192.168.2.1649734152.199.24.163443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC471OUTGET /apc/trans.gif?be502d8ba45b794bb9a4ed7b34197dc5 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Origin: https://www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-CH
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: static-ecst.licdn.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC629INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
                                                                                                                                                                                                                                                                                                                                                          Age: 298940
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: max-age=604800
                                                                                                                                                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:40 GMT
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Mon, 29 Apr 2024 07:26:20 GMT
                                                                                                                                                                                                                                                                                                                                                          Server: ECAcc (nyd/D170)
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          X-Cache: HIT
                                                                                                                                                                                                                                                                                                                                                          X-CDN: ECST
                                                                                                                                                                                                                                                                                                                                                          X-CDN-CLIENT-IP-VERSION: IPV4
                                                                                                                                                                                                                                                                                                                                                          X-CDN-Proto: HTTP1
                                                                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                          X-Li-Fabric: prod-ltx1
                                                                                                                                                                                                                                                                                                                                                          X-Li-Pop: prod-ltx1-x
                                                                                                                                                                                                                                                                                                                                                          X-LI-Proto: http/1.1
                                                                                                                                                                                                                                                                                                                                                          X-LI-UUID: AAYXNyt4rXuSA2+uJjYV3w==
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 43
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:40 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          32192.168.2.1649735152.199.24.163443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC471OUTGET /apc/trans.gif?fabc2574088505862363021ddafa715f HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Origin: https://www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-CH
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: static-ecst.licdn.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC629INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
                                                                                                                                                                                                                                                                                                                                                          Age: 298941
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: max-age=604800
                                                                                                                                                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:41 GMT
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Mon, 29 Apr 2024 07:26:20 GMT
                                                                                                                                                                                                                                                                                                                                                          Server: ECAcc (nyd/D170)
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          X-Cache: HIT
                                                                                                                                                                                                                                                                                                                                                          X-CDN: ECST
                                                                                                                                                                                                                                                                                                                                                          X-CDN-CLIENT-IP-VERSION: IPV4
                                                                                                                                                                                                                                                                                                                                                          X-CDN-Proto: HTTP1
                                                                                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                          X-Li-Fabric: prod-ltx1
                                                                                                                                                                                                                                                                                                                                                          X-Li-Pop: prod-ltx1-x
                                                                                                                                                                                                                                                                                                                                                          X-LI-Proto: http/1.1
                                                                                                                                                                                                                                                                                                                                                          X-LI-UUID: AAYXNyt4rXuSA2+uJjYV3w==
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 43
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          33192.168.2.164973623.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC746OUTGET /rp/GYWzw6Wnh2goOCGJn_s6AhjfSck.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC900INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 950
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Content-MD5: hGWjNAZWc+tqZIfI2HU52w==
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Thu, 01 Dec 2022 01:47:47 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x8DAD33E0C821321
                                                                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: d1a53682-e01e-0029-78dd-99d4ab000000
                                                                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=115494
                                                                                                                                                                                                                                                                                                                                                          Expires: Sat, 04 May 2024 02:33:35 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:41 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674521.d30918e
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC950INData Raw: 76 61 72 20 57 53 42 3b 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 63 6c 61 73 73 20 74 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 74 29 7b 74 68 69 73 2e 74 61 72 67 65 74 3d 74 3b 6e 2e 48 6f 73 74 2e 62 69 6e 64 42 6f 6f 74 73 74 72 61 70 44 6f 6e 65 28 28 29 3d 3e 7b 6e 2e 48 6f 73 74 2e 62 69 6e 64 4b 65 79 44 6f 77 6e 28 28 69 2c 72 29 3d 3e 7b 74 2e 68 61 73 46 6f 63 75 73 28 29 26 26 28 69 3d 6e 2e 67 65 74 52 74 6c 41 64 6a 75 73 74 65 64 4b 65 79 28 69 29 2c 69 3d 3d 3d 33 37 3f 28 74 68 69 73 2e 6d 6f 76 65 46 6f 63 75 73 28 22 6c 65 66 74 22 2c 69 29 2c 73 6a 5f 70 64 28 72 29 29 3a 69 3d 3d 3d 33 39 3f 28 74 68 69 73 2e 6d 6f 76 65 46 6f 63 75 73 28 22 72 69 67 68 74 22 2c 69 29 2c 73 6a 5f 70 64 28 72 29 29 3a 69 3d 3d 3d 33 38 3f 74 68 69 73 2e 6d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: var WSB;(function(n){class t{constructor(t){this.target=t;n.Host.bindBootstrapDone(()=>{n.Host.bindKeyDown((i,r)=>{t.hasFocus()&&(i=n.getRtlAdjustedKey(i),i===37?(this.moveFocus("left",i),sj_pd(r)):i===39?(this.moveFocus("right",i),sj_pd(r)):i===38?this.m


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          34192.168.2.1649737204.79.197.222443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC1126OUTGET /r.gif?MonitorID=asgw&rid=f71e1e1813109fa99c95fe393109885e&w3c=true&prot=https:&v=20190506&DATA=[{%22RequestID%22:%22mcr-ring.msedge.net%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:-1,%22T%22:1},{%22RequestID%22:%22l-ring.msedge.net%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:531,%22T%22:1},{%22RequestID%22:%22l-ring.msedge.net%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:367,%22T%22:1},{%22RequestID%22:%22static-ecst.licdn.com%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:541,%22T%22:128},{%22RequestID%22:%22static-ecst.licdn.com%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:452,%22T%22:128}] HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Origin: https://www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-CH
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: fp.msedge.net
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC308INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-store
                                                                                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://www.bing.com
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-Ref: Ref A: 8E325C07482944DAA57497B251109311 Ref B: TEB31EDGE0312 Ref C: 2024-05-02T18:28:41Z
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:40 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC12INData Raw: 37 0d 0a 47 49 46 38 39 61 01 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 7GIF89a
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          35192.168.2.164973823.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC746OUTGET /rp/Hf0OW-7cZhzJfNbVB6epX0p5ugo.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC901INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 7460
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Content-MD5: Z3mD/2fvLiuNX2whcej6dQ==
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Thu, 14 Sep 2023 05:48:34 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x8DBB4E63BD96E09
                                                                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: 2514a445-c01e-000f-4cba-936b47000000
                                                                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=218644
                                                                                                                                                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 07:12:45 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:41 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674521.d309700
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:41 UTC7460INData Raw: 76 61 72 20 57 53 42 3b 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 63 6f 6e 73 74 20 69 3d 22 41 6e 61 68 65 69 6d 52 65 73 65 74 44 65 66 61 75 6c 74 55 70 73 65 6c 6c 22 2c 72 3d 22 41 6e 61 68 65 69 6d 52 65 73 65 74 44 65 66 61 75 6c 74 55 70 73 65 6c 6c 44 69 73 6d 69 73 73 65 64 22 2c 75 3d 22 41 6e 61 68 65 69 6d 52 65 73 65 74 44 65 66 61 75 6c 74 52 65 73 75 6c 74 55 70 73 65 6c 6c 46 61 69 6c 22 2c 66 3d 22 41 6e 61 68 65 69 6d 52 65 73 65 74 44 65 66 61 75 6c 74 52 65 73 75 6c 74 55 70 73 65 6c 6c 53 75 63 63 65 73 73 22 2c 65 3d 22 43 6f 64 65 78 55 70 73 65 6c 6c 44 69 73 6d 69 73 73 65 64 22 2c 6f 3d 22 43 6f 64 65 78 55 70 73 65 6c 6c 4c 61 75 6e 63 68 65 64 22 2c 74 3d 38 36 34 65 35 3b 63 6c 61 73 73 20 73 7b 63 6f 6e 73 74 72 75 63 74 6f 72
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: var WSB;(function(n){const i="AnaheimResetDefaultUpsell",r="AnaheimResetDefaultUpsellDismissed",u="AnaheimResetDefaultResultUpsellFail",f="AnaheimResetDefaultResultUpsellSuccess",e="CodexUpsellDismissed",o="CodexUpsellLaunched",t=864e5;class s{constructor


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          36192.168.2.1649740104.21.73.974435916C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:47 UTC67OUTGET /xml/ HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: freegeoip.app
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:47 UTC639INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:47 GMT
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 167
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                                                                                                                                                                                                                                          Expires: Thu, 02 May 2024 19:28:47 GMT
                                                                                                                                                                                                                                                                                                                                                          Location: https://ipbase.com/xml/
                                                                                                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eruQF9Qsg82aj7w6O2enV8cq3gaG%2FljZKDGbRxGMT0nrL6lsCQSbc5fvT62lIpXQGHX0DYWqtNUrs%2F9z5GfYt4ujbZFWNgxLYrClh5%2F3xKmrJ7ZCBx5TDRTg81gB5Sma"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                          CF-RAY: 87da12b56e834225-EWR
                                                                                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:47 UTC167INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          37192.168.2.1649741104.21.85.1894435916C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:47 UTC64OUTGET /xml/ HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: ipbase.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:48 UTC735INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:48 GMT
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Age: 33195
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,max-age=0,must-revalidate
                                                                                                                                                                                                                                                                                                                                                          Cache-Status: "Netlify Edge"; hit
                                                                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                          X-Nf-Request-Id: 01HWX91VRB62HFKR8GDHY4XQAN
                                                                                                                                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnMbT4jwq18HbFnum4fUta7dG2ypaURGsOYC%2BsrAVV4Sciqn6tTWjjUbzyFxJCh1KqcXR1YpaR0iQpjYJ%2BWuAsMIBOBrXTqsy9qogus%2BFDqhtYoep1Cb2LeBs3vi"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                          CF-RAY: 87da12b7f9fa1774-EWR
                                                                                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:48 UTC634INData Raw: 63 30 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: c0a<!DOCTYPE html><html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Page Not Found</title> <link href='https://fonts.googleapis.com
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:48 UTC1369INData Raw: 3a 20 30 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 68 31 20 7b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 32 70 78 3b 0a 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 34 70 78 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2e 6d 61 69 6e 20 7b 0a 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 68 65 69 67 68 74 3a 20 31
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: : 0; } h1 { margin: 0; font-size: 22px; line-height: 24px; } .main { position: relative; display: flex; flex-direction: column; align-items: center; justify-content: center; height: 1
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:48 UTC1086INData Raw: 20 20 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 30 30 37 30 36 37 22 20 64 3d 22 4d 31 31 2e 39 39 39 38 38 33 36 2c 34 2e 30 39 33 37 30 38 30 33 20 4c 38 2e 35 35 38 30 39 35 31 37 2c 37 2e 34 33 32 39 34 39 35 33 20 43 38 2e 32 33 35 33 31 34 35 39 2c 37 2e 37 34 36 31 31 32 39 38 20 38 2e 32 33 35 33 31 34 35 39 2c 38 2e 32 35 33 38 38 37 33 36 20 38 2e 35 35 38 30 39 35 31 37 2c 38 2e 35 36 36 39 33 37 36 39 20 4c 31 32 2c 31 31 2e 39 30 36 32 39 32 31 20 4c 39 2e 38 34 31 38 37 38 37 31 2c 31 34 20 4c 34 2e 32 34 32 30 38 35 34 34 2c 38 2e 35 36 36 39 33 37 35 31 20 43 33 2e 39 31 39 33 30 34 38 35 2c 38 2e 32 35 33 38 38 37 31 39 20 33 2e 39 31 39 33 30 34 38 35 2c 37 2e 37 34 36 31 31 32 38 31 20 34 2e 32 34 32 30 38 35 34 34 2c 37 2e 34 33 32 39 34
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <path fill="#007067" d="M11.9998836,4.09370803 L8.55809517,7.43294953 C8.23531459,7.74611298 8.23531459,8.25388736 8.55809517,8.56693769 L12,11.9062921 L9.84187871,14 L4.24208544,8.56693751 C3.91930485,8.25388719 3.91930485,7.74611281 4.24208544,7.43294
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:48 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          38192.168.2.1649745142.251.35.1644434372C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC627OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: www.google.com
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC1191INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:50 GMT
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Expires: -1
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                                          Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-pAP3x4hNPvN5iu6OSeZzpg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                                                                                                                                                                                                                                                                                                                                          Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                                                                                          Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                                                                                          Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                                                                                          Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                                                                                          Server: gws
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                          Accept-Ranges: none
                                                                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC64INData Raw: 31 31 37 37 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 6e 68 6c 20 74 6f 72 6f 6e 74 6f 20 6d 61 70 6c 65 20 6c 65 61 66 73 22 2c 22 64 61 69 6c 79 20 68 6f 72 6f 73 63 6f 70 65 20 74 6f 64 61 79
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 1177)]}'["",["nhl toronto maple leafs","daily horoscope today
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC1255INData Raw: 22 2c 22 73 74 6f 63 6b 20 6d 61 72 6b 65 74 73 22 2c 22 68 65 6c 6c 64 69 76 65 72 73 20 77 61 72 62 6f 6e 64 73 22 2c 22 63 6f 6c 6c 65 65 6e 20 68 6f 6f 76 65 72 20 76 65 72 69 74 79 20 6d 6f 76 69 65 22 2c 22 63 6f 6c 75 6d 62 75 73 20 63 72 65 77 20 63 6f 6e 63 61 63 61 66 20 63 68 61 6d 70 69 6f 6e 73 20 63 75 70 22 2c 22 75 6e 69 74 65 64 68 65 61 6c 74 68 20 67 72 6f 75 70 20 63 65 6f 20 61 6e 64 72 65 77 20 77 69 74 74 79 22 2c 22 73 61 6e 20 6a 61 63 69 6e 74 6f 20 72 69 76 65 72 20 66 6c 6f 6f 64 69 6e 67 20 63 6f 6e 72 6f 65 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a 66 61
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ","stock markets","helldivers warbonds","colleen hoover verity movie","columbus crew concacaf champions cup","unitedhealth group ceo andrew witty","san jacinto river flooding conroe"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":fa
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC1255INData Raw: 6b 31 52 65 6b 56 43 55 6a 52 6e 4e 58 64 50 4e 58 64 44 51 6a 49 33 4e 6e 4e 61 62 7a 56 46 54 30 6f 7a 55 6c 64 52 65 54 56 48 4f 58 46 68 62 58 42 78 59 56 46 75 54 48 70 4a 65 46 4e 4f 62 55 4e 73 65 57 39 4b 51 32 70 31 5a 6e 52 79 5a 30 70 6d 4e 57 46 7a 51 57 56 6f 54 56 4e 57 52 46 4a 55 63 31 4a 56 59 6d 73 79 64 6c 52 45 61 6b 4a 4a 4b 33 4a 32 4f 55 70 51 57 53 74 32 52 33 55 31 64 55 5a 50 4f 56 68 52 65 6a 41 34 56 6c 4a 4d 56 46 42 4d 52 31 5a 58 59 55 6b 72 59 55 31 72 59 30 31 51 64 55 35 57 62 57 31 70 61 47 64 31 54 6d 52 54 56 6a 6c 54 63 32 70 53 65 56 4e 4d 4f 46 46 46 59 6d 78 33 59 30 55 35 63 7a 6b 76 56 45 67 72 4e 69 74 4f 52 58 6c 54 4c 30 70 55 65 6e 6c 50 57 6c 68 70 62 6d 51 78 57 6c 5a 58 59 6e 46 32 62 32 30 32 64 6c 4a 57
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: k1RekVCUjRnNXdPNXdDQjI3NnNabzVFT0ozUldReTVHOXFhbXBxYVFuTHpJeFNObUNseW9KQ2p1ZnRyZ0pmNWFzQWVoTVNWRFJUc1JVYmsydlREakJJK3J2OUpQWSt2R3U1dUZPOVhRejA4VlJMVFBMR1ZXYUkrYU1rY01QdU5WbW1paGd1TmRTVjlTc2pSeVNMOFFFYmx3Y0U5czkvVEgrNitORXlTL0pUenlPWlhpbmQxWlZXYnF2b202dlJW
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC1255INData Raw: 63 6b 46 30 55 47 6c 50 5a 46 68 57 56 32 56 4c 54 30 39 51 51 6e 6c 6a 4c 7a 46 33 63 30 30 31 4b 33 52 7a 62 6a 41 78 62 48 46 78 64 57 64 6f 56 33 5a 4f 65 69 74 49 57 6e 46 6d 54 55 31 57 64 6d 35 72 56 31 70 76 4e 46 5a 70 51 31 4a 4b 52 31 59 7a 53 33 4a 47 63 30 30 33 53 33 64 5a 5a 55 67 35 4f 57 5a 68 65 55 74 31 56 56 5a 4b 64 54 6c 61 56 48 6c 55 64 6d 56 47 63 44 42 4e 4d 46 49 76 63 6d 46 4e 63 55 45 32 5a 31 4e 42 61 47 52 7a 63 45 38 7a 59 54 4d 7a 64 31 52 75 55 57 4a 78 53 6d 38 77 4e 6e 4a 72 62 58 56 46 51 58 56 44 65 6b 4a 4b 52 31 64 4c 55 6a 52 34 54 6e 56 42 53 55 6c 5a 64 45 6c 6d 65 47 68 70 55 47 49 79 51 54 42 43 4d 6e 5a 6f 52 47 6c 52 54 46 68 6d 5a 6e 63 7a 4d 44 41 35 54 33 4d 35 65 6e 56 73 62 6d 46 50 59 6b 6b 72 52 58 46
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ckF0UGlPZFhWV2VLT09QQnljLzF3c001K3RzbjAxbHFxdWdoV3ZOeitIWnFmTU1Wdm5rV1pvNFZpQ1JKR1YzS3JGc003S3dZZUg5OWZheUt1VVZKdTlaVHlUdmVGcDBNMFIvcmFNcUE2Z1NBaGRzcE8zYTMzd1RuUWJxSm8wNnJrbXVFQXVDekJKR1dLUjR4TnVBSUlZdElmeGhpUGIyQTBCMnZoRGlRTFhmZnczMDA5T3M5enVsbmFPYkkrRXF
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC650INData Raw: 4e 43 77 76 4f 57 6f 76 4e 45 46 42 55 56 4e 72 57 6b 70 53 5a 30 46 43 51 56 46 42 51 55 46 52 51 55 4a 42 51 55 51 76 4d 6e 64 44 52 55 46 42 61 30 64 43 64 32 64 49 51 6d 64 72 53 55 4a 33 5a 30 74 44 5a 32 74 4d 52 46 4a 5a 55 45 52 52 64 30 31 45 55 6e 4e 56 52 6c 4a 42 56 30 6c 43 4d 47 6c 4a 61 55 46 6b 53 48 67 34 61 30 74 45 55 58 4e 4b 51 31 6c 34 53 6e 67 34 5a 6b 78 55 4d 48 52 4e 56 46 55 7a 54 32 70 76 4e 6b 6c 35 63 79 39 53 52 44 67 30 55 58 70 52 4e 55 39 71 59 30 4a 44 5a 32 39 4c 52 46 46 33 54 6b 64 6e 4f 46 42 48 61 6d 4e 73 53 48 6c 56 4d 30 35 36 59 7a 4e 4f 65 6d 4d 7a 54 6e 70 6a 4d 30 35 36 59 7a 4e 4f 65 6d 4d 7a 54 6e 70 6a 4d 30 35 36 59 7a 4e 4f 65 6d 4d 7a 54 6e 70 6a 4d 30 35 36 59 7a 4e 4f 65 6d 4d 7a 54 6e 70 6a 4d 30 35
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: NCwvOWovNEFBUVNrWkpSZ0FCQVFBQUFRQUJBQUQvMndDRUFBa0dCd2dIQmdrSUJ3Z0tDZ2tMRFJZUERRd01EUnNVRlJBV0lCMGlJaUFkSHg4a0tEUXNKQ1l4Sng4ZkxUMHRNVFUzT2pvNkl5cy9SRDg0UXpRNU9qY0JDZ29LRFF3TkdnOFBHamNsSHlVM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM056YzNOemMzTnpjM05
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC92INData Raw: 35 36 0d 0a 62 44 42 74 55 57 6c 4d 52 32 52 72 54 7a 4e 35 54 6b 6c 4c 4d 56 64 43 53 6e 4e 43 5a 6c 6c 69 4d 57 74 6d 52 45 31 77 4e 57 31 4a 57 46 42 61 4b 7a 42 32 5a 46 4d 78 52 6c 5a 6e 55 46 42 69 56 32 38 31 63 57 46 59 55 6a 42 6a 59 55 70 78 64 6c 4e 45 53 45 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 56bDBtUWlMR2RrTzN5TklLMVdCSnNCZlliMWtmRE1wNW1JWFBaKzB2ZFMxRlZnUFBiV281cWFYUjBjYUpxdlNESE
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC1255INData Raw: 36 65 64 0d 0a 52 50 54 46 70 55 52 30 6c 4f 55 54 68 6a 55 54 4a 56 55 45 78 44 52 7a 56 4d 55 58 6b 31 56 6b 68 52 51 6c 45 34 51 32 56 6d 54 44 6c 52 57 6d 6c 7a 61 44 52 72 61 30 39 32 55 54 4e 47 51 30 31 56 4e 57 49 31 52 6e 42 57 5a 54 6c 31 5a 54 4a 73 59 58 5a 44 61 32 39 74 55 6c 64 77 52 46 4a 4b 55 54 52 74 4e 45 70 43 53 44 63 77 57 57 46 69 57 47 38 7a 61 7a 51 31 62 58 52 35 61 56 4a 54 4d 44 4a 73 51 6e 46 34 65 6b 56 5a 52 32 35 59 63 6d 31 45 55 30 39 50 62 32 46 55 62 57 4e 58 62 45 45 34 56 6b 63 78 51 55 52 77 52 46 6c 6d 61 6b 39 7a 62 6c 46 50 53 55 74 6b 64 6b 56 58 63 6b 70 75 62 32 73 79 52 45 5a 6d 64 33 68 4c 64 32 78 68 53 6c 4e 72 52 6d 46 4d 57 46 46 4e 4d 58 64 79 56 57 46 77 4f 48 4a 69 56 6e 42 6a 61 6b 59 79 52 32 74 78
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 6edRPTFpUR0lOUThjUTJVUExDRzVMUXk1VkhRQlE4Q2VmTDlRWmlzaDRra092UTNGQ01VNWI1RnBWZTl1ZTJsYXZDa29tUldwRFJKUTRtNEpCSDcwWWFiWG8zazQ1bXR5aVJTMDJsQnF4ekVZR25Ycm1EU09Pb2FUbWNXbEE4VkcxQURwRFlmak9zblFPSUtkdkVXckpub2syREZmd3hLd2xhSlNrRmFMWFFNMXdyVWFwOHJiVnBjakYyR2tx
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC525INData Raw: 57 57 4e 4b 54 30 4a 36 51 30 38 32 55 56 56 77 5a 56 64 42 55 56 46 6b 54 44 4d 31 5a 58 52 54 65 6d 52 79 57 6c 68 45 4d 56 64 71 4c 7a 4a 52 50 54 30 36 44 45 46 75 5a 48 4a 6c 64 79 42 58 61 58 52 30 65 55 6f 48 49 7a 51 78 4e 32 4a 68 4d 31 4a 57 5a 33 4e 66 63 33 4e 77 50 57 56 4b 65 6d 6f 30 64 45 78 51 4d 56 52 6a 64 31 52 72 4e 55 39 35 65 6b 31 34 57 56 42 53 55 30 78 7a 4d 30 78 4d 52 57 78 4f 65 56 56 6f 54 6e 70 44 62 6b 70 56 52 57 64 32 65 57 6b 34 64 46 56 46 61 45 39 36 56 6d 52 4a 65 6b 56 7a 63 46 4e 70 4d 56 68 4c 54 54 68 7a 53 32 46 72 52 55 46 4b 57 55 70 46 56 6c 46 77 42 67 5c 75 30 30 33 64 5c 75 30 30 33 64 22 2c 22 7a 6c 22 3a 31 30 30 30 32 7d 2c 7b 22 7a 6c 22 3a 31 30 30 30 32 7d 5d 2c 22 67 6f 6f 67 6c 65 3a 73 75 67 67 65
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: WWNKT0J6Q082UVVwZVdBUVFkTDM1ZXRTemRyWlhEMVdqLzJRPT06DEFuZHJldyBXaXR0eUoHIzQxN2JhM1JWZ3Nfc3NwPWVKemo0dExQMVRjd1RrNU95ek14WVBSU0xzM0xMRWxOeVVoTnpDbkpVRWd2eWk4dFVFaE96VmRJekVzcFNpMVhLTThzS2FrRUFKWUpFVlFwBg\u003d\u003d","zl":10002},{"zl":10002}],"google:sugge
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          39192.168.2.1649748142.251.35.1644434372C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC353OUTGET /async/ddljson?async=ntp:2 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: www.google.com
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          40192.168.2.1649750142.251.35.1644434372C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC530OUTGET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: www.google.com
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC1330INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                                                          Location: https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgS_YJbhGOK2z7EGIjAjjzc0KpLY-7r3Zt1oKHg1b8TF9UrLflK1rUdhoyYIQ8IDME4UpsaADktu9wphaQsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
                                                                                                                                                                                                                                                                                                                                                          x-hallmonitor-challenge: CgsI47bPsQYQwviuDhIEv2CW4Q
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                                                                                          Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                                                                                          Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                                                                                                                                                                                                                                                          Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                                                                                          P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:51 GMT
                                                                                                                                                                                                                                                                                                                                                          Server: gws
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 458
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: 1P_JAR=2024-05-02-18; expires=Sat, 01-Jun-2024 18:28:51 GMT; path=/; domain=.google.com; Secure; SameSite=none
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: NID=513=jbhNHd6hRrKfewpRnRajIWMDBY-uPuc_dRf7bRbRpLhgXHCnrl9PVfmSt4AQPhssRLxy-DNRfPu2Bui3Lru7K6I1JzsdtdKKvB9itmjo6U7A6Q4EdM1lxTOEtOq1Tb36tun04YgjOLTAVyhGt7J2_29LC2GyIfv2z1V3vwVuFx0; expires=Fri, 01-Nov-2024 18:28:50 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC458INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 73 6f 72 72 79 2f 69 6e 64 65 78 3f 63 6f 6e 74 69 6e 75 65 3d 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 73 79 6e 63 2f 6e 65 77 74 61 62 5f 6f 67 62 25 33 46 68
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>The document has moved<A HREF="https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fh


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          41192.168.2.1649749142.251.35.1644434372C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:50 UTC353OUTGET /async/newtab_promos HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: www.google.com
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC1249INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                                                          Location: https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgS_YJbhGOK2z7EGIjBdA1YplCEZeuUOmJXWENgzj2WQ5wRvHYOkcPi2CsRT0HinoEMLK94i031zo-8h9NgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
                                                                                                                                                                                                                                                                                                                                                          x-hallmonitor-challenge: CgwI4rbPsQYQtbfq0gMSBL9gluE
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                                                                                          Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                                                                                          Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                                                                                                                                                                                                                                                          Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                                                                                          P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:50 GMT
                                                                                                                                                                                                                                                                                                                                                          Server: gws
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 417
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: 1P_JAR=2024-05-02-18; expires=Sat, 01-Jun-2024 18:28:50 GMT; path=/; domain=.google.com; Secure; SameSite=none
                                                                                                                                                                                                                                                                                                                                                          Set-Cookie: NID=513=G9jvhbqVejzHnCLI4UopSbt5JS8E8BW0_FWyweZHOCZSeGDVdA1uPJFF_lkRsUaeHjeScUzkjKKHzh5ue17WqSGM41ZuL1Ql5HrxFOPqzwIZIUYtVA3aIDfIpytcOoEqUYq9YqMG6HrY6eUarw5k1ml3uiQpCQDXgS0xOIOrf9Y; expires=Fri, 01-Nov-2024 18:28:50 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC6INData Raw: 3c 48 54 4d 4c 3e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <HTML>
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC411INData Raw: 3c 48 45 41 44 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 54 49 54 4c 45 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 33 30 32 20 4d 6f 76 65 64 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 0a 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 73 6f 72 72 79 2f 69 6e 64 65 78 3f 63 6f 6e 74 69 6e 75 65 3d 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 73 79 6e 63 2f 6e 65 77 74 61 62 5f 70 72 6f 6d 6f 73 26 61 6d 70 3b 71 3d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>The document has moved<A HREF="https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&amp;q=


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          42192.168.2.1649753142.251.35.1644434372C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC738OUTGET /sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgS_YJbhGOK2z7EGIjBdA1YplCEZeuUOmJXWENgzj2WQ5wRvHYOkcPi2CsRT0HinoEMLK94i031zo-8h9NgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: www.google.com
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                          Cookie: 1P_JAR=2024-05-02-18; NID=513=G9jvhbqVejzHnCLI4UopSbt5JS8E8BW0_FWyweZHOCZSeGDVdA1uPJFF_lkRsUaeHjeScUzkjKKHzh5ue17WqSGM41ZuL1Ql5HrxFOPqzwIZIUYtVA3aIDfIpytcOoEqUYq9YqMG6HrY6eUarw5k1ml3uiQpCQDXgS0xOIOrf9Y
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC356INHTTP/1.1 429 Too Many Requests
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:51 GMT
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                          Server: HTTP server (unknown)
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 3113
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC899INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 74 69 74 6c 65 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 73 79 6e 63 2f 6e 65 77 74 61 62 5f 70 72 6f 6d 6f 73 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"><meta name="viewport" content="initial-scale=1"><title>https://www.google.com/async/newtab_promos</title></head
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC1255INData Raw: 61 63 6b 20 3d 20 66 75 6e 63 74 69 6f 6e 28 72 65 73 70 6f 6e 73 65 29 20 7b 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 63 61 70 74 63 68 61 2d 66 6f 72 6d 27 29 2e 73 75 62 6d 69 74 28 29 3b 7d 3b 3c 2f 73 63 72 69 70 74 3e 0a 3c 64 69 76 20 69 64 3d 22 72 65 63 61 70 74 63 68 61 22 20 63 6c 61 73 73 3d 22 67 2d 72 65 63 61 70 74 63 68 61 22 20 64 61 74 61 2d 73 69 74 65 6b 65 79 3d 22 36 4c 66 77 75 79 55 54 41 41 41 41 41 4f 41 6d 6f 53 30 66 64 71 69 6a 43 32 50 62 62 64 48 34 6b 6a 71 36 32 59 31 62 22 20 64 61 74 61 2d 63 61 6c 6c 62 61 63 6b 3d 22 73 75 62 6d 69 74 43 61 6c 6c 62 61 63 6b 22 20 64 61 74 61 2d 73 3d 22 63 62 31 4f 55 38 64 74 48 54 30 39 55 6e 72 77 37 53 71 42 5f 76 77 35 2d 58 77 4a 78 51 62 37 55
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ack = function(response) {document.getElementById('captcha-form').submit();};</script><div id="recaptcha" class="g-recaptcha" data-sitekey="6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b" data-callback="submitCallback" data-s="cb1OU8dtHT09Unrw7SqB_vw5-XwJxQb7U
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC959INData Raw: 6f 67 6c 65 20 61 75 74 6f 6d 61 74 69 63 61 6c 6c 79 20 64 65 74 65 63 74 73 20 72 65 71 75 65 73 74 73 20 63 6f 6d 69 6e 67 20 66 72 6f 6d 20 79 6f 75 72 20 63 6f 6d 70 75 74 65 72 20 6e 65 74 77 6f 72 6b 20 77 68 69 63 68 20 61 70 70 65 61 72 20 74 6f 20 62 65 20 69 6e 20 76 69 6f 6c 61 74 69 6f 6e 20 6f 66 20 74 68 65 20 3c 61 20 68 72 65 66 3d 22 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 70 6f 6c 69 63 69 65 73 2f 74 65 72 6d 73 2f 22 3e 54 65 72 6d 73 20 6f 66 20 53 65 72 76 69 63 65 3c 2f 61 3e 2e 20 54 68 65 20 62 6c 6f 63 6b 20 77 69 6c 6c 20 65 78 70 69 72 65 20 73 68 6f 72 74 6c 79 20 61 66 74 65 72 20 74 68 6f 73 65 20 72 65 71 75 65 73 74 73 20 73 74 6f 70 2e 20 20 49 6e 20 74 68 65 20 6d 65 61 6e 74 69 6d 65 2c 20 73 6f 6c 76 69 6e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ogle automatically detects requests coming from your computer network which appear to be in violation of the <a href="//www.google.com/policies/terms/">Terms of Service</a>. The block will expire shortly after those requests stop. In the meantime, solvin


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          43192.168.2.1649754142.251.35.1644434372C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC932OUTGET /sorry/index?continue=https://www.google.com/async/newtab_ogb%3Fhl%3Den-US%26async%3Dfixed:0&hl=en-US&q=EgS_YJbhGOK2z7EGIjAjjzc0KpLY-7r3Zt1oKHg1b8TF9UrLflK1rUdhoyYIQ8IDME4UpsaADktu9wphaQsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: www.google.com
                                                                                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                          X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                          Cookie: 1P_JAR=2024-05-02-18; NID=513=jbhNHd6hRrKfewpRnRajIWMDBY-uPuc_dRf7bRbRpLhgXHCnrl9PVfmSt4AQPhssRLxy-DNRfPu2Bui3Lru7K6I1JzsdtdKKvB9itmjo6U7A6Q4EdM1lxTOEtOq1Tb36tun04YgjOLTAVyhGt7J2_29LC2GyIfv2z1V3vwVuFx0
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC356INHTTP/1.1 429 Too Many Requests
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:51 GMT
                                                                                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                          Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                          Server: HTTP server (unknown)
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 3185
                                                                                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC899INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 74 69 74 6c 65 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 73 79 6e 63 2f 6e 65 77 74 61 62 5f 6f 67 62 3f 68 6c 3d 65 6e 2d 55 53 26 61 6d 70 3b 61 73 79
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"><meta name="viewport" content="initial-scale=1"><title>https://www.google.com/async/newtab_ogb?hl=en-US&amp;asy
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC1255INData Raw: 0a 3c 73 63 72 69 70 74 3e 76 61 72 20 73 75 62 6d 69 74 43 61 6c 6c 62 61 63 6b 20 3d 20 66 75 6e 63 74 69 6f 6e 28 72 65 73 70 6f 6e 73 65 29 20 7b 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 63 61 70 74 63 68 61 2d 66 6f 72 6d 27 29 2e 73 75 62 6d 69 74 28 29 3b 7d 3b 3c 2f 73 63 72 69 70 74 3e 0a 3c 64 69 76 20 69 64 3d 22 72 65 63 61 70 74 63 68 61 22 20 63 6c 61 73 73 3d 22 67 2d 72 65 63 61 70 74 63 68 61 22 20 64 61 74 61 2d 73 69 74 65 6b 65 79 3d 22 36 4c 66 77 75 79 55 54 41 41 41 41 41 4f 41 6d 6f 53 30 66 64 71 69 6a 43 32 50 62 62 64 48 34 6b 6a 71 36 32 59 31 62 22 20 64 61 74 61 2d 63 61 6c 6c 62 61 63 6b 3d 22 73 75 62 6d 69 74 43 61 6c 6c 62 61 63 6b 22 20 64 61 74 61 2d 73 3d 22 51 44 72 67 58 43 37 4c 72
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <script>var submitCallback = function(response) {document.getElementById('captcha-form').submit();};</script><div id="recaptcha" class="g-recaptcha" data-sitekey="6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b" data-callback="submitCallback" data-s="QDrgXC7Lr
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:51 UTC1031INData Raw: 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 65 6d 3b 22 3e 0a 54 68 69 73 20 70 61 67 65 20 61 70 70 65 61 72 73 20 77 68 65 6e 20 47 6f 6f 67 6c 65 20 61 75 74 6f 6d 61 74 69 63 61 6c 6c 79 20 64 65 74 65 63 74 73 20 72 65 71 75 65 73 74 73 20 63 6f 6d 69 6e 67 20 66 72 6f 6d 20 79 6f 75 72 20 63 6f 6d 70 75 74 65 72 20 6e 65 74 77 6f 72 6b 20 77 68 69 63 68 20 61 70 70 65 61 72 20 74 6f 20 62 65 20 69 6e 20 76 69 6f 6c 61 74 69 6f 6e 20 6f 66 20 74 68 65 20 3c 61 20 68 72 65 66 3d 22 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 70 6f 6c 69 63 69 65 73 2f 74 65 72 6d 73 2f 22 3e 54 65 72 6d 73 20 6f 66 20 53 65 72 76 69 63 65 3c 2f 61 3e 2e 20 54 68 65 20 62 6c 6f 63 6b 20 77 69 6c 6c 20 65 78 70 69 72 65 20 73 68 6f 72 74 6c 79 20 61 66 74
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ; line-height:1.4em;">This page appears when Google automatically detects requests coming from your computer network which appear to be in violation of the <a href="//www.google.com/policies/terms/">Terms of Service</a>. The block will expire shortly aft


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          44192.168.2.1649739204.79.197.200443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:55 UTC2233OUTPOST /threshold/xls.aspx HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Origin: https://www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Accept-Language: en-CH
                                                                                                                                                                                                                                                                                                                                                          Content-type: text/xml
                                                                                                                                                                                                                                                                                                                                                          X-Agent-DeviceId: 01000A4109009A83
                                                                                                                                                                                                                                                                                                                                                          X-BM-CBT: 1714674509
                                                                                                                                                                                                                                                                                                                                                          X-BM-DateFormat: dd/MM/yyyy
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceDimensions: 784x640
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceDimensionsLogical: 784x640
                                                                                                                                                                                                                                                                                                                                                          X-BM-DeviceScale: 100
                                                                                                                                                                                                                                                                                                                                                          X-BM-DTZ: 120
                                                                                                                                                                                                                                                                                                                                                          X-BM-Market: CH
                                                                                                                                                                                                                                                                                                                                                          X-BM-Theme: 000000;0078d7
                                                                                                                                                                                                                                                                                                                                                          X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                                                                                                                                                                                                                                                                                                                          X-Device-ClientSession: 6EBE75B5BB8C4D8DB7946C9919CFF732
                                                                                                                                                                                                                                                                                                                                                          X-Device-isOptin: false
                                                                                                                                                                                                                                                                                                                                                          X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                                                                                                                                                                                                                                                                          X-Device-OSSKU: 48
                                                                                                                                                                                                                                                                                                                                                          X-Device-Touch: false
                                                                                                                                                                                                                                                                                                                                                          X-DeviceID: 01000A4109009A83
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-ExternalExp: d-thshld42,dsbdailyset_c,expmegaclick_cf,hashexpt3,iffsqloptwin10c,msbdsbedu9cf,wsbqfnewsynonym,wsbref-t,wsbswgc-t2
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-ExternalExpType: JointCoord
                                                                                                                                                                                                                                                                                                                                                          X-PositionerType: Desktop
                                                                                                                                                                                                                                                                                                                                                          X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                                                                                                                                                                                                                                                                          X-Search-CortanaAvailableCapabilities: None
                                                                                                                                                                                                                                                                                                                                                          X-Search-SafeSearch: Moderate
                                                                                                                                                                                                                                                                                                                                                          X-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard Time
                                                                                                                                                                                                                                                                                                                                                          X-UserAgeClass: Unknown
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: www.bing.com
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 6355
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:55 UTC6355OUTData Raw: 3c 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 35 30 34 37 45 35 39 34 32 42 42 32 34 36 30 45 41 33 35 42 35 33 43 43 46 37 38 44 44 42 33 44 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 63 6b 3c 2f 54 3e 3c 49 47 3e 31 39 30 31 35 61 34 32 66 35 62 34 34 64 65 35 39 62 35 38 36 38 63 65 64 31 31 37 30 38 39 36 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 41 70 70 4e 53 22 3a 22 53 6d 61 72 74 53 65 61 72 63 68 22 2c 22 4b 22 3a 22 31 30 30 31
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <ClientInstRequest><CID>5047E5942BB2460EA35B53CCF78DDB3D</CID><Events><E><T>Event.Click</T><IG>19015a42f5b44de59b5868ced1170896</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","AppNS":"SmartSearch","K":"1001
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC426INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                                                                                          X-MSEdge-Ref: Ref A: 3B312CFAF08C488D89C83909B4906A9B Ref B: TEB31EDGE0106 Ref C: 2024-05-02T18:28:55Z
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:55 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          45192.168.2.164975823.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC746OUTGET /rp/I3PZeaYUKrumYZUAQr439U2Zzi4.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC903INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 168505
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Content-MD5: Ugbc2DL8qAKuwfHYyKsBog==
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 30 Apr 2024 15:10:50 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x8DC6927B8CE2D69
                                                                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: de606931-d01e-0071-403a-9bfb00000000
                                                                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=265485
                                                                                                                                                                                                                                                                                                                                                          Expires: Sun, 05 May 2024 20:13:41 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:56 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674536.d31470c
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC928INData Raw: 76 61 72 20 57 53 42 3b 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6c 65 74 20 72 3b 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6e 5b 6e 2e 52 65 73 70 6f 6e 73 65 4a 73 6f 6e 50 61 72 73 65 45 72 72 6f 72 3d 2d 32 5d 3d 22 52 65 73 70 6f 6e 73 65 4a 73 6f 6e 50 61 72 73 65 45 72 72 6f 72 22 3b 6e 5b 6e 2e 52 65 61 64 52 65 73 70 6f 6e 73 65 45 72 72 6f 72 3d 2d 33 5d 3d 22 52 65 61 64 52 65 73 70 6f 6e 73 65 45 72 72 6f 72 22 3b 6e 5b 6e 2e 52 65 61 64 45 72 72 6f 72 53 74 61 74 75 73 52 65 73 70 6f 6e 73 65 45 72 72 6f 72 3d 2d 34 5d 3d 22 52 65 61 64 45 72 72 6f 72 53 74 61 74 75 73 52 65 73 70 6f 6e 73 65 45 72 72 6f 72 22 3b 6e 5b 6e 2e 4e 6f 54 6f 6b 65 6e 3d 2d 35 5d 3d 22 4e 6f 54 6f 6b 65 6e 22 3b 6e 5b 6e 2e 46 65 74 63 68 45 72 72 6f 72 3d 2d 36 5d 3d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: var WSB;(function(n){let r;(function(n){n[n.ResponseJsonParseError=-2]="ResponseJsonParseError";n[n.ReadResponseError=-3]="ReadResponseError";n[n.ReadErrorStatusResponseError=-4]="ReadErrorStatusResponseError";n[n.NoToken=-5]="NoToken";n[n.FetchError=-6]=
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC16384INData Raw: 32 65 36 3b 63 6f 6e 73 74 20 75 3d 35 30 3b 6e 2e 5a 69 52 65 63 6f 6d 6d 65 6e 64 65 64 44 6f 63 73 52 65 73 75 6c 74 73 43 6f 75 6e 74 3d 33 3b 63 6c 61 73 73 20 69 7b 73 74 61 74 69 63 20 69 6e 69 74 28 29 7b 74 68 69 73 2e 69 73 4d 73 62 53 75 70 70 6f 72 74 65 64 28 29 26 26 28 6e 2e 6d 73 62 48 6f 73 74 3d 6e 65 77 20 69 29 7d 73 74 61 74 69 63 20 69 73 4d 73 62 53 75 70 70 6f 72 74 65 64 28 29 7b 72 65 74 75 72 6e 20 6e 2e 52 75 6e 74 69 6d 65 43 6f 6e 66 69 67 2e 45 6e 74 72 79 50 6f 69 6e 74 41 70 70 3d 3d 30 26 26 21 28 6e 2e 4d 6f 63 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 3d 3d 3d 6e 75 6c 6c 7c 7c 6e 2e 4d 6f 63 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 6e 2e 4d 6f 63 6b 55 72 6c 50 61 72
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 2e6;const u=50;n.ZiRecommendedDocsResultsCount=3;class i{static init(){this.isMsbSupported()&&(n.msbHost=new i)}static isMsbSupported(){return n.RuntimeConfig.EntryPointApp==0&&!(n.MockUrlParameters===null||n.MockUrlParameters===void 0?void 0:n.MockUrlPar
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC8192INData Raw: 6e 64 69 63 61 74 6f 72 45 6e 61 62 6c 65 64 57 57 7c 7c 6e 2e 63 6f 6e 66 69 67 2e 6d 73 62 57 6f 72 6b 53 63 6f 70 65 42 61 6e 6e 65 72 49 6e 64 69 63 61 74 6f 72 45 6e 61 62 6c 65 64 26 26 6e 2e 6d 73 62 48 6f 73 74 2e 69 73 4d 73 62 49 6e 74 65 72 6e 61 6c 54 65 6e 61 6e 74 28 29 29 26 26 74 68 69 73 2e 69 73 57 6f 72 6b 53 63 6f 70 65 41 70 70 6c 69 63 61 62 6c 65 28 29 26 26 28 21 6e 2e 4d 6f 63 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 7c 7c 28 6e 2e 4d 6f 63 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 3d 3d 3d 6e 75 6c 6c 7c 7c 6e 2e 4d 6f 63 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 6e 2e 4d 6f 63 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 2e 73 68 6f 77 57 6f 72 6b 55 70 73 65 6c 6c 29 29 3a 6e 2e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ndicatorEnabledWW||n.config.msbWorkScopeBannerIndicatorEnabled&&n.msbHost.isMsbInternalTenant())&&this.isWorkScopeApplicable()&&(!n.MockUrlParameters||(n.MockUrlParameters===null||n.MockUrlParameters===void 0?void 0:n.MockUrlParameters.showWorkUpsell)):n.
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC16384INData Raw: 73 62 41 70 69 45 6e 76 28 6e 29 7b 72 65 74 75 72 6e 20 6e 3d 3d 31 3f 22 70 72 6f 64 5f 67 63 63 22 3a 6e 3d 3d 32 3f 22 70 72 6f 64 5f 67 63 63 68 22 3a 75 6e 64 65 66 69 6e 65 64 7d 61 73 79 6e 63 20 61 64 64 4d 73 62 55 73 65 72 49 6e 66 6f 50 61 72 61 6d 65 74 65 72 54 6f 55 72 6c 41 73 79 6e 63 28 74 29 7b 69 66 28 21 74 7c 7c 74 79 70 65 6f 66 20 63 72 79 70 74 6f 21 3d 22 6f 62 6a 65 63 74 22 29 72 65 74 75 72 6e 20 5f 77 2e 62 66 62 57 73 62 54 65 6c 26 26 62 66 62 57 73 62 54 65 6c 2e 6c 6f 67 45 72 72 6f 72 28 22 57 73 62 20 61 64 64 20 75 73 65 72 20 69 6e 66 6f 20 74 6f 20 55 52 4c 20 65 72 72 6f 72 22 2c 60 4e 6f 20 22 77 69 6e 64 6f 77 2e 63 72 79 70 74 6f 22 20 6f 62 6a 65 63 74 60 29 2c 74 3b 63 6f 6e 73 74 20 69 3d 6e 2e 6d 73 62 48 6f
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: sbApiEnv(n){return n==1?"prod_gcc":n==2?"prod_gcch":undefined}async addMsbUserInfoParameterToUrlAsync(t){if(!t||typeof crypto!="object")return _w.bfbWsbTel&&bfbWsbTel.logError("Wsb add user info to URL error",`No "window.crypto" object`),t;const i=n.msbHo
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC8192INData Raw: 6f 72 79 43 61 63 68 65 64 49 6e 66 6f 28 29 7d 29 3b 74 2e 62 69 6e 64 41 63 63 6f 75 6e 74 54 79 70 65 73 43 68 61 6e 67 65 64 28 28 29 3d 3e 7b 74 68 69 73 2e 68 61 6e 64 6c 65 41 63 63 6f 75 6e 74 54 79 70 65 43 68 61 6e 67 65 64 28 29 7d 29 3b 74 2e 62 69 6e 64 56 65 72 69 66 79 41 63 63 6f 75 6e 74 52 65 71 75 69 72 65 64 28 28 6e 2c 74 29 3d 3e 7b 74 68 69 73 2e 68 61 6e 64 6c 65 57 73 62 56 65 72 69 66 79 41 63 63 6f 75 6e 74 52 65 71 75 69 72 65 64 28 6e 2c 74 29 7d 29 3b 74 2e 62 69 6e 64 41 63 63 65 73 73 54 6f 6b 65 6e 41 76 61 69 6c 61 62 6c 65 28 28 6e 2c 74 29 3d 3e 7b 74 68 69 73 2e 68 61 6e 64 6c 65 57 73 62 41 63 63 65 73 73 54 6f 6b 65 6e 41 76 61 69 6c 61 62 6c 65 28 6e 2c 74 29 7d 29 3b 74 2e 62 69 6e 64 53 65 6c 65 63 74 65 64 41 63
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: oryCachedInfo()});t.bindAccountTypesChanged(()=>{this.handleAccountTypeChanged()});t.bindVerifyAccountRequired((n,t)=>{this.handleWsbVerifyAccountRequired(n,t)});t.bindAccessTokenAvailable((n,t)=>{this.handleWsbAccessTokenAvailable(n,t)});t.bindSelectedAc
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC16384INData Raw: 2e 6d 73 62 50 65 72 66 4c 6f 67 67 65 72 2e 6d 61 72 6b 28 6e 2e 4d 73 62 50 65 72 66 50 72 6f 62 65 2e 4d 73 62 54 6f 6b 65 6e 52 65 73 70 6f 6e 64 65 64 2c 75 29 3b 6e 2e 63 6f 6e 66 69 67 2e 6d 73 62 4d 6f 63 6b 54 6f 6b 65 6e 26 26 28 66 3d 74 68 69 73 2e 67 65 74 4d 73 62 4d 6f 63 6b 41 63 63 6f 75 6e 74 28 29 29 3b 28 6e 2e 54 65 73 74 48 6f 6f 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 3d 3d 3d 6e 75 6c 6c 7c 7c 6e 2e 54 65 73 74 48 6f 6f 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 6e 2e 54 65 73 74 48 6f 6f 6b 55 72 6c 50 61 72 61 6d 65 74 65 72 73 2e 6d 73 62 41 75 74 68 46 61 69 6c 65 64 29 26 26 28 66 3d 75 6e 64 65 66 69 6e 65 64 29 3b 6e 2e 73 61 66 65 45 78 65 63 75 74 65 28 28 29 3d 3e 7b 74
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: .msbPerfLogger.mark(n.MsbPerfProbe.MsbTokenResponded,u);n.config.msbMockToken&&(f=this.getMsbMockAccount());(n.TestHookUrlParameters===null||n.TestHookUrlParameters===void 0?void 0:n.TestHookUrlParameters.msbAuthFailed)&&(f=undefined);n.safeExecute(()=>{t
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC8192INData Raw: 20 74 68 69 73 2e 69 73 45 64 75 54 65 6e 61 6e 74 28 74 29 26 26 6e 2e 63 6f 6e 66 69 67 2e 6d 73 62 57 6f 72 6b 53 63 6f 70 65 45 64 75 45 6e 61 62 6c 65 64 7d 69 73 45 64 75 54 65 6e 61 6e 74 28 6e 29 7b 72 65 74 75 72 6e 20 6e 3f 74 68 69 73 2e 67 65 74 53 74 6f 72 65 64 4d 73 62 49 73 45 64 75 28 29 3a 74 68 69 73 2e 67 65 74 49 73 4d 73 62 45 64 75 54 65 6e 61 6e 74 45 6e 61 62 6c 65 64 28 29 7d 69 73 4d 73 62 57 6f 72 6b 53 63 6f 70 65 28 74 2c 69 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 69 73 57 6f 72 6b 53 63 6f 70 65 41 70 70 6c 69 63 61 62 6c 65 28 29 26 26 28 74 3d 3d 3d 32 31 7c 7c 69 3d 3d 6e 2e 53 63 6f 70 65 2e 57 6f 72 6b 29 7d 69 73 4d 73 62 57 6f 72 6b 53 63 6f 70 65 44 73 62 52 65 64 69 72 65 63 74 45 6e 61 62 6c 65 64 28 29 7b 72 65
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: this.isEduTenant(t)&&n.config.msbWorkScopeEduEnabled}isEduTenant(n){return n?this.getStoredMsbIsEdu():this.getIsMsbEduTenantEnabled()}isMsbWorkScope(t,i){return this.isWorkScopeApplicable()&&(t===21||i==n.Scope.Work)}isMsbWorkScopeDsbRedirectEnabled(){re
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC16384INData Raw: 54 65 6e 61 6e 74 4d 61 6e 61 67 65 72 3d 69 3b 74 68 69 73 2e 66 65 74 63 68 69 6e 67 55 73 65 72 43 6f 6e 66 69 67 3d 21 31 3b 6e 2e 48 6f 73 74 2e 62 69 6e 64 41 63 63 6f 75 6e 74 43 68 61 6e 67 65 64 28 28 29 3d 3e 7b 74 68 69 73 2e 63 6c 65 61 6e 4c 6f 63 61 6c 55 73 65 72 43 6f 6e 66 69 67 53 74 61 74 65 28 29 2c 74 68 69 73 2e 73 65 74 48 61 73 45 64 75 41 73 73 69 67 6e 6d 65 6e 74 73 46 6c 61 67 73 28 21 31 29 7d 29 3b 69 2e 62 69 6e 64 54 65 6e 61 6e 74 45 6e 61 62 6c 65 64 28 28 29 3d 3e 7b 6e 2e 6d 73 62 48 6f 73 74 2e 69 73 45 64 75 54 65 6e 61 6e 74 28 29 26 26 74 68 69 73 2e 63 68 65 63 6b 55 73 65 72 43 6f 6e 66 69 67 28 28 29 3d 3e 7b 7d 2c 28 29 3d 3e 7b 7d 2c 22 4d 73 62 55 73 65 72 43 6f 6e 66 69 67 4d 61 6e 61 67 65 72 54 65 6e 61 6e
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: TenantManager=i;this.fetchingUserConfig=!1;n.Host.bindAccountChanged(()=>{this.cleanLocalUserConfigState(),this.setHasEduAssignmentsFlags(!1)});i.bindTenantEnabled(()=>{n.msbHost.isEduTenant()&&this.checkUserConfig(()=>{},()=>{},"MsbUserConfigManagerTenan
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC8192INData Raw: 65 74 75 72 6e 7b 73 74 61 74 75 73 3a 74 2c 74 72 61 63 65 49 64 3a 69 2c 73 65 72 76 65 72 4c 61 74 65 6e 63 79 3a 72 2c 73 74 61 72 74 54 69 6d 65 3a 75 2c 65 6e 64 54 69 6d 65 3a 66 2c 73 74 61 72 74 44 61 74 65 54 69 6d 65 3a 65 2c 65 6e 64 44 61 74 65 54 69 6d 65 3a 6f 2c 65 72 72 6f 72 4d 65 73 73 61 67 65 3a 73 7d 7d 66 69 72 65 52 6f 75 6e 64 54 72 69 70 54 69 6d 65 28 74 2c 69 29 7b 63 6f 6e 73 74 20 72 3d 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 7b 65 76 65 6e 74 49 64 3a 74 7d 2c 69 29 3b 63 6f 6e 73 74 20 75 3d 7b 6d 65 73 73 61 67 65 54 79 70 65 3a 22 4d 53 42 5f 53 45 41 52 43 48 5f 52 54 54 22 2c 70 61 79 6c 6f 61 64 3a 72 7d 3b 6e 2e 73 61 66 65 45 78 65 63 75 74 65 28 28 29 3d 3e 7b 77 69 6e 64 6f 77 2e 70 6f 73 74 4d 65 73 73 61 67 65
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: eturn{status:t,traceId:i,serverLatency:r,startTime:u,endTime:f,startDateTime:e,endDateTime:o,errorMessage:s}}fireRoundTripTime(t,i){const r=Object.assign({eventId:t},i);const u={messageType:"MSB_SEARCH_RTT",payload:r};n.safeExecute(()=>{window.postMessage
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC16384INData Raw: 20 4d 75 6c 74 69 70 6c 65 20 56 65 72 74 69 63 61 6c 20 43 6f 6e 66 69 67 20 52 65 71 75 65 73 74 65 64 22 2c 69 2c 7b 63 6f 6e 76 65 72 73 61 74 69 6f 6e 49 64 3a 72 7d 29 29 3a 28 74 68 69 73 2e 69 73 56 65 72 74 69 63 61 6c 43 6f 6e 66 69 67 41 70 69 43 61 6c 6c 49 6e 50 72 6f 67 72 65 73 73 3d 21 30 2c 74 68 69 73 2e 66 65 74 63 68 56 65 72 74 69 63 61 6c 43 6f 6e 66 69 67 28 28 69 2c 72 2c 75 29 3d 3e 7b 74 68 69 73 2e 69 73 56 65 72 74 69 63 61 6c 43 6f 6e 66 69 67 41 70 69 43 61 6c 6c 49 6e 50 72 6f 67 72 65 73 73 3d 21 31 2c 21 6e 2e 6d 73 62 48 6f 73 74 2e 66 65 61 74 75 72 65 73 2e 69 73 54 68 6f 72 4c 6f 67 45 6e 61 62 6c 65 64 28 29 7c 7c 28 69 3d 3d 3d 6e 75 6c 6c 7c 7c 69 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 69 2e 6c 65 6e 67
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: Multiple Vertical Config Requested",i,{conversationId:r})):(this.isVerticalConfigApiCallInProgress=!0,this.fetchVerticalConfig((i,r,u)=>{this.isVerticalConfigApiCallInProgress=!1,!n.msbHost.features.isThorLogEnabled()||(i===null||i===void 0?void 0:i.leng


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          46192.168.2.164976023.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:56 UTC746OUTGET /rp/JSBhm6AZx12QGq7iYck51h9mglA.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC900INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 2881
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Content-MD5: pbxvqnDSO8gIv44lZjVWQQ==
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Thu, 19 Oct 2023 06:11:10 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x8DBD06A3088AC17
                                                                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: 3c88bc15-401e-001f-7936-9959db000000
                                                                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=43867
                                                                                                                                                                                                                                                                                                                                                          Expires: Fri, 03 May 2024 06:40:04 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:57 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674537.d315175
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC2881INData Raw: 76 61 72 20 57 53 42 3b 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 76 61 72 20 74 3b 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 63 6c 61 73 73 20 74 20 65 78 74 65 6e 64 73 20 52 65 61 63 74 2e 43 6f 6d 70 6f 6e 65 6e 74 7b 72 65 6e 64 65 72 28 29 7b 69 66 28 21 74 68 69 73 2e 70 72 6f 70 73 2e 64 61 74 61 4d 6f 64 65 6c 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 63 6f 6e 73 74 7b 6d 65 73 73 61 67 65 3a 69 2c 63 61 6e 63 65 6c 3a 74 2c 73 68 6f 77 53 70 69 6e 6e 65 72 3a 72 7d 3d 74 68 69 73 2e 70 72 6f 70 73 2e 64 61 74 61 4d 6f 64 65 6c 3b 72 65 74 75 72 6e 20 52 65 61 63 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 4e 61 6d 65 3a 22 73 6e 69 70 53 65 61 72 63 68 4d 65 73 73 61 67 65 22 7d 2c 72 26 26 52 65 61 63 74 2e 63 72
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: var WSB;(function(n){var t;(function(n){class t extends React.Component{render(){if(!this.props.dataModel)return null;const{message:i,cancel:t,showSpinner:r}=this.props.dataModel;return React.createElement("div",{className:"snipSearchMessage"},r&&React.cr


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          47192.168.2.164976123.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC746OUTGET /rp/Kh0LX3Q4bqoC22KpTZf0P9ZtOTg.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC903INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 126080
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Content-MD5: mb5boVxlyMp4+WOAnBVJDw==
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Fri, 19 Jan 2024 19:28:01 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x8DC1924C08724AA
                                                                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: 3d15352d-d01e-004e-12bd-9b33a3000000
                                                                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=321657
                                                                                                                                                                                                                                                                                                                                                          Expires: Mon, 06 May 2024 11:49:54 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:57 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674537.d315627
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC15481INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 6e 2c 74 29 7b 66 75 6e 63 74 69 6f 6e 20 69 28 6e 2c 74 29 7b 72 65 74 75 72 6e 20 4c 6f 63 53 74 72 69 6e 67 4d 61 6e 61 67 65 72 2e 72 65 67 69 73 74 65 72 28 7b 75 69 43 75 6c 74 75 72 65 3a 6e 2c 6e 61 6d 65 3a 22 4c 6f 63 53 74 72 69 6e 67 73 22 2c 6e 61 6d 65 73 70 61 63 65 3a 22 46 65 65 64 62 61 63 6b 22 7d 2c 7b 44 49 41 4c 4f 47 5f 41 4c 49 41 53 5f 45 52 52 4f 52 5f 54 45 58 54 3a 74 5b 30 5d 2c 44 49 41 4c 4f 47 5f 41 4c 49 41 53 5f 4c 41 42 45 4c 3a 74 5b 31 5d 2c 44 49 41 4c 4f 47 5f 41 4c 49 41 53 5f 54 45 58 54 3a 74 5b 32 5d 2c 44 49 41 4c 4f 47 5f 41 53 4b 5f 46 45 45 44 42 41 43 4b 3a 74 5b 33 5d 2c 44 49 41 4c 4f 47 5f 43 41 4e 43 45 4c 5f 42 55 54 54 4f 4e 5f 54 45 58 54 3a 74 5b 34 5d 2c 44 49 41 4c 4f
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: (function(n,t){function i(n,t){return LocStringManager.register({uiCulture:n,name:"LocStrings",namespace:"Feedback"},{DIALOG_ALIAS_ERROR_TEXT:t[0],DIALOG_ALIAS_LABEL:t[1],DIALOG_ALIAS_TEXT:t[2],DIALOG_ASK_FEEDBACK:t[3],DIALOG_CANCEL_BUTTON_TEXT:t[4],DIALO
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC16384INData Raw: e0 a6 ae e0 a6 a4 20 e0 a6 aa e0 a7 8d e0 a6 b0 e0 a7 87 e0 a6 b0 e0 a6 a3 20 e0 a6 95 e0 a6 b0 e0 a7 81 e0 a6 a8 22 5d 29 28 22 62 73 2d 6c 61 74 6e 22 2c 5b 22 55 6e 65 73 69 74 65 20 73 76 6f 6a 20 70 73 65 75 64 6f 6e 69 6d 2e 22 2c 22 69 20 64 6f 64 61 6a 20 6d 65 6e 65 20 75 20 63 63 20 6e 61 22 2c 22 4f 76 64 6a 65 20 75 6e 65 73 69 74 65 20 70 73 65 75 64 6f 6e 69 6d 2e 22 2c 22 49 6d 61 74 65 20 6c 69 20 70 6f 73 65 62 6e 65 20 70 6f 76 72 61 74 6e 65 20 69 6e 66 6f 72 6d 61 63 69 6a 65 3f 22 2c 22 4f 74 6b 61 c5 be 69 22 2c 22 4f 73 74 61 76 69 74 65 20 6b 6f 6d 65 6e 74 61 72 2e 22 2c 22 4f 6b 76 69 72 20 7a 61 20 74 65 6b 73 74 20 7a 61 20 76 61 c5 a1 65 20 70 6f 76 72 61 74 6e 65 20 69 6e 66 6f 72 6d 61 63 69 6a 65 2e 22 2c 22 56 72 73 74 61
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: "])("bs-latn",["Unesite svoj pseudonim.","i dodaj mene u cc na","Ovdje unesite pseudonim.","Imate li posebne povratne informacije?","Otkai","Ostavite komentar.","Okvir za tekst za vae povratne informacije.","Vrsta
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC2607INData Raw: 61 c3 ad 20 70 72 c3 ad 6f 62 68 c3 a1 69 64 65 61 63 68 61 69 73 22 2c 22 53 65 6f 6c 22 2c 22 53 65 6f 6c 20 72 c3 ad 6f 6d 68 70 68 6f 73 74 20 63 68 75 69 67 20 66 6f 69 72 65 61 6e 6e 20 7b 30 7d 22 2c 22 4d c3 a1 20 63 68 6c 69 63 65 c3 a1 69 6c 74 65 61 72 20 61 72 20 61 6e 20 67 63 6e 61 69 70 65 20 73 65 6f 20 6e c3 b3 20 61 72 20 65 6e 74 65 72 2c 20 63 75 69 72 66 65 61 72 20 69 73 74 65 61 63 68 20 61 6e 20 74 2d 61 69 73 65 6f 6c 61 73 20 67 6f 20 72 61 74 68 c3 ba 69 6c 22 2c 22 4c 61 69 6e 73 65 c3 a1 69 6c 20 61 6e 20 61 69 70 20 72 c3 ad 6f 6d 68 70 68 6f 69 73 74 20 61 67 75 73 20 73 65 6f 6c 20 72 c3 ad 6f 6d 68 70 68 6f 73 74 20 63 68 75 69 67 22 2c 22 54 75 69 6c 6c 65 61 64 68 20 66 61 69 73 6e c3 a9 69 73 65 22 2c 22 52 c3 a1 69 74
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: a probhideachais","Seol","Seol romhphost chuig foireann {0}","M chliceiltear ar an gcnaipe seo n ar enter, cuirfear isteach an t-aiseolas go rathil","Lainseil an aip romhphoist agus seol romhphost chuig","Tuilleadh faisnise","Rit
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC16384INData Raw: e0 aa 95 e0 ab 8d e0 aa b8 e0 ab 8d e0 aa 9f e0 aa ac e0 ab 89 e0 aa 95 e0 ab 8d e0 aa b8 2e 22 2c 22 e0 aa aa e0 ab 8d e0 aa b0 e0 aa a4 e0 aa bf e0 aa 95 e0 ab 8d e0 aa b0 e0 aa bf e0 aa af e0 aa be 20 e0 aa aa e0 ab 8d e0 aa b0 e0 aa 95 e0 aa be e0 aa b0 22 2c 22 e0 aa b8 e0 ab 82 e0 aa 9a e0 aa b5 e0 ab 8b 22 2c 22 e0 aa b2 e0 aa be e0 aa 87 e0 aa 95 22 2c 22 e0 aa a1 e0 aa bf e0 aa b8 e0 ab 8d e0 aa b2 e0 aa be e0 aa 87 e0 aa 95 22 2c 22 e0 aa 95 e0 aa b2 e0 ab 8d e0 aa aa e0 aa a8 e0 aa be 22 2c 22 e0 aa b2 e0 aa be e0 aa 87 e0 aa 95 e0 ab 8d e0 aa b8 22 2c 22 e0 aa a1 e0 aa bf e0 aa b8 e0 aa b2 e0 aa be e0 aa 87 e0 aa 95 e0 ab 8d e0 aa b8 22 2c 22 e0 aa 8f e0 aa 95 20 e0 aa b8 e0 ab 8d e0 aa 95 e0 ab 8d e0 aa b0 e0 ab 80 e0 aa a8 e0 aa b6 e0 ab 89
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ."," ","","","","","","","
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC12120INData Raw: 9f 81 3f 22 2c 22 e1 9e 94 e1 9f 84 e1 9f 87 e2 80 8b e1 9e 94 e1 9e 84 e1 9f 8b 22 2c 22 e1 9e 9f e1 9e bc e1 9e 98 e2 80 8b e1 9e 94 e1 9e 89 e1 9f 92 e1 9e 85 e1 9f 81 e1 9e 89 e2 80 8b e1 9e 98 e1 9e 8f e1 9e b7 e2 80 8b e1 9e 99 e1 9f 84 e1 9e 94 e1 9e 9b e1 9f 8b e2 80 8b e1 9e 98 e1 9e bd e1 9e 99 e1 9f 94 22 2c 22 e1 9e 94 e1 9f 92 e1 9e 9a e1 9e a2 e1 9e 94 e1 9f 8b e1 9e a2 e1 9e 8f e1 9f 92 e1 9e 90 e1 9e 94 e1 9e 91 e1 9e 9f e1 9e 98 e1 9f 92 e1 9e 9a e1 9e b6 e1 9e 94 e1 9f 8b e1 9e 99 e1 9f 84 e1 9e 94 e1 9e 9b e1 9f 8b e1 9e 9a e1 9e 94 e1 9e 9f e1 9f 8b e1 9e a2 e1 9f 92 e1 9e 93 e1 9e 80 2e 22 2c 22 e1 9e 94 e1 9f 92 e1 9e 9a e1 9e 97 e1 9f 81 e1 9e 91 e2 80 8b e1 9e 98 e1 9e 8f e1 9e b7 e2 80 8b e1 9e 8f e1 9e 94 22 2c 22 e1 9e 8e e1 9f
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ?","","",".","","
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC16384INData Raw: 75 20 76 65 69 64 73 22 2c 22 49 65 74 65 69 6b 74 22 2c 22 50 61 74 c4 ab 6b 22 2c 22 4e 65 70 61 74 c4 ab 6b 22 2c 22 49 64 65 6a 61 73 22 2c 22 50 6f 7a 69 74 c4 ab 76 69 20 6e 6f 76 c4 93 72 74 c4 93 6a 75 6d 69 22 2c 22 4e 65 67 61 74 c4 ab 76 69 20 76 c4 93 72 74 c4 93 6a 75 6d 69 22 2c 22 49 65 6b c4 bc 61 75 74 20 65 6b 72 c4 81 6e 75 7a c5 86 c4 93 6d 75 6d 75 22 2c 22 4d 69 63 72 6f 73 6f 66 74 20 69 65 6b c5 a1 c4 93 6a 61 69 73 20 7a 69 c5 86 6f 6a 75 6d 73 22 2c 22 4b 6f 6e 66 69 64 65 6e 63 69 61 6c 69 74 c4 81 74 65 73 20 70 6f 6c 69 74 69 6b 61 22 2c 22 53 c5 ab 74 c4 ab 74 22 2c 22 53 c5 ab 74 c4 ab 74 20 65 2d 70 61 73 74 75 20 7b 30 7d 20 64 61 72 62 61 20 67 72 75 70 61 69 22 2c 22 4e 6f 6b 6c 69 6b c5 a1 c4 b7 69 6e 6f 74 20 75 7a 20
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: u veids","Ieteikt","Patk","Nepatk","Idejas","Pozitvi novrtjumi","Negatvi vrtjumi","Iekaut ekrnuzmumu","Microsoft iekjais ziojums","Konfidencialittes politika","Stt","Stt e-pastu {0} darba grupai","Noklikinot uz
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC16384INData Raw: ac bf e0 ac ac e0 ac be 20 e0 ac 95 e0 ac bf e0 ac ae e0 ad 8d e0 ad b1 e0 ac be 20 e0 ac 8f e0 ac a3 e0 ad 8d e0 ac 9f e0 ac b0 e0 ad 8d e2 80 8d e2 80 8c 20 e0 ac b9 e0 ac bf e0 ac 9f e0 ad 8d 20 e0 ac 95 e0 ac b0 e0 ac bf e0 ac ac e0 ac be 20 e0 ac a6 e0 ad 8d e0 ad b1 e0 ac be e0 ac b0 e0 ac be 20 e0 ac b8 e0 ac ab e0 ac b3 e0 ac a4 e0 ac be e0 ac b0 20 e0 ac b8 e0 ac b9 20 e0 ac ae e0 ac a4 e0 ac be e0 ac ae e0 ac a4 20 e0 ac 89 e0 ac aa e0 ac b8 e0 ad 8d e0 ac a5 e0 ac be e0 ac aa e0 ac a8 e0 ac be 20 e0 ac 95 e0 ac b0 e0 ac bf e0 ac ac 22 2c 22 e0 ac ae e0 ad 87 e0 ac b2 e0 ad 8d 20 e0 ac 86 e0 ac aa e0 ad 8d e0 ac b2 e0 ac bf e0 ac 95 e0 ad 87 e0 ac b8 e0 ac a8 e0 ad 8d 20 e0 ac b2 e0 ac 9e e0 ad 8d e0 ac 9a 20 e0 ac 95 e0 ac b0 e0 ac a8 e0 ad 8d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ","
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC7952INData Raw: 6b 73 65 73 22 2c 22 4e 69 73 6e 69 20 61 70 6c 69 6b 61 63 69 6f 6e 69 6e 20 4d 61 69 6c 20 64 68 65 20 64 c3 ab 72 67 6f 6e 69 20 6e 6a c3 ab 20 65 6d 61 69 6c 20 6e c3 ab 22 2c 22 4d c3 ab 73 6f 20 6d c3 ab 20 73 68 75 6d c3 ab 22 2c 22 44 65 6b 6c 61 72 61 74 61 20 65 20 70 72 69 76 61 74 c3 ab 73 69 73 c3 ab 22 2c 22 52 61 70 6f 72 74 6f 6e 69 20 6e 6a c3 ab 20 73 68 71 65 74 c3 ab 73 69 6d 22 2c 22 56 65 6e 64 6f 73 6e 69 20 6b 6f 6d 65 6e 74 65 74 20 74 75 61 6a 61 20 6e c3 ab 20 4b c3 ab 72 6b 69 6d 69 20 65 20 57 69 6e 64 6f 77 73 20 6b c3 ab 74 75 2e 20 50 c3 ab 72 20 74 c3 ab 20 6d 62 72 6f 6a 74 75 72 20 70 72 69 76 61 74 c3 ab 73 69 6e c3 ab 20 74 75 61 6a 2c 20 6a 75 20 6c 75 74 65 6d 69 20 6d 6f 73 20 70 c3 ab 72 66 73 68 69 6e 69 20 61 73
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: kses","Nisni aplikacionin Mail dhe drgoni nj email n","Mso m shum","Deklarata e privatsis","Raportoni nj shqetsim","Vendosni komentet tuaja n Krkimi e Windows ktu. Pr t mbrojtur privatsin tuaj, ju lutemi mos prfshini as
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC16384INData Raw: 95 e0 af 8d e0 ae 95 e0 ae b5 e0 af 81 e0 ae ae e0 af 8d 22 2c 22 4d 69 63 72 6f 73 6f 66 74 20 e0 ae 89 e0 ae b3 e0 af 8d e0 ae b3 e0 ae be e0 ae b0 e0 af 8d e0 ae a8 e0 af 8d e0 ae a4 22 2c 22 e0 ae a4 e0 ae a9 e0 ae bf e0 ae af e0 af 81 e0 ae b0 e0 ae bf e0 ae ae e0 af 88 20 e0 ae 95 e0 af 8a e0 ae b3 e0 af 8d e0 ae 95 e0 af 88 22 2c 22 e0 ae 85 e0 ae a9 e0 af 81 e0 ae aa e0 af 8d e0 ae aa e0 af 81 e0 ae a4 e0 ae b2 e0 af 8d 22 2c 22 7b 30 7d 20 e0 ae 95 e0 af 81 e0 ae b4 e0 af 81 e0 ae b5 e0 ae bf e0 ae b1 e0 af 8d e0 ae 95 e0 af 81 20 e0 ae ae e0 ae bf e0 ae a9 e0 af 8d e0 ae a9 e0 ae 9e e0 af 8d e0 ae 9a e0 ae b2 e0 af 88 20 e0 ae 85 e0 ae a9 e0 af 81 e0 ae aa e0 af 8d e0 ae aa e0 ae b5 e0 af 81 e0 ae ae e0 af 8d 22 2c 22 e0 ae 87 e0 ae a8 e0 af 8d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: ","Microsoft "," ","","{0} ","
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:57 UTC6000INData Raw: 20 63 75 cc 89 61 20 62 61 cc a3 6e 20 c6 a1 cc 89 20 c4 91 c3 a2 79 2e 22 2c 22 c4 90 c3 a3 20 6e 68 e1 ba ad 6e 20 c4 91 c6 b0 e1 bb a3 63 20 70 68 e1 ba a3 6e 20 68 e1 bb 93 69 20 63 e1 bb a5 20 74 68 e1 bb 83 3f 22 2c 22 48 e1 bb a7 79 22 2c 22 56 75 69 20 6c 6f cc 80 6e 67 20 67 68 69 20 6e 68 c3 a2 cc a3 6e 20 78 65 cc 81 74 2e 22 2c 22 48 c3 b4 cc a3 70 20 6e 68 e1 ba ad 70 20 76 c4 83 6e 20 62 61 cc 89 6e 20 63 68 6f 20 70 68 e1 ba a3 6e 20 68 e1 bb 93 69 20 63 e1 bb a7 61 20 62 e1 ba a1 6e 22 2c 22 4c 6f e1 ba a1 69 20 70 68 e1 ba a3 6e 20 68 e1 bb 93 69 22 2c 22 c4 90 c3 aa cc 80 20 78 75 c3 a2 cc 81 74 22 2c 22 54 68 69 cc 81 63 68 22 2c 22 42 6f cc 89 20 74 68 69 cc 81 63 68 22 2c 22 c3 9d 20 74 c6 b0 e1 bb 9f 6e 67 22 2c 22 54 68 69 cc 81 63
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: cua ban y."," nhn c phn hi c th?","Hy","Vui long ghi nhn xet.","Hp nhp vn ban cho phn hi ca bn","Loi phn hi"," xut","Thich","Bo thich"," tng","Thic


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          48192.168.2.1649762104.21.73.974434364C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:59 UTC67OUTGET /xml/ HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: freegeoip.app
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:59 UTC645INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:28:59 GMT
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 167
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: max-age=3600
                                                                                                                                                                                                                                                                                                                                                          Expires: Thu, 02 May 2024 19:28:59 GMT
                                                                                                                                                                                                                                                                                                                                                          Location: https://ipbase.com/xml/
                                                                                                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SlA6sjYNeY9wEOQGcNcH4pGu42KSx%2BNaqO6ZeCZ%2BAjCyDtf%2FtkfpcEKLmkF2aq5y%2F5DpttLy44NynUYyoTN5Pby%2Fqafu8HWNRKhTVxNm4u%2BbqvafFTeTqTM2OyARCjnJ"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                          CF-RAY: 87da13008aa81998-EWR
                                                                                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:59 UTC167INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                          49192.168.2.1649763104.21.85.1894434364C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:28:59 UTC64OUTGET /xml/ HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Host: ipbase.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:29:00 UTC735INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:29:00 GMT
                                                                                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Age: 14026
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public,max-age=0,must-revalidate
                                                                                                                                                                                                                                                                                                                                                          Cache-Status: "Netlify Edge"; hit
                                                                                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                          X-Nf-Request-Id: 01HWX927G4XTC9V63VGKRYJAA2
                                                                                                                                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zPVijTRjMmAayQUweCOnANNWb6YfJ9eUsD4etu5DcVLvbbyJSHd19BKltH3Qb%2BKXIr8SNC8kODDjP1lqBZlOn58mOiK41rdLqgqdV2O6bLt4puc%2BRnCO3D1I%2FJiW"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                          CF-RAY: 87da130319fc0f5b-EWR
                                                                                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:29:00 UTC634INData Raw: 63 30 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 0a 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: c0a<!DOCTYPE html><html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>Page Not Found</title> <link href='https://fonts.googleapis.com
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:29:00 UTC1369INData Raw: 3a 20 30 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 68 31 20 7b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 32 70 78 3b 0a 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 34 70 78 3b 0a 20 20 20 20 7d 0a 0a 20 20 20 20 2e 6d 61 69 6e 20 7b 0a 20 20 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0a 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0a 20 20 20 20 20 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 68 65 69 67 68 74 3a 20 31
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: : 0; } h1 { margin: 0; font-size: 22px; line-height: 24px; } .main { position: relative; display: flex; flex-direction: column; align-items: center; justify-content: center; height: 1
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:29:00 UTC1086INData Raw: 20 20 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 30 30 37 30 36 37 22 20 64 3d 22 4d 31 31 2e 39 39 39 38 38 33 36 2c 34 2e 30 39 33 37 30 38 30 33 20 4c 38 2e 35 35 38 30 39 35 31 37 2c 37 2e 34 33 32 39 34 39 35 33 20 43 38 2e 32 33 35 33 31 34 35 39 2c 37 2e 37 34 36 31 31 32 39 38 20 38 2e 32 33 35 33 31 34 35 39 2c 38 2e 32 35 33 38 38 37 33 36 20 38 2e 35 35 38 30 39 35 31 37 2c 38 2e 35 36 36 39 33 37 36 39 20 4c 31 32 2c 31 31 2e 39 30 36 32 39 32 31 20 4c 39 2e 38 34 31 38 37 38 37 31 2c 31 34 20 4c 34 2e 32 34 32 30 38 35 34 34 2c 38 2e 35 36 36 39 33 37 35 31 20 43 33 2e 39 31 39 33 30 34 38 35 2c 38 2e 32 35 33 38 38 37 31 39 20 33 2e 39 31 39 33 30 34 38 35 2c 37 2e 37 34 36 31 31 32 38 31 20 34 2e 32 34 32 30 38 35 34 34 2c 37 2e 34 33 32 39 34
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: <path fill="#007067" d="M11.9998836,4.09370803 L8.55809517,7.43294953 C8.23531459,7.74611298 8.23531459,8.25388736 8.55809517,8.56693769 L12,11.9062921 L9.84187871,14 L4.24208544,8.56693751 C3.91930485,8.25388719 3.91930485,7.74611281 4.24208544,7.43294
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:29:00 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                          50192.168.2.164977623.1.33.206443
                                                                                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:29:25 UTC746OUTGET /rp/NWoZK3kTsExUV00Ywo1G5jlUKKs.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                                                                                          Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                                                                                          Host: r.bing.com
                                                                                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                          Cookie: MUID=5047E5942BB2460EA35B53CCF78DDB3D; _SS=SID=117ACB7E7D246FD81513DF607C366EB7&CPID=1707317782133&AC=1&CPH=c645c844; _EDGE_S=SID=117ACB7E7D246FD81513DF607C366EB7&mkt=de-ch; SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1714674512&IPMH=dab9a8b9&IPMID=1707317782133
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:29:25 UTC907INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                          Content-Length: 1
                                                                                                                                                                                                                                                                                                                                                          Content-Type: application/x-javascript; charset=utf-8
                                                                                                                                                                                                                                                                                                                                                          Content-MD5: xMpCOKC5I4INzFCab3WEmw==
                                                                                                                                                                                                                                                                                                                                                          Last-Modified: Wed, 17 Aug 2022 03:18:17 GMT
                                                                                                                                                                                                                                                                                                                                                          ETag: 0x8DA7FFF2150BA5C
                                                                                                                                                                                                                                                                                                                                                          Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                                                                                          x-ms-request-id: 8aa3546a-e01e-009e-53e1-9b0ef5000000
                                                                                                                                                                                                                                                                                                                                                          x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          Cache-Control: public, no-transform, max-age=337096
                                                                                                                                                                                                                                                                                                                                                          Expires: Mon, 06 May 2024 16:07:41 GMT
                                                                                                                                                                                                                                                                                                                                                          Date: Thu, 02 May 2024 18:29:25 GMT
                                                                                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                                                                                          Akamai-GRN: 0.8e200117.1714674565.d32b444
                                                                                                                                                                                                                                                                                                                                                          Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                          report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
                                                                                                                                                                                                                                                                                                                                                          nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                                                                                                          2024-05-02 18:29:25 UTC1INData Raw: 31
                                                                                                                                                                                                                                                                                                                                                          Data Ascii: 1


                                                                                                                                                                                                                                                                                                                                                          Statistics

                                                                                                                                                                                                                                                                                                                                                          CPU Usage

                                                                                                                                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                                                                                                                                          Memory Usage

                                                                                                                                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                                                                                                                                          High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                                                          Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                                                          Behavior

                                                                                                                                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                                                                                                                                          System Behavior

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:0
                                                                                                                                                                                                                                                                                                                                                          Start time:20:27:27
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Users\user\Desktop\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                          Commandline:"C:\Users\user\Desktop\Pots.exe"
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x2d0000
                                                                                                                                                                                                                                                                                                                                                          File size:1'718'038 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:4007521AF3A2BAA42C6FC32F849BE740
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:2
                                                                                                                                                                                                                                                                                                                                                          Start time:20:27:28
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\cmd.exe /c ""C:\1.bat" "
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0xf20000
                                                                                                                                                                                                                                                                                                                                                          File size:236'544 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:3
                                                                                                                                                                                                                                                                                                                                                          Start time:20:27:28
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6684c0000
                                                                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:4
                                                                                                                                                                                                                                                                                                                                                          Start time:20:27:28
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Pots.sfx.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                          Commandline:Pots.sfx.exe -psoup
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x850000
                                                                                                                                                                                                                                                                                                                                                          File size:1'544'374 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:900F750190EB52AC327BA0739014AD81
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                                                                                                                                          • Detection: 25%, ReversingLabs
                                                                                                                                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:5
                                                                                                                                                                                                                                                                                                                                                          Start time:20:27:29
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                          Commandline:"C:\Pots.exe"
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0xdd0000
                                                                                                                                                                                                                                                                                                                                                          File size:1'227'264 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:510C435E8560F65226D0DA24A98E235F
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:Borland Delphi
                                                                                                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_RagsStealer, Description: Yara detected Rags Stealer, Source: 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_44CaliberStealer, Description: Yara detected 44Caliber Stealer, Source: 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                                          • Rule: INDICATOR_SUSPICIOUS_EXE_Discord_Regex, Description: Detects executables referencing Discord tokens regular expressions, Source: 00000005.00000002.1133301136.0000000000DD2000.00000040.00000001.01000000.0000000A.sdmp, Author: ditekSHen
                                                                                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000005.00000002.1137260907.0000000003C0F000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                                          • Rule: INDICATOR_SUSPICIOUS_EXE_Discord_Regex, Description: Detects executables referencing Discord tokens regular expressions, Source: 00000005.00000002.1137260907.0000000003C0F000.00000004.00000800.00020000.00000000.sdmp, Author: ditekSHen
                                                                                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_RagsStealer, Description: Yara detected Rags Stealer, Source: 00000005.00000002.1137260907.0000000003B81000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                                                                                                                                          • Detection: 100%, Avira
                                                                                                                                                                                                                                                                                                                                                          • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                                                                                                          • Detection: 83%, ReversingLabs
                                                                                                                                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:19
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:35
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                          Commandline:"C:\Windows\system32\cmd.exe"
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6fd780000
                                                                                                                                                                                                                                                                                                                                                          File size:289'792 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:20
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:35
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6684c0000
                                                                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:21
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:44
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Users\user\Desktop\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                          Commandline:Pots.exe
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x2d0000
                                                                                                                                                                                                                                                                                                                                                          File size:1'718'038 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:4007521AF3A2BAA42C6FC32F849BE740
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:22
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:44
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\cmd.exe /c ""C:\1.bat" "
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0xf20000
                                                                                                                                                                                                                                                                                                                                                          File size:236'544 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:23
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:44
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6684c0000
                                                                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:24
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:45
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Pots.sfx.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                          Commandline:Pots.sfx.exe -psoup
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x850000
                                                                                                                                                                                                                                                                                                                                                          File size:1'544'374 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:900F750190EB52AC327BA0739014AD81
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:25
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:45
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                          Commandline:"C:\Pots.exe"
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0xdd0000
                                                                                                                                                                                                                                                                                                                                                          File size:1'227'264 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:510C435E8560F65226D0DA24A98E235F
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:Borland Delphi
                                                                                                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_RagsStealer, Description: Yara detected Rags Stealer, Source: 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_44CaliberStealer, Description: Yara detected 44Caliber Stealer, Source: 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                                          • Rule: INDICATOR_SUSPICIOUS_EXE_Discord_Regex, Description: Detects executables referencing Discord tokens regular expressions, Source: 00000019.00000002.1898940608.0000000003D11000.00000004.00000800.00020000.00000000.sdmp, Author: ditekSHen
                                                                                                                                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:28
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:47
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe"
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                                                                                                          File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:29
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:47
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe"
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                                                                                                          File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:30
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:47
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe"
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7f9810000
                                                                                                                                                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:31
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:48
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=2040,i,13818589017256215698,7154636471742803029,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7f9810000
                                                                                                                                                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:32
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:49
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2232 -prefMapHandle 2216 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {96c4117f-89fb-4aea-9388-b6b8fbaf62f1} 3224 "\\.\pipe\gecko-crash-server-pipe.3224" 19ae366e310 socket
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                                                                                                          File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:33
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:52
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3520 -parentBuildID 20230927232528 -prefsHandle 4064 -prefMapHandle 4060 -prefsLen 25481 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f82e27d-20e4-4201-be06-6f8ad14acd0a} 3224 "\\.\pipe\gecko-crash-server-pipe.3224" 19af561ce10 rdd
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                                                                                                          File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:35
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:55
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Users\user\Desktop\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                          Commandline:Pots.exe
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x2d0000
                                                                                                                                                                                                                                                                                                                                                          File size:1'718'038 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:4007521AF3A2BAA42C6FC32F849BE740
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:36
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:56
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\cmd.exe /c ""C:\1.bat" "
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0xf20000
                                                                                                                                                                                                                                                                                                                                                          File size:236'544 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:37
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:56
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6684c0000
                                                                                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:38
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:56
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Pots.sfx.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                          Commandline:Pots.sfx.exe -psoup
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x850000
                                                                                                                                                                                                                                                                                                                                                          File size:1'544'374 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:900F750190EB52AC327BA0739014AD81
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:39
                                                                                                                                                                                                                                                                                                                                                          Start time:20:28:56
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Pots.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                          Commandline:"C:\Pots.exe"
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0xdd0000
                                                                                                                                                                                                                                                                                                                                                          File size:1'227'264 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:510C435E8560F65226D0DA24A98E235F
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                          Programmed in:Borland Delphi
                                                                                                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_RagsStealer, Description: Yara detected Rags Stealer, Source: 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_44CaliberStealer, Description: Yara detected 44Caliber Stealer, Source: 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                                          • Rule: INDICATOR_SUSPICIOUS_EXE_Discord_Regex, Description: Detects executables referencing Discord tokens regular expressions, Source: 00000027.00000002.2027317495.0000000003731000.00000004.00000800.00020000.00000000.sdmp, Author: ditekSHen
                                                                                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                                                                                          Target ID:40
                                                                                                                                                                                                                                                                                                                                                          Start time:20:29:28
                                                                                                                                                                                                                                                                                                                                                          Start date:02/05/2024
                                                                                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5468 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 1528 -prefMapHandle 5440 -prefsLen 33331 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3508e13-7332-41e1-9a43-bee54dfd6a83} 3224 "\\.\pipe\gecko-crash-server-pipe.3224" 19b01fb2310 utility
                                                                                                                                                                                                                                                                                                                                                          Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                                                                                                          File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                                          MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                                                                                          Disassembly

                                                                                                                                                                                                                                                                                                                                                          Reset < >

                                                                                                                                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                                                                                                                                            Execution Coverage:8.6%
                                                                                                                                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:66.7%
                                                                                                                                                                                                                                                                                                                                                            Signature Coverage:0%
                                                                                                                                                                                                                                                                                                                                                            Total number of Nodes:6
                                                                                                                                                                                                                                                                                                                                                            Total number of Limit Nodes:0
                                                                                                                                                                                                                                                                                                                                                            execution_graph 39534 f89598 39535 f895a5 VirtualAlloc 39534->39535 39530 2d130c8 39533 2d130eb 39530->39533 39531 2d13123 KiUserExceptionDispatcher 39532 2d13133 39531->39532 39533->39531

                                                                                                                                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                                                                                                                                            Function 06598890 Relevance: 1.6, Instructions: 1585COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 9861d323c80bb26711d2db2c2b719f08c3d7675c7225afe24e0eed48f1ca4e94
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ecf78e401936df5bf92792d97b6039feea6bc4fb9bba7c2c2cb186a24c18b6c2
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9861d323c80bb26711d2db2c2b719f08c3d7675c7225afe24e0eed48f1ca4e94
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B4F2C470E012199FDF94DF64D894ADEB7B2BF89300F1485E9C509AB254EB309E81DFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06598880 Relevance: 1.5, Instructions: 1473COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: d5e97e79b575328dab6a637d2b8628eacd968b7e3c090d77a8b8b3d5226ab4e4
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: c63498e718ae1dedefd202741df31b2dd6a255007d363c72598149370c0c3171
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d5e97e79b575328dab6a637d2b8628eacd968b7e3c090d77a8b8b3d5226ab4e4
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 32E2B670E012199FDF95DF64C894ADEB7B2BF89300F1485E9C509AB254EB309E81DFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659D290 Relevance: .3, Instructions: 281COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 117a3f6391dd6dcd9216331aea5b7ce257afd0fb6e0a193e769cfff36c3625da
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: c5c78b948af6c0dbaa491b52921686b7d22f9e0e18a262e9538208e60f33c9ff
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 117a3f6391dd6dcd9216331aea5b7ce257afd0fb6e0a193e769cfff36c3625da
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BDB15D70E006098FDF50DFA9C9857AEBBF2FF88704F148629D815AB294DB749845CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659DB60 Relevance: .3, Instructions: 266COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 9273c40204665fc28a42562b063eeecb869e06195eb47d74ae8870581391e50d
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 7eceb292d879fd3067b7c3a34b39fef4202136d35d50942db5db2b80dc6f7948
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9273c40204665fc28a42562b063eeecb869e06195eb47d74ae8870581391e50d
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 86B14E70E006098FDF50CFA9C8857AEBBF2BF88754F148629D815AB394DB749845CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02D177D8 Relevance: .1, Instructions: 136COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1136150731.0000000002D10000.00000040.00000800.00020000.00000000.sdmp, Offset: 02D10000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_2d10000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: d37ad68f2ec22fde8098477f839d6d9cacbbf60355e2c4cda03f791eaf088d40
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: d9cab0a30e96e219a1c1ed8c3950d2242273ec4f5caac7e5a2ed78b05f6f8dce
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d37ad68f2ec22fde8098477f839d6d9cacbbf60355e2c4cda03f791eaf088d40
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AF414F74B012049FCB44EF7CE460AAEBBF6FB88311B24856AD409D7754EB349D42CBA0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02D130B9 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                                                                            control_flow_graph 824 2d130b9-2d13103 call 2d17477 837 2d13105 call 2d17894 824->837 838 2d13105 call 2d177d8 824->838 839 2d13105 call 2d177c8 824->839 829 2d1310b-2d1313b call 2d17ef8 KiUserExceptionDispatcher 835 2d13143-2d13174 829->835 837->829 838->829 839->829
                                                                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                                                                            • KiUserExceptionDispatcher.NTDLL ref: 02D13125
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1136150731.0000000002D10000.00000040.00000800.00020000.00000000.sdmp, Offset: 02D10000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_2d10000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID: DispatcherExceptionUser
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID: 6842923-0
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 057c2d76ad8c406f64f2efeb637f2efed745fa8f50f1159fec5c3abe059e7bd3
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: fd893c146d5443dadb3169fce2fdbcd3ffc7ca4debd28ac1f51285bb45becee3
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 057c2d76ad8c406f64f2efeb637f2efed745fa8f50f1159fec5c3abe059e7bd3
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D9011B74B01665CFCB46BB74A2192AC7FB1EF8A7157000649E84AD3780DB390A56CF86
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02D130C8 Relevance: 1.5, APIs: 1, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                                                                            control_flow_graph 842 2d130c8-2d13103 call 2d17477 857 2d13105 call 2d17894 842->857 858 2d13105 call 2d177d8 842->858 859 2d13105 call 2d177c8 842->859 847 2d1310b-2d1313b call 2d17ef8 KiUserExceptionDispatcher 853 2d13143-2d13174 847->853 857->847 858->847 859->847
                                                                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                                                                            • KiUserExceptionDispatcher.NTDLL ref: 02D13125
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1136150731.0000000002D10000.00000040.00000800.00020000.00000000.sdmp, Offset: 02D10000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_2d10000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID: DispatcherExceptionUser
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID: 6842923-0
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 7095309131e147b58a4046725901af8a515af5fbecf92765af8cfe44661056cb
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: c662b39d4717d2bc789618f803b18871bd183305c12f9a7dca5b9c7ece91259c
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7095309131e147b58a4046725901af8a515af5fbecf92765af8cfe44661056cb
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9D01DA78B006258F8B45BB64A21C26D7BB2AB88B167000119E80BD3784DF380B12CFC6
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 00F89598 Relevance: 1.3, APIs: 1, Instructions: 21memoryCOMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                                                                            control_flow_graph 1649 f89598-f895a3 1650 f895ac-f895af 1649->1650 1651 f895a5-f895aa 1649->1651 1652 f895b6-f895ca VirtualAlloc 1650->1652 1653 f895b1 1650->1653 1651->1652 1653->1652
                                                                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                                                                            • VirtualAlloc.KERNEL32(?,?,?,?), ref: 00F895C3
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1133415880.0000000000F7D000.00000040.00000001.01000000.0000000A.sdmp, Offset: 00E1C000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                            • Associated: 00000005.00000002.1133415880.0000000000E1C000.00000040.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                            • Associated: 00000005.00000002.1133415880.0000000000F5D000.00000040.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                            • Associated: 00000005.00000002.1133415880.0000000000F62000.00000040.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_dd0000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID: AllocVirtual
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID: 4275171209-0
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 35b7d4ef47345f37cf6ec0fae50bf5a484ebd852bbdeee7a6297b4e6ecaf4968
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 4ef2b7e1195db2c0987c99dd2a9b2ba27161a28be345fb5f76db302f5e0c440b
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 35b7d4ef47345f37cf6ec0fae50bf5a484ebd852bbdeee7a6297b4e6ecaf4968
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F5E0E2B670420CAFDB10DE8DD984BBA33DDAB88320F188011FA09DB244C274EC10AB65
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659CDBC Relevance: .3, Instructions: 286COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 1a1cbb76ec8c76e49cbf9f194b055c6005a635f6a1044e6e531f717fa64ef607
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: d7ca59bf30b212ee3bb44ff1def2a62d0d5d1a215ec9790205f06c21661d1fe2
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1a1cbb76ec8c76e49cbf9f194b055c6005a635f6a1044e6e531f717fa64ef607
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BBA1AD31A002498FDF54DF68D8647AEBBF2BF88214F188569D406EB391CB79D845CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659D284 Relevance: .3, Instructions: 280COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 3aa1b1ef27be3504e68af28f12bbc93d26ace22b53b32fe9c28ec782b4387633
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 989dfdf1c904cb82b8c2f5216e014d98963b4847dd67aa827484218a95280ebb
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3aa1b1ef27be3504e68af28f12bbc93d26ace22b53b32fe9c28ec782b4387633
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 41B14970E006099FDF50DFA9C9857AEBBF1FF88704F148629D819AB290DB749845CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659641C Relevance: .3, Instructions: 271COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 7285ea339c2d2d837c7da6e24c01768b45c61d8d43cffc922b738131fa067bf1
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 10323721319f9e11155a00e8dda43ce92b425fb7631f25b343137782129c5b85
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7285ea339c2d2d837c7da6e24c01768b45c61d8d43cffc922b738131fa067bf1
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 38B139B4A00204DFDB59CF64D898A6ABBB6FF89314F148969E416DB351DB30E841CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659DB54 Relevance: .3, Instructions: 265COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: de9a5185440da8ab09a5f0bfb380d8ffdcbe9046deca4e347729ad0d326f94e2
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 669942d4f3c912632716e604260af83041f3093a4801dd11719c6a8995d1015b
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: de9a5185440da8ab09a5f0bfb380d8ffdcbe9046deca4e347729ad0d326f94e2
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 28B14A70E006098FDF90CFA9C88579EBBF2BF48754F148629D814AB394DB749885CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06593234 Relevance: .2, Instructions: 199COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 230523a229b5a172d06363f3003148f16b7977c01121d9e6be53f3c90ff1ab04
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 8cb2c0c7000c5729f2a6fa4667eda864fecfdd86cc7e7a10e7ffe9be8d12e4f0
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 230523a229b5a172d06363f3003148f16b7977c01121d9e6be53f3c90ff1ab04
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 60614A32D04255DFCFA5AB78C8A8ABEBB72BB45340B054477D8519B391CB244C45CBF2
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 065948E4 Relevance: .2, Instructions: 196COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: e7e925c32c5d52eeba26e4a09cb456c9fb11e68bd9481e08ae28bf144fbf4f66
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 97ccd284050c12cc540601c944a6e5169279d4a8d637ab043285e079d592df5b
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e7e925c32c5d52eeba26e4a09cb456c9fb11e68bd9481e08ae28bf144fbf4f66
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7B71A131E006199FDF54DFA8C8546ADBBB2FF89300F15856AE406BB390DB709D45CBA0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659D8CC Relevance: .2, Instructions: 182COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: e607d35c9088ca6c5e8346e3d1cd2e20e8b4e7d3f556d026cabd5d033bd92d59
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: b3888463cf594479bf49ddbfa4b9d70f4eeedffdafc72e3eaec8a2033237e0fe
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e607d35c9088ca6c5e8346e3d1cd2e20e8b4e7d3f556d026cabd5d033bd92d59
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7A7169B1E046499FDF50DFA9C885BDEBBF2BF88710F148229D814AB254DB749841CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659D8D8 Relevance: .2, Instructions: 180COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 42a6242967ecaa70061bd154f09c9dcecec119ff5525ed5dc6c52a224da54839
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: a9af0ec27d6ac30f13f26800ea535a596e1561d6a199a5467dbe3f64ba0cb200
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 42a6242967ecaa70061bd154f09c9dcecec119ff5525ed5dc6c52a224da54839
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 277158B1E046499FDF50DFA9C88479EBBF2BF88710F148229D815AB254DB749842CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06596D4B Relevance: .2, Instructions: 179COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 5cb4021f4c89292ec58a4621f7c4b4267e5aa29b16161b7c0485fb39171cfa61
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 21d19d665b35f82fe5a7754107083c401d6a7fa093ca4bff85e947151f2b52f0
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5cb4021f4c89292ec58a4621f7c4b4267e5aa29b16161b7c0485fb39171cfa61
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 34513074310258DFEB05A7B8E42876E37AFEBD8700F20846AA406E3794DE799C5197B1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659EF02 Relevance: .2, Instructions: 174COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 26e407dd9d08dc8bdd4ad9149c3020b3b4511ce6a382760c64295d9709174b1d
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: b7f5ae3cc64d698bafe5cbde19b41a2b7198acae9dbeaf4311a13ae5e29d7548
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 26e407dd9d08dc8bdd4ad9149c3020b3b4511ce6a382760c64295d9709174b1d
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A5618B74E00205DFDF69CF68D854AA9BBB6FF85310F14896AE416DB251D730E881CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06596D58 Relevance: .2, Instructions: 172COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 262d2ceadd742c996dd7142ed9088c73a720927447fda49fc05663fa9ac82665
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: d4ae5b35ced74c216e3e4e72ede101540d68385d3626245202fb99ace661515e
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 262d2ceadd742c996dd7142ed9088c73a720927447fda49fc05663fa9ac82665
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9A511D74310258DFEF05A7B8E42876E379FEBD8700F20842AA406E3794DEB99C5197B5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06595E58 Relevance: .1, Instructions: 113COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 7caccdbc45254af455fbe2068d2d33fab6f45e7f337d82b7762fc047493320f8
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: e01e42065ec26ae35b0955e86a294e0265733c2f5c36bcdf00e3e77c0e906d25
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7caccdbc45254af455fbe2068d2d33fab6f45e7f337d82b7762fc047493320f8
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CD414271E0121A8FDF40DFA9C844AEEFBF4FB88210F10842AD815A7350EB74A905CBA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06597CB0 Relevance: .1, Instructions: 102COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: e33885770e2fd5fd250ddb7822355319df4f590caf115e70fec0775fefeb0202
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 0e4823b707612599d0d24d442d47a9f7ec651a967cf686bebfe4a4a08d3c5f28
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e33885770e2fd5fd250ddb7822355319df4f590caf115e70fec0775fefeb0202
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4B315C70E1020A8BEF54DFA5C9107FEBBB5FF88304F14846AC415A7290EB758A05CBA5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06595D40 Relevance: .1, Instructions: 102COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: bf1f75bc24f85a603cdb1ea4dea8f8e05cbc8eac4b2ec69e6ea5df72496fb268
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 9d986636b11805fda94773a086e87c8a557b8cb25d3c0ed4df81bffd35a0c2ea
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bf1f75bc24f85a603cdb1ea4dea8f8e05cbc8eac4b2ec69e6ea5df72496fb268
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BA31B235E0070A8FCB51EFBDD8505AEBBB4FF89310B14826AD545E7250EB31D951CBA0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659370C Relevance: .1, Instructions: 100COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: de49b9d497cf2e280d9c4b6740332bd39e1515c4d5d519aef5cf66e9cbec81d5
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ca6a4435ca3b1b6db764cd2986e58805c353501ffc07bfe3d73ad0e814bddd13
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: de49b9d497cf2e280d9c4b6740332bd39e1515c4d5d519aef5cf66e9cbec81d5
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3941AEB1D01209DFEB24CFA9C584ACDBBB5BF49304F25856AD408BB250D7756A4ACFA0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06596A49 Relevance: .1, Instructions: 100COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: ad2b15bfdc3f0c8c9a6715b39815c5ca961c6d6d5188e1399dfbd515792ab427
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ec8f8d0b4f5bb9934f8810268a43038e10685eddd131346d9cfd01429c170e28
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ad2b15bfdc3f0c8c9a6715b39815c5ca961c6d6d5188e1399dfbd515792ab427
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8531B235B042689FEF55DBA8D8607EE7BB2ABC5260F1041AAD406E7390DE344D05C7F5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06597B20 Relevance: .1, Instructions: 97COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: a8682b5dadbe3560787d43a23c1adfb0790b5f839077820341e71caa35d42fb0
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: a4cd2a4c8c3752a63519e4119b925b6f2c69369cd3ffa9b5aeb40f161697f7ef
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a8682b5dadbe3560787d43a23c1adfb0790b5f839077820341e71caa35d42fb0
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B031CF35B102449FEB14EBB8D4646AE7BB6BB88204F1080AAD516E7390DF75DC04CBA4
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06593718 Relevance: .1, Instructions: 96COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 359310ee0bc80640f36efbcd8961a35ce42b50ff85948e603379f59642336a79
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: af5ff2c4fbb75ea18d624f6a92d238ee6d37acc0e4d21f578c8586d465dfce2b
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 359310ee0bc80640f36efbcd8961a35ce42b50ff85948e603379f59642336a79
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F441A0B1D01209DBDF24CFA9C584ADDBBB5BF48304F25852AD408BB250D7756A4ACFA0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659B39D Relevance: .1, Instructions: 94COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 536e58284f9f15a5a3cc06050f693203d46fa37680fa42bf769ed1592bbac8ae
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: b505bb7315848de62bf7ca9ab5ee73d3cb81235f6c90d783a3d6f77781f65f76
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 536e58284f9f15a5a3cc06050f693203d46fa37680fa42bf769ed1592bbac8ae
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9041E171D00349DFEB10CF99D894A9EBBB5BF48304F148529E819AB250DB75A945CF90
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659A3A5 Relevance: .1, Instructions: 92COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: c6fbbc240d3eb0bbdc475649eef018b5fded88354a1d23c83e4604804a9f11ef
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 5c6ae8228f7db4d509d58c422c45c3cba341b18e250321d89058e8735de29d6c
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c6fbbc240d3eb0bbdc475649eef018b5fded88354a1d23c83e4604804a9f11ef
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B43138B1D002498FDF54CFA9D8497EEBBF1BB48314F14812AD859AB240DB789481CFA5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659B3A8 Relevance: .1, Instructions: 90COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 113a23beacaa038717c7f02dda7ba60dd11ee5eefe854b1739592562d0ebbd2d
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: f44dacd6eefcbee6cd2119ed171c56a12d04be3d0f3e89174675025b160b7111
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 113a23beacaa038717c7f02dda7ba60dd11ee5eefe854b1739592562d0ebbd2d
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AC41D1B1D003499FEF10CF99D884ADEBBB5BF48314F108429E819AB250DB75A989CF90
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06597A14 Relevance: .1, Instructions: 89COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: b7445b08956e32d6c88482ab48bdb9fc607c5e7566ea8e87eeef36e015e3f60e
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 208ab42a896225339b0367194c00bcb14356cd5950b72b02925005f2e24d9f77
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b7445b08956e32d6c88482ab48bdb9fc607c5e7566ea8e87eeef36e015e3f60e
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 553116B0D042499FDF54CFA9C8497AEBBF1FB48314F148529E859A7240DB789881CFA5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06593600 Relevance: .1, Instructions: 85COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: ea36dac45f38e4cb8517cca2211d80a18aa75cd910d3997fa4de9bf20a92f72b
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 22ea32d0530aed7a09e07a12d4da97928afacd4fc518cb497144bc78ad55f85b
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ea36dac45f38e4cb8517cca2211d80a18aa75cd910d3997fa4de9bf20a92f72b
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1F31B432A057458FCB50EF78C85459ABBF2FF8920871588AAD506DB761DB31EC0ACF91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 065931FC Relevance: .1, Instructions: 79COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: a05cd20ab4ca6de0592a703e4b03396f237b3725b0e9b33499ffb1a1ee443b79
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: e0842c92ca4c5879e7de263ad9adabaf7e3f5d9f314163762d73861f28898231
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a05cd20ab4ca6de0592a703e4b03396f237b3725b0e9b33499ffb1a1ee443b79
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C021B330A09348AFCF41DFB8CC569A97FB8EF4620071444EAE845C7252EA31DD15DBA2
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06597808 Relevance: .1, Instructions: 78COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: aa8b5579e9df67f1888e4dc71f3143dc4156e5aeb56fc6fad4723c5dcc8a7b69
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 16efec4e0ef423843e1d9e6fe3ec4aeda17002efcd2f539350a2257a190d3bd3
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: aa8b5579e9df67f1888e4dc71f3143dc4156e5aeb56fc6fad4723c5dcc8a7b69
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 662181323002088FDB54EF28D49595AB3B7FFD421470489AAE506CB271DF30EC45CBA5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02CCD044 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1135963608.0000000002CCD000.00000040.00000800.00020000.00000000.sdmp, Offset: 02CCD000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_2ccd000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 06389ff09a9cd6869e00cfe66ec3e73a73974f63380d705ca363ee172738f032
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: f0abea931014a4ca1eb8b605cbd38642c3bf0b233c4bd76dde5aac0ec09b1df5
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 06389ff09a9cd6869e00cfe66ec3e73a73974f63380d705ca363ee172738f032
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6121CF71504244AFEB14DF18D980B26BBA5EBC8224F34C57EE84A4B246C376D546CAA2
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02CCD1F4 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1135963608.0000000002CCD000.00000040.00000800.00020000.00000000.sdmp, Offset: 02CCD000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_2ccd000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 098d3a0f0925f75405fb0592f46cf54de8a9d4716ab42d30b9ba7656e9de3502
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 5e28cd9968d7e28a90f4d4d66b67c4a266aca67649ada554593e1c02570565e9
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 098d3a0f0925f75405fb0592f46cf54de8a9d4716ab42d30b9ba7656e9de3502
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E321F571A042409FEB15DF10D9C0B26BBA5FB84314F30C5BDD84A4B259C336DC46CB61
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06597030 Relevance: .1, Instructions: 68COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 674478bed65a413d7b41a6e663c4b278603afe0721171824e4d0f22712a5936f
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 3ebd66edc4861433b8972925c683ae1fe3612651ab5b49c65932889ac6760737
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 674478bed65a413d7b41a6e663c4b278603afe0721171824e4d0f22712a5936f
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6C216875A11205CFDF54EF70D9646EEBFB2FB88714F14042AC406A7240EB364845CFA4
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06596BB3 Relevance: .1, Instructions: 68COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 0f40e830344ade34a066ab06ed4edd12f4fc96644e434f9d65490043c40e6684
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ceb85acbcc36c5ecda37554e2b6986033f69ddf6c2e70ee47c590974979e675b
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0f40e830344ade34a066ab06ed4edd12f4fc96644e434f9d65490043c40e6684
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4621F2B5C012099FDB10CFAAD984ADEFBF4FF48310F24852AE859A7350D374A944CBA4
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659E051 Relevance: .1, Instructions: 67COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: c31d42b5ddec1abf5901fa53f799aa3debdb1976cba57cccfa771d7baa371036
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 42c9643e72b65ca4ba106e9e555b43e8933c28cc618a45cf7a688e488b29071a
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c31d42b5ddec1abf5901fa53f799aa3debdb1976cba57cccfa771d7baa371036
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8821C035E002099BEF50DBA8E8167AEBBB1FF84708F004465D410E7290DB759509DFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06593438 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 5c1bcb1bdd1ea9f60c03fed452fb0347fbafa57b2a6779d0a37b2af510009468
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 607299d602c2c5bb9299d13745962c117780fde74f9295f80f2a71ece496e022
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5c1bcb1bdd1ea9f60c03fed452fb0347fbafa57b2a6779d0a37b2af510009468
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 98110632E14218AFCF05DFB5DC049EE7BBAFFC5210B4585A6E515EB251EB346904CB90
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06593F34 Relevance: .1, Instructions: 65COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 20f535b0cc36ab6fc4f37c3a467b8821996a89443bb068fde0a340e2ca6c084d
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: c5c2a507fc255e0fe5f13bb1e227534165499f72e9656694eecd4657e593b0d0
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 20f535b0cc36ab6fc4f37c3a467b8821996a89443bb068fde0a340e2ca6c084d
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 13116A1160E3C01FD3139B789CA56697FB29F8B10430E45EBC9C1CB2A7CA19980AD763
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06597040 Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 796b250a38fef0051e799c9d9bdf944195a8ec3322909a71a5ca2dd49d1794a1
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 492ea990d3006c5877f1cb1060e5554b8e08787f085b541b15ac18f1ebaf9fbf
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 796b250a38fef0051e799c9d9bdf944195a8ec3322909a71a5ca2dd49d1794a1
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E3214734B11208DBDF94EF74D9686AE7BB2FB88714F14446AC406A7280EB369841CFA4
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06596110 Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 64fb9c81cd4a143d63ff0577ef7a161f262f36b8163ce998583b0d6a9e3c023a
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 8f451adbe999c0a8f47e4fdecda0483e1b5d6b18839a4dbc577e73995fb09580
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 64fb9c81cd4a143d63ff0577ef7a161f262f36b8163ce998583b0d6a9e3c023a
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0021E3B5D012099FDB10CF9AD984ADEFBF4FB48310F20842AE859A7200D375A944CBA4
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659E180 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: ef57ea1c1155e6a62de385c4a6d214e2ceaab0697841eb702efbda66735665ad
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 983b481a1f32cd0fe8b8d208c00c5bf758ba792d56deeaa187bf7312cf67ad54
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ef57ea1c1155e6a62de385c4a6d214e2ceaab0697841eb702efbda66735665ad
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 82115C3090020ADFDF68DFA9C855AAEBBB2FF88310F248569C001B7394DB749941CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06592FFC Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: a578c612ad7f5161e35bcc06279f87ae4b7e83649ee199aa221c96a1eb5a9f22
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 1146eacc927335c3b14f5652cd9838cf5cf31d85dae2e2cca4495baf737cfdea
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a578c612ad7f5161e35bcc06279f87ae4b7e83649ee199aa221c96a1eb5a9f22
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EE21F2B58002499FDF10CF9AC884BDEBBF4FB49310F10842AE919A7210D378A955CFA5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659640C Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 5e4734d1d18a83fe8e22fb0a73567c4a71ba1536cc65ac718c790dbda875cd9a
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: a9c8ff7c2cdd954d347e807831a9ec717e1ec183dca217fa10442e94a47c6689
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5e4734d1d18a83fe8e22fb0a73567c4a71ba1536cc65ac718c790dbda875cd9a
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0101A131B002159FCB44EB68D4A4A2E77AAFFC9654F1045AEE106CB361CF71EC01DBA8
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 065934F8 Relevance: .1, Instructions: 54COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 403b5f9b47f95d1ef78f8cf49c8afb1bdb8b2e2424f7e1de750f1dc9780c5ff5
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 83b3bf053c3dc2031413ed0b0c59a544d2f5fe2357deb2ca5b57d8af5d405f0e
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 403b5f9b47f95d1ef78f8cf49c8afb1bdb8b2e2424f7e1de750f1dc9780c5ff5
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C52103B5C002499FDF10CF9AC884BDEBBF4FB49310F10842AE958A7210C378A954CFA5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02CCD03F Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1135963608.0000000002CCD000.00000040.00000800.00020000.00000000.sdmp, Offset: 02CCD000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_2ccd000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 3586c015d0e5e623ae391c4d7fe80f55f3446c9b896a6d01ebf0d71509ed8d88
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 9269d97ed83c119a98c7ccdc72e4dae08d311965f6eacdc74ecbfb0faf2cad04
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3586c015d0e5e623ae391c4d7fe80f55f3446c9b896a6d01ebf0d71509ed8d88
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C8119D75504284CFDB12CF14D9C4B59FBA1FB84324F34C6AED8494B646C33AD50ACBA2
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02CCD1EF Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1135963608.0000000002CCD000.00000040.00000800.00020000.00000000.sdmp, Offset: 02CCD000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_2ccd000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 24b986c293b76f43647e5a6542cab87a0f72804c36a9ab50d54beaa8ae0cf00b
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 30f76dbc6263ad93541a03183efafc155759a7bcf28bae3a7cbd50083380ae4a
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 24b986c293b76f43647e5a6542cab87a0f72804c36a9ab50d54beaa8ae0cf00b
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CB119D75904280DFDB16CF10D5C4B15BBA1FB84318F34CAAED84A4B65AC33AD95ACB61
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06597A36 Relevance: .1, Instructions: 52COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 19a756ebb43c986913d42bbb44f96a7e6d188e076b165cb50b99cd84a6261d92
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: fba09be82466ece58b443eb94bbab88457547de9e864786ff16d2c1fd4f65837
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 19a756ebb43c986913d42bbb44f96a7e6d188e076b165cb50b99cd84a6261d92
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8A01D2357002159FCB44EB68D464A6F77AAEFC8254F1041ADE109CB361CF71EC01CBA8
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659EA91 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 0402f37a1e6354978ab0ac97c4dff18e4dad4f52a5047471739ccb16436ccbc4
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: e2ab368adc202829750b6762980265d98ea40e6709877bcef8a559f94ac9fff6
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0402f37a1e6354978ab0ac97c4dff18e4dad4f52a5047471739ccb16436ccbc4
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9201B5326003449FDF61DF24D845A95B7B6FF8122570985AAE4068B272DB30DC4ACFB2
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06595DB8 Relevance: .0, Instructions: 48COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: f7b039cc2f933ecae896ad2e3e92469f9c4cad50830d845ccb2d5b25c6a25300
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: fe8df43aba93591f3f8a0a8345a437baffe712ab704d0ea954389e9d0e06bc32
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f7b039cc2f933ecae896ad2e3e92469f9c4cad50830d845ccb2d5b25c6a25300
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2A11C831D0070A8ECB51EFA9C5405DEFBF4FF48310B11966AD558B7211E730EA91CB90
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06596C81 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 3a28a9d46c71a16f348b655e342c367d63aa05216fcafb1a70ffe398792a2972
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: b28826d1ffd73994b0850fd2f9c06981d5e4c280df59c0b51751a263a3bbbc38
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3a28a9d46c71a16f348b655e342c367d63aa05216fcafb1a70ffe398792a2972
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 66116974A01208CFCB40DFA8D9909AEBBF2FB89301F148866D814D7345EB35DD46CBA0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 065935A8 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 78af43b4f065092d6acf3aafd9be62e92130a17306376613616ab6c190f98c39
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: c56b526b63e9515f98b73821bd36976fc8be47479eac435394586aa3a24f2001
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 78af43b4f065092d6acf3aafd9be62e92130a17306376613616ab6c190f98c39
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 73118B72904209CFCF50DFA9D81439EBBF1FB48214F14859AC809A7211E679AD45DF61
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06596C90 Relevance: .0, Instructions: 42COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: baf2ea5bd9721bf2a6a0a6f199dd07e9e4569a3e48dbc85625c5f01e945cb864
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 924006ba6c0d156d8694a888ce04d50873f5e65d1a61d6781459d80d79155bf2
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: baf2ea5bd9721bf2a6a0a6f199dd07e9e4569a3e48dbc85625c5f01e945cb864
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 18017875A01209CFCF40DFA8D9909AEBBF2FB88311F248869D81497344EB35EC45CBA0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659F2B6 Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: cb70d749bbef4c1be5c6fceffeb5605fbf63206068ca67bd6381649881523520
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: df4cdc0645c3380c847c686e319d8a36d30ade1b4c0bdc054a79986b1d6b7035
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cb70d749bbef4c1be5c6fceffeb5605fbf63206068ca67bd6381649881523520
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 39016236B00104CFDF44DAA9E95479CBBB2FB88228F144459E811E7364CB35DC41CF64
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06597AC9 Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 157fc8bebc626ddc7572f1c9101d661c2c752964c2c39a0b58b5fa8078e19b62
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 401542ccb893c0899e5c26efecb3019acd9c07e037341836a6eaa2155c22988c
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 157fc8bebc626ddc7572f1c9101d661c2c752964c2c39a0b58b5fa8078e19b62
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 80F0E92B31D3D40BCB05527538641DABFA9DACE03130800FBD185C7246D911DC0BC3B5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659342B Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 87d5cef369c08063409cb245bad1b773a86628b40347089ab9ca33687c87be04
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: e977b2f4b5b54cd01b903de639c1dff101b5e8cf1e54bfe79a8cdc841d402eba
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 87d5cef369c08063409cb245bad1b773a86628b40347089ab9ca33687c87be04
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A3F0AF32A04248BFCB45EF59DC00D9A7BBAEFC9214709C0A6E818CB221D730D9058FA0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06595D31 Relevance: .0, Instructions: 34COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: ea05eec50577ac0800358e49cea91ee17facea0842573d7cc134fc3f3f1a80db
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ace86b3a3cc887b4abf843a59973ef72e97a990b0d9e0b4e39353095d6ffedfc
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ea05eec50577ac0800358e49cea91ee17facea0842573d7cc134fc3f3f1a80db
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EEF0EC333452115BD7169E6DDC14A7B77A9EFC5610B08407FE904CB290D722DC03CBA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06597B0F Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: cf90d246ca4c6aafcdd5f3a969d790ed8d5a30a0d33cc9ea4e7697fd80d289a1
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 4b4d96339e6bcb6d12bf19e07396c2f9d6dcaab0a3f58cafb895a16d94c72820
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cf90d246ca4c6aafcdd5f3a969d790ed8d5a30a0d33cc9ea4e7697fd80d289a1
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1AE02B32B1424457DB2095B9E9645DABB79DB88120B0441BAD51893282DB30951887E0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659F3DF Relevance: .0, Instructions: 28COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 578d1d84718fdc9994bb7e9b64c352aa81fbb67752aabd54d8eb72fef0aae07f
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 0eafb1bbd1dfcb4417c05ebd29335e054b39eb45041db5e96afdaa30a9de3ce0
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 578d1d84718fdc9994bb7e9b64c352aa81fbb67752aabd54d8eb72fef0aae07f
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EEF0E274E002298BEF14DF94C684BADBBF1BF48610F144499D845BB281CB749E81CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06596A18 Relevance: .0, Instructions: 28COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 4a25fc3493ce3e3299571efb373fa377339f8ee55640a3633b64d3bdb8feb95c
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: aee4e7408e44ce83b69d74a1b0061e64394c99463e58636e257e41a76e65f894
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4a25fc3493ce3e3299571efb373fa377339f8ee55640a3633b64d3bdb8feb95c
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C5F0A475955229DFEF54CF84C954BEEBBB1BB88310F208419D4057B254DB745E48CBA0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659F2E8 Relevance: .0, Instructions: 27COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 7a40a7b158ffd27afc4d9e01888e4d7cbb9ed2590bc49b21b4a5dbd6ceed6249
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ba68fc1d7053289915f49608d09a5d3283980d66e360322d459699a2b50903c5
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7a40a7b158ffd27afc4d9e01888e4d7cbb9ed2590bc49b21b4a5dbd6ceed6249
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 85F0203260A2549FCB02CBA4E480AEDBFF0EF49214F1800E9D9468B262C73A8802CB41
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06593C98 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 27f99d63ee71e1ba64bc6c4eede3352d45ce275fa6727687605b50be0d281983
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 85085efd5b7ee39b884d5b739739f133f9ec7255bc565d1b2b18146f5d2dd80a
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 27f99d63ee71e1ba64bc6c4eede3352d45ce275fa6727687605b50be0d281983
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 75E04F31405649BFCF01DFB8DC42AD97F70EF4B300B04859AE9405B121DB319065EB92
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 065935B8 Relevance: .0, Instructions: 19COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 70452caa0fcd80aa3837b894b6c9bf3159db1633d6ca3564dbabe8beb5d8584a
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 09e90951bad1717d1ecd0bc4372e7deff4d50a916b8d6c3aebce11bfe98a8ffb
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 70452caa0fcd80aa3837b894b6c9bf3159db1633d6ca3564dbabe8beb5d8584a
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 28E08674901209EFCB00EFA1D51445EBBB6FB48205B1045D9DC0593304EB319E04EF61
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06596FF7 Relevance: .0, Instructions: 19COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: cba83946c95b9aab78de3a70f0288135bc9f78e8c10f2983087b19067108edb9
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 5177ba09851d57634d112cd534389466d470439dd957c10991f64faca12bb4bd
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cba83946c95b9aab78de3a70f0288135bc9f78e8c10f2983087b19067108edb9
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0FD02E326042908FCB0787B820482DEBFA88B8A25033411C2D085C3303C72A8D07CF61
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06593CA8 Relevance: .0, Instructions: 13COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 97803080641532b6ee7dc735e84ce4f5b10d1bab6209b53eec55d2c08543b4f4
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 354c360dd46fdf7e7915792b48e2864f7a1bf4c65dd1efa8526094b10ddd50e6
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 97803080641532b6ee7dc735e84ce4f5b10d1bab6209b53eec55d2c08543b4f4
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4DD0923280060EAACF41AEA4DC0198A7F69EF16640F004116FA0426021EB3291B4ABE2
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 065932E0 Relevance: .0, Instructions: 9COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 76dfd2721251115af25c28f52fbc7061b29356773e38b75bdbe3b79156f9f56c
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: f512959744213713c859ba63d3cfe7d18aa4563cbf4ec6cb363169d29a0fbac9
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 76dfd2721251115af25c28f52fbc7061b29356773e38b75bdbe3b79156f9f56c
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 75C012B00016408BDF149F1886481143B60FB9131CB300A8D9029891D1C777C547D7D6
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06593FF6 Relevance: .0, Instructions: 6COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 2e97bdb3da21c0929079beea7d72581b86a245180cd2518b723878120c373670
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 7c944258325bee01a3483e46ecbab339e9bd76a2bb5505c3f2399350426450d4
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2e97bdb3da21c0929079beea7d72581b86a245180cd2518b723878120c373670
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FEC04CB44016018BCF18DF15D2482407A61AB50328B30028DD0684A1D2C776C547DBD1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                                                                                                                                                                                            Function 02D1EB68 Relevance: .3, Instructions: 315COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1136150731.0000000002D10000.00000040.00000800.00020000.00000000.sdmp, Offset: 02D10000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_2d10000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: e10951debe363ae0e6d7f5ee468e41407ff2ef50da4e19ab88c7130ee34fa6e4
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 8ab87cd65a36b7cd35d41570f0594092f8342b3afedb26d855b2b16791ea8f26
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e10951debe363ae0e6d7f5ee468e41407ff2ef50da4e19ab88c7130ee34fa6e4
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 451272B2C01B479BE710EF65E94C1897BB1FB46318B904309D2E12A6EDDBB8154BCF48
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 065957E7 Relevance: .3, Instructions: 277COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 437b319adc946f44867e02d998dadbd55e11573e3e4fd497ef57525e8fb032dd
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 3f19f0d699d0977c1af2da9f61d040b8bd1f3c2f9fce59ba99201eab0796316c
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 437b319adc946f44867e02d998dadbd55e11573e3e4fd497ef57525e8fb032dd
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D8E1DA31D1075A8BCB11EBA4D9A06AEB7B1FF95300F108B9AD40977211FB71AAC5CF91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 065957F8 Relevance: .3, Instructions: 264COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 47fcedfaf2d651c4793c76675112097ee5fa78e4c18e80df2db7c74b0a939496
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 50b0f5f250fecbdcdaa5d183901fc0825bcd99e0ce61075d9737c247ca6ef1e0
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 47fcedfaf2d651c4793c76675112097ee5fa78e4c18e80df2db7c74b0a939496
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1ED1C931D10B5A8ACB10EBA4D9A469EB7B1FF95300F108B9AD40937211FB71AAC5CF91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 0659CF48 Relevance: .2, Instructions: 238COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1142536237.0000000006590000.00000040.00000800.00020000.00000000.sdmp, Offset: 06590000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_6590000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: e0fe3c8290feac0ad436014b4af52498a4f67b00c977d8a299c1a41c65069222
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 7a80147526cb462491abf51b4ef469c334368681b9921acdcdefc111983c3b5b
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e0fe3c8290feac0ad436014b4af52498a4f67b00c977d8a299c1a41c65069222
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9B916C71E006099FDF50CFA9C98479EBBF2BF89304F148629E815A7290DB749946CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02D1EB57 Relevance: .2, Instructions: 227COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000005.00000002.1136150731.0000000002D10000.00000040.00000800.00020000.00000000.sdmp, Offset: 02D10000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_5_2_2d10000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: bae954974ab218692a6be7f81fe3100c5bcdae0ea7a77b2b86abd7921a44a060
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: c7e6d35e400f3770129faf775bfe4e1ad2141d19e85ee3942e183c4b7db5b061
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bae954974ab218692a6be7f81fe3100c5bcdae0ea7a77b2b86abd7921a44a060
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4EC1F8B2C11B479BE710EF65E84C1897BB1FB86324F504709D2A16B2E9DBB8154BCF48
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                                                                                                                                            Function 02FAD044 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000019.00000002.1895228158.0000000002FAD000.00000040.00000800.00020000.00000000.sdmp, Offset: 02FAD000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_25_2_2fad000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 22fb5443345c232d895ced4fd059cdbc61207a0d22bae8be0d3a28f5d1e942ce
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 1710b57e9bb6e54a62131dbeff4e3fb59cd7edeb7e129ead3b2211fb5c9d489e
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 22fb5443345c232d895ced4fd059cdbc61207a0d22bae8be0d3a28f5d1e942ce
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BC2168B2A04344DFEB10DF10D8D1B26BBA4FB88764F20C569D9090B64AC336D403CB62
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02FAD1F4 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000019.00000002.1895228158.0000000002FAD000.00000040.00000800.00020000.00000000.sdmp, Offset: 02FAD000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_25_2_2fad000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 0de6b0428e7361fb8315a2b629cbdbc3a9a97a5980a89a603ff2891fe4828e4f
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 861ae0c7d76f5be640f3978c42213846bea24d39a398cf463795c42dda1f9faa
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0de6b0428e7361fb8315a2b629cbdbc3a9a97a5980a89a603ff2891fe4828e4f
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5D2107B5A04240DFEB15DF10D9D0B26BBE1FB84354F20C56DD9094B651C336D846CB61
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02FAD03F Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000019.00000002.1895228158.0000000002FAD000.00000040.00000800.00020000.00000000.sdmp, Offset: 02FAD000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_25_2_2fad000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 3586c015d0e5e623ae391c4d7fe80f55f3446c9b896a6d01ebf0d71509ed8d88
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 481579691f3a4a631d71c48709814b4eaa8306a7eb0222bd726742a38fad8f44
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3586c015d0e5e623ae391c4d7fe80f55f3446c9b896a6d01ebf0d71509ed8d88
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9711C4B5904284CFDB11CF10D5D4B55FF71FB84724F24C6AAD9494BA46C33AD406CBA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02FAD1EF Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000019.00000002.1895228158.0000000002FAD000.00000040.00000800.00020000.00000000.sdmp, Offset: 02FAD000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_25_2_2fad000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 24b986c293b76f43647e5a6542cab87a0f72804c36a9ab50d54beaa8ae0cf00b
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: a2820737e9a7eecd55b84377ea2f92ac0e15586dc85248e338574860ae2da71f
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 24b986c293b76f43647e5a6542cab87a0f72804c36a9ab50d54beaa8ae0cf00b
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8B11DDB5904280CFDB06CF10C5D4B15BBA1FB84318F24CAAAD9494B656C33AD81ACB61
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34AA2F3 Relevance: 1.3, Strings: 1, Instructions: 42COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID: @
                                                                                                                                                                                                                                                                                                                                                            • API String ID: 0-2766056989
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 786ebc846f9d04172d173417373e5a3d036d678db750dbfd8430b83b00143594
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 51cfaad5d3df8b1d5f13573869a5ab8abd05b363d1e5c7c9c0da776a5db063d4
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 786ebc846f9d04172d173417373e5a3d036d678db750dbfd8430b83b00143594
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EE0136705609198EFB58DF5A8829FB8B6E0FB14704F450269E509A71F2DB60DC45D781
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34D8AA3 Relevance: 1.1, Instructions: 1068COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406654729.000000C4B34D8000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34D8000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34d8000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 01f2c1d3fbd8709689a74b4d02ad135cb676d2bdf44335f0e1587e6b21187faf
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 9cded310870c57666543c60c68ccbe1e90f0abe6c3c0c2c1baf81331490593dd
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 01f2c1d3fbd8709689a74b4d02ad135cb676d2bdf44335f0e1587e6b21187faf
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4C017D6150D64CAFFA609B2D1825F64BF91EF9B325F08029ED089DB2E1C911AC00C352
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A13B9 Relevance: .3, Instructions: 329COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 98a6e9b1ac432aedd8468cb93b9036576fb820505db49a6fcbf49475b203a9b0
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 78ebc3fc0111e591f7140304f23297d81bcdfbe9849c4153a917728782f8d399
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 98a6e9b1ac432aedd8468cb93b9036576fb820505db49a6fcbf49475b203a9b0
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6F91ADB342A94C4FF3285B2868677E137D4F7A2314F15429AE845DB1A3FB26DC478382
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A11BA Relevance: .2, Instructions: 156COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 660877a1f464d9c1225f7011a7ad5fe27e2a2c681b27d2487cdc2e2907ffd3d2
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 6aeb0653722ba38efb552c42db55b9cad4121d3c76e30e35b7b0392610c35ae8
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 660877a1f464d9c1225f7011a7ad5fe27e2a2c681b27d2487cdc2e2907ffd3d2
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A64132B392594C0EF7288B2D4C67BA477D6FBA6324F244359E459D71E3EA29CC034240
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A1ACE Relevance: .1, Instructions: 133COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 06a55ce8785b1b3eaafd5083f22009ac515a6ee2652cbe625af023f7650638a7
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 552ccd482f8e9699e752891fdfaf87c48805b3d56b16654fc15f3a31725ba0ed
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 06a55ce8785b1b3eaafd5083f22009ac515a6ee2652cbe625af023f7650638a7
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9E41863491CA0D5FEED8EB1D8855B59BBE0FB99300F444959E89DC32A1EB20EC91C743
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34DA4B3 Relevance: .1, Instructions: 84COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406654729.000000C4B34DA000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34DA000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34da000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: f3d15ec6218ae36825224a807dbd532ed06dbff0880bf43fb0c9af05a4a23f28
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: b2e0ca5f10ecb6bae62000bae3c345864261426ff7d669dd1ffd4d7f8810c890
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f3d15ec6218ae36825224a807dbd532ed06dbff0880bf43fb0c9af05a4a23f28
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 70216D2150DB459FEB499B685864B247FE1FF5B324F2542EDD489D71F3CA10DC458342
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34AC6B8 Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: bcce8514c41a0c485c0082ed68d144156076de2a403637440f219067446df436
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ab71f1c4369cc26af11f2c8b75d50581168acb5bb2c86b61ef276df9720554d8
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bcce8514c41a0c485c0082ed68d144156076de2a403637440f219067446df436
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 68219F71858E198FFBA5EF588861FA6B7E0FB15301F050299E849E71B2CB64DC528782
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B35E6AD9 Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2410233292.000000C4B35E1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B35E1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b35e1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: e76c4980bdba7643c06ed31e868c639210228ed61d60ba957a05785c2f56c0df
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 4bfb430428c2e01f086af4fb81497e29330882ce91852c6406d610a82f9daa9f
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e76c4980bdba7643c06ed31e868c639210228ed61d60ba957a05785c2f56c0df
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3921BA7161890DAFDB88EB98C458B98F7A6FB6C311F25011AE01DE3251CB71B851CB50
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A47C3 Relevance: .1, Instructions: 78COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: e3f3934fb37ae7e3e05c6071f1e6c3b5dacb29b86569961b457c6f52e03810c5
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: eee3958ae824503db73802896597fcc2afb9cf312c97503b448ebdec79338e7f
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e3f3934fb37ae7e3e05c6071f1e6c3b5dacb29b86569961b457c6f52e03810c5
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4A11043091490D0AFA98EB2D5CAAB64FBD1F785311F580B5AD809C62F2EE14ECD1C283
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A4283 Relevance: .1, Instructions: 78COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: db2e107870a266f1a48846a7cc22347eec8fefbfb5041e8aacfce261f43249b1
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 86ddd1faafe5a9e2dbd32e1b3e4b3d29c8a40b814992aef2a581e895e5372240
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: db2e107870a266f1a48846a7cc22347eec8fefbfb5041e8aacfce261f43249b1
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5C11043491490D0AFA98EB2D5CAAB64BBD0F755311F480B5BD809C62F1EE14ECD2C283
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A235B Relevance: .1, Instructions: 77COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 6d9c78dd1a42e0c0cd2a4bde7ea151f3b0cf571dac133587c560984831f6d4bc
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 7200cfe2375e31a877814c1b13ee9fbffb63515d83ac4ff0aaba8eef5c48a569
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6d9c78dd1a42e0c0cd2a4bde7ea151f3b0cf571dac133587c560984831f6d4bc
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B211E330A24C0D06F998EB3D5C6ABA5FAD0F755315F584B66E848C22F1EE05EDD6C283
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A6F23 Relevance: .1, Instructions: 76COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: b2be090a28bf8a02f4f4ba6ee57284d725014de6a5369f0487b66cb65e8cbb49
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 34467226d29a77557dcd46d7bbfca29170163cf3cfa5a6b16859368725253f86
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b2be090a28bf8a02f4f4ba6ee57284d725014de6a5369f0487b66cb65e8cbb49
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4F110A34A14D0C06FE98AB7D5CAABA4B6D1F785311F584B17D809C22F1EE04EDD1C283
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A43D7 Relevance: .1, Instructions: 71COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 1aae4630122bda657d50d928399f7669c7e30ec3c31beb2eb1fedf4caf43b3aa
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 251031e57880954bdabeb49c7acfd4fe330e4951dbe80382b0b4e64a3830b143
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1aae4630122bda657d50d928399f7669c7e30ec3c31beb2eb1fedf4caf43b3aa
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3511883481460C1AFE99A77D2C66BA8BFC0FB42301F484697C848C32F1E901ECC5C283
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A3FD8 Relevance: .1, Instructions: 70COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 7f247ca11b00365b7d4f0d117d72be5a587472473f6546df42d47aa37cbf85c7
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 9c59626b2ac708c879b5c2d0948a6b5d275af9567350ada9234b22a171400bc3
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7f247ca11b00365b7d4f0d117d72be5a587472473f6546df42d47aa37cbf85c7
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5411483491464C0AFE99A77D1C667A8BFD0E746311F48469BD848C72F1E905ECD5C283
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34D4905 Relevance: .1, Instructions: 67COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406654729.000000C4B34D3000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34D3000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34d3000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 26dd16ac508353cf9e470fb07b9406b5a225eb651a7f60fe5462af5881d7641b
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 824f0edfd3380e9614737c5be85b0c27639ca8525ff00eaf7fc431462d40f7ed
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 26dd16ac508353cf9e470fb07b9406b5a225eb651a7f60fe5462af5881d7641b
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4A115E30208A1D9FCF45EF58D8D0F947BA1FF6E314F044299E548D72A2CB21E854CB51
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A572B Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 422b7b44c5a78fc326318816701a5ca9f8ce969dad6a78599ac214d4ba7ac9dd
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 6b45bbb1a0079b50ea30d5e0ed654a23483fe714bb76572ef7f2e1af114e49a0
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 422b7b44c5a78fc326318816701a5ca9f8ce969dad6a78599ac214d4ba7ac9dd
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6501B93452451D05FDA89B6E1CA9BA4FBC1F755311F580B56D809C22F1EE05FCD2C183
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B243E Relevance: .1, Instructions: 54COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 2d81ffd07a0c489ed9e8e5eb214acd160ddd6ed7a3dfdf7fbd9c6df54ff7ac8f
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: b9ab24c902381b0ca326b94f88e648a6a11ac656a4eea07df6fd6f0c914be9e5
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2d81ffd07a0c489ed9e8e5eb214acd160ddd6ed7a3dfdf7fbd9c6df54ff7ac8f
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D401DF30508A1C5FEF589F699CA0F6877E4FB5A320F0003D9C906C76A1EB24CC468251
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34AC94C Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: ba3924b3ab26c7a82a8718a9c52d0010c9abd19269b278318f686116569061ec
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 00d8e37fb015825f21b9eb81f054ec8a1c3c54214c4ac356d18f62bb9bd7105e
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ba3924b3ab26c7a82a8718a9c52d0010c9abd19269b278318f686116569061ec
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5E11C6304486598FDB6AAF698464FB5BBE0FF15305F0902EED44AAB1A3CF259815CB41
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B245C Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 1bd96149957844e5f3815e60161424c3c6b0f0f6ba62ec4b83a8c952ed30ddaa
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: c0998139c258ecd42c1a0270c8d87d14c1cce2fff57efe1a1590ea784073705f
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1bd96149957844e5f3815e60161424c3c6b0f0f6ba62ec4b83a8c952ed30ddaa
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BB01DF30608A1C6FEF48DF08DCA4F697BE1FB5A320F100399D949C76A1EB25CC828751
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B4F6E Relevance: .1, Instructions: 52COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: c642df1eebfc104f2b525fc2fff1d294136bbb68101151ba849ff97699e232e8
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 86a34acf7387015c25e254d4e48698db947e63fe021709fb88a76fb3898557e8
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c642df1eebfc104f2b525fc2fff1d294136bbb68101151ba849ff97699e232e8
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D601B13010DA896FDB46DF588C90E557FB1EF4B310F0546CAD088CB2A3D625D864C752
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A9CA0 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: a5c7fa1023e43abe3920678b36f04a4eb571fc45128c211cd613eba8baea50bd
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 8bee34e5da4a961a116bd4659d7d0b309ff720a584ffb83b255507b5fa578aae
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a5c7fa1023e43abe3920678b36f04a4eb571fc45128c211cd613eba8baea50bd
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 94F05E3114480CBFEE449F49DC16F6ABAE6FB56311F04428CF408C6564D676DC418751
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B6AA6 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: d1421bfcf3160d71e86ced30eb445e9a2b31298076e84fe27bd7968992ae2b4e
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: b4f444c2433543ac0fe162cb9386ce9b47950e89221a18dbdee8a62213908b4c
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d1421bfcf3160d71e86ced30eb445e9a2b31298076e84fe27bd7968992ae2b4e
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7B018B3021891DAFEF54EF288CA5FA477A1FB5E300F6043D9D406D71A1EA29DC658751
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B345C Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: d5eec78ff6e56202ed214db870b61311232ce379ea59b3d2ea7aae056d5aceb5
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 98be10a79b6b5d391dad4e05b0a8ccedc9fa6d7c1920e7fffd3195bb1a8865ca
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d5eec78ff6e56202ed214db870b61311232ce379ea59b3d2ea7aae056d5aceb5
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1101783010860DAFDF86EF58C884FA97BA2FB5E350F000289EA88D7162D621D8A49B51
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34BA644 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 7ee6417556db36602a9f78b30e37cdda511be5f7029a53c19ffb87b0c21170c0
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: bbb91b87ce6771a17f376122b8c06a6f1ad9bf27e01211104bf74d7e8ea6946a
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7ee6417556db36602a9f78b30e37cdda511be5f7029a53c19ffb87b0c21170c0
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BB01F430208A0D6FDF41DF28C894F557BE5EF5E310F000199E889C7162D630DC58C762
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34AC951 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 8842a578e0642fac0ca5191bc29266dbfb836bba33af7959cebe18e05957ed64
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ebee8f4ff9556cbb2f65e0086882053ebf3057088c12507e1bb39b7eab915460
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8842a578e0642fac0ca5191bc29266dbfb836bba33af7959cebe18e05957ed64
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0101D230448B5A4FD756AF698464BA9BBE0FF05304F0502AED04AAB1A3CB219C05CB41
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B4F04 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 9966c8c0e579c30c327f684aec2ba08abad80cbdddb0cf68737c63c5f1cd891c
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 9bd148e41e57c21d0a73650dd0ac2073c0244201c117492eadc255e6e735930e
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9966c8c0e579c30c327f684aec2ba08abad80cbdddb0cf68737c63c5f1cd891c
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9501AF30209A4D6FCF45DF68CC85E597BE6EF5E310F01469AE588C72A2DB30D864C796
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B1F3C Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 8c1a12a61763644dc91c3fed4553ac67da6add6f699f25ffa9440547dd17f6b3
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 580211ec9ee95cc17387dd04a08fc5859681e26b0d97c2ede462ae58cfe2d981
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8c1a12a61763644dc91c3fed4553ac67da6add6f699f25ffa9440547dd17f6b3
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C9F0AF30508A0D6FDF44EB68D895F657BE1EBAE350F004299E988C7162DB30DC54C751
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B343E Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: ede2081f792cffd039a7f32b79eecb19edc44fc3cba743bde916e09a542b401c
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: bed0243f24eb163874a8deb8113f3fb575e403cb2e12430b8fa0c91bf05d408e
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ede2081f792cffd039a7f32b79eecb19edc44fc3cba743bde916e09a542b401c
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 44F0AF3110850CAFDF429F59CC90EA83BA1FB5E350F010295EA49D7161E625CC94DB51
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B1DE4 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: b4ed34e8e4f277902fb070f6ea8913e983810380854aa146059de8cc3c564846
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 9b19aad11964d5eb072cbbdaed42ea8232ee20c3302cec2fc0fd96ab0fb2e13d
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b4ed34e8e4f277902fb070f6ea8913e983810380854aa146059de8cc3c564846
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 75F0F03020890CAFDF40EF58C885FA93BE6EB6E350F000298E548D7161DB31DC50CB91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B90B0 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: b4ed34e8e4f277902fb070f6ea8913e983810380854aa146059de8cc3c564846
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 57b7419da1f82edd5991c4a1b5fda98afb2ad6cccf2734bd7c61fafef726c813
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b4ed34e8e4f277902fb070f6ea8913e983810380854aa146059de8cc3c564846
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FDF0CD3020890CAFDF44EF58C888FA93BE1EB6D310F000298E948D3261DA31D850D751
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B3E4C Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: e957db218d8a78cd010a72495f03bcf4d5fba673fa8520aef76bf7bee17e0558
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: d9357c46acf89d493d250212d87d9721c187ed782689186c422e1c90003ac2f4
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e957db218d8a78cd010a72495f03bcf4d5fba673fa8520aef76bf7bee17e0558
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 07F0AF30208A0D6FCF44DB58C885E597BE1EB5E310F00439AE488C7162CB30D850C751
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B1DBE Relevance: .0, Instructions: 41COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: ee2fdba2470b01007032871bb7d04d7597f7e7e990f311a63fc9bc47936b0e62
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: f13e98af0c2446610bacc080106876a50aa7394ff1b81150df84ebd561734757
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ee2fdba2470b01007032871bb7d04d7597f7e7e990f311a63fc9bc47936b0e62
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CBF0F03010850CAFDF41DF68DC94FA83BA5EB6E351F010295E908DB162DA20DC50D791
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A4403 Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 0220bc14c232e2e7036590a7422b5ccffe6f54f914d8fe23a80bd1a78546f053
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 72ebb51ffb88cb8a8a382e09c175d0f479c7d10a5525a19d3255169ad24aa032
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0220bc14c232e2e7036590a7422b5ccffe6f54f914d8fe23a80bd1a78546f053
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 10F0B431548E0D4BD744EF58EC42E91B7E0F764314F44474AE84CCB1A2EA24EAD5C796
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A4003 Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 7a11f937c98dd44513bb40ba04b2395047f4035cdffed96f9dff9b30f9c999e0
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 5f9a9a2f269c8afa8cebc1f6fa342246059469487909ad8bc2e66c637713650f
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7a11f937c98dd44513bb40ba04b2395047f4035cdffed96f9dff9b30f9c999e0
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 99F0B431548E0D4BD704EF58EC46E51B7E0F764314F44474AE84CCB1A2EA24EAD5C796
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A3DB3 Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 5abad201da465da6b97ff53656fa9b6e36388db5e58872713a651b69ba5e9536
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 8e32c3bfa43937b885577451f8172b5d9defb46d9d19284512a21aba45437328
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5abad201da465da6b97ff53656fa9b6e36388db5e58872713a651b69ba5e9536
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0AF09A31908E0D4BD644EB58A846E51B7E1F7A8314F44434AE8488B2A2DA24EAE5C69A
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B5AD1 Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 7f6acd6376ea40b9a6bb2946f273485003c5cd1408e63903e34c4659fcb80f63
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 5fa6f0709af5b9622d8602b6dba486f3b3322731dc83169814a6d522b4eb06ba
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7f6acd6376ea40b9a6bb2946f273485003c5cd1408e63903e34c4659fcb80f63
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FAE09B21B6CE480FF95CA66D3C6637472C1D799335F6402BFD549C22D2FD054C454546
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B1F1E Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 113944bd156cb80f087f6bc1553c5b841b8b1ae214386fbc1f7170f8c706410a
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 27719a953839a71eba7f3c124a3a7ed24c2da6499cae472671efc060c10c4f8c
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 113944bd156cb80f087f6bc1553c5b841b8b1ae214386fbc1f7170f8c706410a
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 61F0BE30508A0C5FDF80EB6C9894F647BE5EBAF360F0002D5D509CB162EA20DC54C7A1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B3E2E Relevance: .0, Instructions: 37COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: f8dfad9068e0ac81e7a06eec6a117011cb38cd3d1b1f500646c11e16fb423904
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 940587b7270ea468c437cd83d37641feafa0bc4427b18adf601d98d1d27b38d1
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f8dfad9068e0ac81e7a06eec6a117011cb38cd3d1b1f500646c11e16fb423904
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9AF0E23010890CAFCF40DF588C94E683BE5EB6E320F0103D6D508CB1B2DA20DC50C791
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34AC8C3 Relevance: .0, Instructions: 36COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 2c4a02d54cc71b00fc28b15ecf04d2edf28a418d1c9b16ec49b9244b11a1591a
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 8c4de05c61c7dbd8c3ae5ffc6066bc63ccb4470481363e0fc0ca148a2801cabe
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2c4a02d54cc71b00fc28b15ecf04d2edf28a418d1c9b16ec49b9244b11a1591a
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0FF01730858958CFDF19EB88D891E99B7F0FF29700F09018AE448E7262D665F851CB91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A5733 Relevance: .0, Instructions: 34COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: dfb1412b523bff5a6a25827528fcdb796282cd528ee47115c5bde5459674b251
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: dc4dfb6dab5e4d690179f0c919388d6451e0e80a02b03f79dff8baea10f72e37
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dfb1412b523bff5a6a25827528fcdb796282cd528ee47115c5bde5459674b251
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D6E02B21648D0D07D60866197C43F50B3D5D394310F448306E80CC62D3DD14EED682D7
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34E2E47 Relevance: .0, Instructions: 26COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406654729.000000C4B34E2000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34E2000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34e2000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 66c8713aa56bd8826a87cb35524ce922cf6c1b555f967a0903e4a4ae8bcf4807
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 9046f49aef1e8d33cad5e8af310c775ae3aec781e4056143aa824cffcd48db38
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 66c8713aa56bd8826a87cb35524ce922cf6c1b555f967a0903e4a4ae8bcf4807
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2CE04F7100E3C87FEB4297649C55B6ABFA8EF47310F1904CAE588CB1A3D6754C44C762
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34ABE67 Relevance: .0, Instructions: 26COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: f6ba1aaa0299452764579c7a388adb76ea53861b1ff84f7b64bf81fa4037e651
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 0f5c7bb4dfb36f800d9ee56a9060c88a0f3d4ac0af018d06448ed6d534a1409f
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f6ba1aaa0299452764579c7a388adb76ea53861b1ff84f7b64bf81fa4037e651
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CDF09231808A29CFCF29EF44E8904A9FBF1FF18311B15044EE49663011C739A821CBD1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34ABF1E Relevance: .0, Instructions: 26COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: cda836ae06e1fd7f5e6ee22b2ae10adc3aac4e22067ae203cc6e700d5c5d1480
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: b95e67f878474e071376c91c40683fcc4c97aac18eba5fec7bdb0477ec1041d4
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cda836ae06e1fd7f5e6ee22b2ae10adc3aac4e22067ae203cc6e700d5c5d1480
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 79F09231808A28DFCF29EF44E8904A9F7F1FF18311B25048EF4A663011C739A861CB91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A9DA0 Relevance: .0, Instructions: 26COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 366934058c195982f852b199ef8154ebbfc24c04a78836bbdfce13f1c1067b9d
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 1e63ec8b387220dbc097f50b59b32fbd96359c6f9ad935243953ce2ec1c1729c
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 366934058c195982f852b199ef8154ebbfc24c04a78836bbdfce13f1c1067b9d
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CDE04F3100844CBFDF40EF45DC06FEABFA9FB59350F00068CF94892150C672D4508B92
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34ABE2A Relevance: .0, Instructions: 26COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 36a5375991961d84ab9d58339c2823a8850b835857233dbe7bc392d82262887a
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: d827c018bfdfaae1697df7a003c752430e1e792213a422eb7ad9b05bdf1aa815
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 36a5375991961d84ab9d58339c2823a8850b835857233dbe7bc392d82262887a
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 04F06D31808A28CBCF2AAF44E8904A9F7F1FF18311B15044EE49663011C739A861CB91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34ABF5B Relevance: .0, Instructions: 23COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 47db5353a567c3b1d4e27bb57019bde8b3e7ddd69a3c307ffe6e3c21f92ed67e
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: a8c5af7ac4ed2c41707d285847fcbe1e2e3da59caea2b68787c20ce84ef51828
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 47db5353a567c3b1d4e27bb57019bde8b3e7ddd69a3c307ffe6e3c21f92ed67e
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 62E04F31894918CFDF289F48D8549D8B7F0FF14321F150099E445A3112CB79AC52CBD1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34A3D90 Relevance: .0, Instructions: 23COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 4d195a44b9dcf29e97cad8e2362f636781b06f9de237688d3cc15b5d51da9b17
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: bdaf7f8caeb3b2318cdc2d190064b9392f84bcbc5fcd1382021f119b6b4c1ab7
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4d195a44b9dcf29e97cad8e2362f636781b06f9de237688d3cc15b5d51da9b17
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D8D02B2144924D4FF14163A438133407B559782324F8A4093DC4C9B3E1E48649BA83A3
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34AB2F1 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: d0fabbedd4d9ad0577430638634c6d8c3513fc3ea6941848f869affa90fe25b5
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 7de9d05f227f0ead5725542017df83e29b48038fda30acf3c1c839313a7e230d
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d0fabbedd4d9ad0577430638634c6d8c3513fc3ea6941848f869affa90fe25b5
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4EE0E671854918DFDF189F44D894898F7F0FF14325B25014FD44573111C7756C16CB91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34AA94B Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34A1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34A1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34a1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: c79d6eb8411138d4ab62d908d573d4ef3615c52fe06dab773ec2d153350f3cf6
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: a6fe95e82248d707aca66a8841d84cd6862b6a74ef6d3e7aae0e8ab615db5471
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c79d6eb8411138d4ab62d908d573d4ef3615c52fe06dab773ec2d153350f3cf6
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5FE08C32804918CFCF288F84E8948A8FBF0FF18321B2A009EE044B3112CB396C12CB80
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34BBF55 Relevance: .0, Instructions: 20COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 9edaa5f1c6df505255160461d091254ecace63c5ba51855a253e81ac30a4c1d3
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 5e2990f2526ca34b31b7786374995094d098144ab4f7420a6361d67191883b64
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9edaa5f1c6df505255160461d091254ecace63c5ba51855a253e81ac30a4c1d3
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 88D05E31A0990CDFDE54AF19AD55A68FBA0FB4C320F4406D8D88DD3160EA21D9928B82
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34B32D2 Relevance: .0, Instructions: 20COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406075409.000000C4B34B1000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34B1000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34b1000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 9edaa5f1c6df505255160461d091254ecace63c5ba51855a253e81ac30a4c1d3
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ee6546fd703a72a7a56e4503302ce215b59ca1e6193134b5fa38708ece5fad83
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9edaa5f1c6df505255160461d091254ecace63c5ba51855a253e81ac30a4c1d3
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A7D05B3150990C9FDE54EF195C55B68BFA0FB4C310F441694D84DD3150DA21D8518742
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000000C4B34E2E29 Relevance: .0, Instructions: 18COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 0000001D.00000002.2406654729.000000C4B34E2000.00000020.00000800.00020000.00000000.sdmp, Offset: 000000C4B34E2000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_29_2_c4b34e2000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 03598abb42f26f9e728e18adb8e3cf547e408b57ef0722b0b48eeb7c030cdcec
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 2194a6f45360f16312b632085947bdfb9c8a04f5abf1a3f847283566ee120d15
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 03598abb42f26f9e728e18adb8e3cf547e408b57ef0722b0b48eeb7c030cdcec
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2AD0A77145410C7EFF10AB459C02F7AFB9CE745350F100688B408A2141C6718C418752
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                                                                                                                                            Execution Coverage:0.4%
                                                                                                                                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                                                                                                            Signature Coverage:100%
                                                                                                                                                                                                                                                                                                                                                            Total number of Nodes:6
                                                                                                                                                                                                                                                                                                                                                            Total number of Limit Nodes:0
                                                                                                                                                                                                                                                                                                                                                            execution_graph 5002 2549d416cf7 5003 2549d416d07 NtQuerySystemInformation 5002->5003 5004 2549d416ca4 5003->5004 5005 2549d536672 5006 2549d5366c9 NtQuerySystemInformation 5005->5006 5007 2549d534a44 5005->5007 5006->5007

                                                                                                                                                                                                                                                                                                                                                            Callgraph

                                                                                                                                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                                                                                                                                            Function 000002549D536672 Relevance: 26.1, APIs: 1, Strings: 10, Instructions: 6826nativeCOMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000021.00000002.2400304969.000002549D534000.00000020.00000001.00020000.00000000.sdmp, Offset: 000002549D534000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_33_2_2549d534000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID: InformationQuerySystem
                                                                                                                                                                                                                                                                                                                                                            • String ID: #$#$#$4$>$>$>$A$z$z
                                                                                                                                                                                                                                                                                                                                                            • API String ID: 3562636166-3072146587
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: a7beeb6ed6d4bd1c13836e24e4a4bf8602c8d7752103ee20adf8d6ea9f6b849f
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 4f1dd4efe3c6ba9352f01011ad11d0b55b8fd28d95950a6788ef9672b2897e8a
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a7beeb6ed6d4bd1c13836e24e4a4bf8602c8d7752103ee20adf8d6ea9f6b849f
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 94A3F631618E488BDB2DEF18CC866AAB7E5FB94315F50422ED84BC7255DF30E9428BC5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000002549D416CF7 Relevance: 8.3, APIs: 1, Instructions: 6812nativeCOMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000021.00000002.2397427004.000002549D414000.00000020.00000001.00020000.00000000.sdmp, Offset: 000002549D414000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_33_2_2549d414000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID: InformationQuerySystem
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID: 3562636166-0
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: d98f9daad46fc308958ed75944bb2219c0eccc505c237fb838369692ba801aee
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 41d489341f456d440e1766fe1fd9296953f769d0f213f150c470cb1c9cb38a09
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d98f9daad46fc308958ed75944bb2219c0eccc505c237fb838369692ba801aee
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 45A3F771614E588BDB2DEF28DC867AAB3D5FB59305F04422ED94BC7241DF30FA428A85
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 000002549D4058C6 Relevance: 1.1, Instructions: 1087COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                                                                            control_flow_graph 2850 2549d4058c6-2549d406f43 2852 2549d406f47-2549d406f49 2850->2852 2853 2549d406f4b-2549d406f82 2852->2853 2854 2549d406f9f-2549d406fd1 2852->2854 2853->2854
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000021.00000002.2396813186.000002549D405000.00000020.00000001.00020000.00000000.sdmp, Offset: 000002549D405000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_33_2_2549d405000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 71c86eca66c61e23666f00ad8b8f1d18d426c92f61e9a1510e333f4a7dfc96a0
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 36dad5d6af2eb2d0fb610a17287da14087138e582a5a1394621c96aeb9eca275
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 71c86eca66c61e23666f00ad8b8f1d18d426c92f61e9a1510e333f4a7dfc96a0
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0F21D47150CB8C4FD746EF28C854A56BBF0FB6A311F0506AFD089C7292D634D945C792
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                                                                                                                                            Execution Coverage:13.9%
                                                                                                                                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                                                                                                                                                            Signature Coverage:0%
                                                                                                                                                                                                                                                                                                                                                            Total number of Nodes:20
                                                                                                                                                                                                                                                                                                                                                            Total number of Limit Nodes:0
                                                                                                                                                                                                                                                                                                                                                            execution_graph 27198 2ee69f0 27199 2ee69f9 27198->27199 27200 2ee6a0b 27199->27200 27203 5f46d58 27199->27203 27208 5f46d4a 27199->27208 27204 5f46d7d 27203->27204 27213 6023e60 27204->27213 27217 6023e70 27204->27217 27205 5f46fb0 27205->27200 27209 5f46d7d 27208->27209 27211 6023e60 SendARP 27209->27211 27212 6023e70 SendARP 27209->27212 27210 5f46fb0 27210->27200 27211->27210 27212->27210 27214 6023e70 27213->27214 27221 6021c4c 27214->27221 27218 6023e94 27217->27218 27219 6021c4c SendARP 27218->27219 27220 6023ecc 27219->27220 27220->27205 27222 60246d0 SendARP 27221->27222 27224 6023ecc 27222->27224 27224->27205

                                                                                                                                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                                                                                                                                            Function 05F489D0 Relevance: 1.6, Instructions: 1585COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 811294b1ffbf10081674b1cff4dc7f99860840c0367da6540932e9cc388d123d
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: b15a3160864bccf7989e0ebbcbb8de8d199385d3c16eaa7bf2caf93bc5353934
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 811294b1ffbf10081674b1cff4dc7f99860840c0367da6540932e9cc388d123d
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BEF2F974E402198FDB54DF64D994AEEBBB6FF89300F1085E9C50AAB254DB34AE81CF50
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F489C0 Relevance: 1.5, Instructions: 1469COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: ae9489c372480fd0508ffb1591ed01fa4874641bcb99b99d5db3ce384a26a73c
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 38d4a03d70073fde1c4ed8c39ca45e8da86a97cff80c0836f53b4083e36fc677
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ae9489c372480fd0508ffb1591ed01fa4874641bcb99b99d5db3ce384a26a73c
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 88E2FA74E402189FDB54DF64D994AEEBBB2FF89300F1085E9C50AAB254DB74AE81CF50
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4CFC8 Relevance: .3, Instructions: 281COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                                                                            control_flow_graph 1874 5f4cfc8-5f4d02e 1876 5f4d030-5f4d03b 1874->1876 1877 5f4d078-5f4d07a 1874->1877 1876->1877 1879 5f4d03d-5f4d049 1876->1879 1878 5f4d07c-5f4d095 1877->1878 1886 5f4d097-5f4d0a3 1878->1886 1887 5f4d0e1-5f4d0e3 1878->1887 1880 5f4d06c-5f4d076 1879->1880 1881 5f4d04b-5f4d055 1879->1881 1880->1878 1883 5f4d057 1881->1883 1884 5f4d059-5f4d068 1881->1884 1883->1884 1884->1884 1885 5f4d06a 1884->1885 1885->1880 1886->1887 1888 5f4d0a5-5f4d0b1 1886->1888 1889 5f4d0e5-5f4d13d 1887->1889 1890 5f4d0d4-5f4d0df 1888->1890 1891 5f4d0b3-5f4d0bd 1888->1891 1898 5f4d187-5f4d189 1889->1898 1899 5f4d13f-5f4d14a 1889->1899 1890->1889 1893 5f4d0c1-5f4d0d0 1891->1893 1894 5f4d0bf 1891->1894 1893->1893 1895 5f4d0d2 1893->1895 1894->1893 1895->1890 1901 5f4d18b-5f4d1a3 1898->1901 1899->1898 1900 5f4d14c-5f4d158 1899->1900 1902 5f4d15a-5f4d164 1900->1902 1903 5f4d17b-5f4d185 1900->1903 1907 5f4d1a5-5f4d1b0 1901->1907 1908 5f4d1ed-5f4d1ef 1901->1908 1905 5f4d166 1902->1905 1906 5f4d168-5f4d177 1902->1906 1903->1901 1905->1906 1906->1906 1909 5f4d179 1906->1909 1907->1908 1910 5f4d1b2-5f4d1be 1907->1910 1911 5f4d1f1-5f4d242 1908->1911 1909->1903 1912 5f4d1c0-5f4d1ca 1910->1912 1913 5f4d1e1-5f4d1eb 1910->1913 1919 5f4d248-5f4d256 1911->1919 1914 5f4d1cc 1912->1914 1915 5f4d1ce-5f4d1dd 1912->1915 1913->1911 1914->1915 1915->1915 1917 5f4d1df 1915->1917 1917->1913 1920 5f4d25f-5f4d2bf 1919->1920 1921 5f4d258-5f4d25e 1919->1921 1928 5f4d2c1-5f4d2c5 1920->1928 1929 5f4d2cf-5f4d2d3 1920->1929 1921->1920 1928->1929 1932 5f4d2c7 1928->1932 1930 5f4d2d5-5f4d2d9 1929->1930 1931 5f4d2e3-5f4d2e7 1929->1931 1930->1931 1933 5f4d2db 1930->1933 1934 5f4d2f7-5f4d2fb 1931->1934 1935 5f4d2e9-5f4d2ed 1931->1935 1932->1929 1933->1931 1937 5f4d2fd-5f4d301 1934->1937 1938 5f4d30b-5f4d30f 1934->1938 1935->1934 1936 5f4d2ef 1935->1936 1936->1934 1937->1938 1939 5f4d303 1937->1939 1940 5f4d311-5f4d315 1938->1940 1941 5f4d31f-5f4d323 1938->1941 1939->1938 1940->1941 1944 5f4d317 1940->1944 1942 5f4d325-5f4d329 1941->1942 1943 5f4d333-5f4d337 1941->1943 1942->1943 1945 5f4d32b 1942->1945 1946 5f4d347 1943->1946 1947 5f4d339-5f4d33d 1943->1947 1944->1941 1945->1943 1949 5f4d348 1946->1949 1947->1946 1948 5f4d33f 1947->1948 1948->1946 1949->1949
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 7a9f18c33af27f72c6043194a81148d699646cede5ee3800a1a30dc88beaad35
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 648f9088f20992783bb107051ba4ab818ed6007e331eb6d33153805003ad56b9
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7a9f18c33af27f72c6043194a81148d699646cede5ee3800a1a30dc88beaad35
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 93B12D70E002199FDB14CFA9C885BAEBFF2BF88704F148129D815E7294DB789945CF95
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4D898 Relevance: .3, Instructions: 266COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 23150ace838b30b8c4425e37b8da67f5f853e2a99a982bcc86e6a038bc4f55bd
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: b6b8fea75f199715b9440fe5d8fb6af5a6af9920fbe6c8a35ba76ab2ac106e70
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 23150ace838b30b8c4425e37b8da67f5f853e2a99a982bcc86e6a038bc4f55bd
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EAB13B71E042099FDB14CFA9C8857AEBFF2BB88714F148129D815EB394DB789885CF91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06024789 Relevance: 1.6, APIs: 1, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                                                                            control_flow_graph 765 6024789-6024790 766 6024712-6024721 765->766 767 6024792-60247a3 765->767 772 6024723-602472f 766->772 773 6024731-6024767 SendARP 766->773 770 60247e7-60247ef 767->770 771 60247a5-60247e6 767->771 772->773 774 6024770-6024784 773->774 775 6024769-602476f 773->775 775->774
                                                                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                                                                            • SendARP.IPHLPAPI(00000000,00000000,00000000,?), ref: 0602475A
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045996025.0000000006020000.00000040.00000800.00020000.00000000.sdmp, Offset: 06020000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_6020000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID: Send
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID: 121738739-0
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 3d7f85d718331d6a90a4851ea1d4ab67d9cb30756f3fe92735409a74632c2e26
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 898ab6ee78136001c53c7ea511ba9103cc03b2d54e8b26fe5625721aa1eaf220
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3d7f85d718331d6a90a4851ea1d4ab67d9cb30756f3fe92735409a74632c2e26
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 22216B75A002049FDB44CF68D844BDDBBF1FF49315F14809AE9599B361C774A880CF60
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 06021C4C Relevance: 1.6, APIs: 1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                                                                            control_flow_graph 781 6021c4c-6024721 784 6024723-602472f 781->784 785 6024731-6024767 SendARP 781->785 784->785 786 6024770-6024784 785->786 787 6024769-602476f 785->787 787->786
                                                                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                                                                            • SendARP.IPHLPAPI(00000000,00000000,00000000,?), ref: 0602475A
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045996025.0000000006020000.00000040.00000800.00020000.00000000.sdmp, Offset: 06020000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_6020000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID: Send
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID: 121738739-0
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: c8be3ffb52236422e6e90fcbc76fedc66430539edecef1e65ad0b3c48ab699f2
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: c66c5cad133ff0dd643f2f024b6b5e61c4fc998966c693b9916ed41603ebcef4
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c8be3ffb52236422e6e90fcbc76fedc66430539edecef1e65ad0b3c48ab699f2
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AA21E2B59002199FDB50CF9AD885BDEBBF4FB49314F10802AE828A7350D374A944CFA4
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 060246C9 Relevance: 1.6, APIs: 1, Instructions: 61COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                                                                            control_flow_graph 789 60246c9-6024721 791 6024723-602472f 789->791 792 6024731-6024767 SendARP 789->792 791->792 793 6024770-6024784 792->793 794 6024769-602476f 792->794 794->793
                                                                                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                                                                                            • SendARP.IPHLPAPI(00000000,00000000,00000000,?), ref: 0602475A
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045996025.0000000006020000.00000040.00000800.00020000.00000000.sdmp, Offset: 06020000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_6020000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID: Send
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID: 121738739-0
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 7ceeab17bf9d649be9b4507ca04f657c7f0ca0de65ec0e8e1059f88dc2c6ef4b
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: a912dcb88286ac2df84d4480152b33120ec31c168b62ee1b643ed9c321993e7e
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7ceeab17bf9d649be9b4507ca04f657c7f0ca0de65ec0e8e1059f88dc2c6ef4b
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C721E2B59002589FDB50CF9AD885BDEBBF4FB49310F10802AE858AB350D374A944CFA4
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4DE9C Relevance: 1.5, Strings: 1, Instructions: 281COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                                                                            control_flow_graph 796 5f4de9c-5f4f4b2 799 5f4f597-5f4f5e7 796->799 800 5f4f4b8-5f4f4c7 796->800 814 5f4f6d3-5f4f71d 799->814 815 5f4f5ed-5f4f5f1 799->815 801 5f4f4ce-5f4f4e1 800->801 802 5f4f4c9 800->802 806 5f4f4f7-5f4f512 801->806 807 5f4f4e3-5f4f4ef call 5f4ecc8 801->807 802->801 811 5f4f514 806->811 812 5f4f51c 806->812 807->806 811->812 812->799 829 5f4f735-5f4f75a call 5f4df8c 814->829 830 5f4f71f-5f4f725 814->830 816 5f4f5f7-5f4f603 815->816 817 5f4f6b9-5f4f6c0 815->817 818 5f4f605 816->818 819 5f4f60a-5f4f618 816->819 818->819 823 5f4f691-5f4f6a4 819->823 824 5f4f61a-5f4f621 call 5f47df0 819->824 827 5f4f6a6-5f4f6ac 823->827 833 5f4f687-5f4f689 824->833 834 5f4f623-5f4f685 824->834 831 5f4f6b6 827->831 832 5f4f6ae 827->832 845 5f4f75c-5f4f772 829->845 846 5f4f77a-5f4f78f 829->846 835 5f4f727 830->835 836 5f4f729-5f4f733 830->836 831->817 832->831 882 5f4f68b call 5f4f481 833->882 883 5f4f68b call 5f4de9c 833->883 884 5f4f68b call 5f4f5c8 833->884 885 5f4f68b call 5f4f5b8 833->885 834->827 835->829 836->829 845->846 850 5f4f797-5f4f7ba call 5f4e758 846->850 851 5f4f791-5f4f795 846->851 854 5f4f7bc-5f4f7cd 850->854 851->850 851->854 860 5f4f807-5f4f81f 854->860 861 5f4f7cf-5f4f7db 854->861 886 5f4f821 call 6020130 860->886 887 5f4f821 call 6020121 860->887 866 5f4f7dd-5f4f7e9 861->866 867 5f4f7eb-5f4f7f7 861->867 866->867 871 5f4f7f9-5f4f804 866->871 867->860 867->871 871->860 872 5f4f827-5f4f846 874 5f4f860-5f4f869 872->874 875 5f4f848-5f4f84d 872->875 876 5f4f889-5f4f890 874->876 877 5f4f86b-5f4f87d 874->877 875->874 878 5f4f84f-5f4f85f 875->878 877->876 881 5f4f87f-5f4f882 877->881 881->876 882->823 883->823 884->823 885->823 886->872 887->872
                                                                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID: &'m^
                                                                                                                                                                                                                                                                                                                                                            • API String ID: 0-3988095189
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 8ba1902123d256309a38dffa6747b9154783eafb736d1166d11cfd3b0b096aaf
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: a5f5676ac575eae0b456d301b88e924ead713ef2aee0affe152f967dee7c7d38
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8ba1902123d256309a38dffa6747b9154783eafb736d1166d11cfd3b0b096aaf
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 18A18F31B002458FDB18DB64D854BAEBFB6BF88214F148469D40AAB391DF79AC45CF91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F43600 Relevance: 1.4, Strings: 1, Instructions: 104COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                                                                            control_flow_graph 1561 5f43600-5f43609 1562 5f435c0-5f435f1 call 5f43600 1561->1562 1563 5f4360b-5f43648 call 5f431dc 1561->1563 1571 5f435f7-5f435fa 1562->1571 1570 5f4364d-5f4364f 1563->1570 1572 5f43651-5f43690 1570->1572 1573 5f436c8-5f43700 1570->1573 1581 5f436c1-5f436c7 1572->1581 1582 5f43692-5f436bb 1572->1582 1582->1581
                                                                                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID: 7In
                                                                                                                                                                                                                                                                                                                                                            • API String ID: 0-1439994388
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 71566ab86310478f5981066d330840e0dff338178315cf1fdd922b7e1a2819b5
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: a30532f334ecf254c60240fc024022b625796b43bef738b916b4fc89c4075ce6
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 71566ab86310478f5981066d330840e0dff338178315cf1fdd922b7e1a2819b5
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B331D071A003099FCB10EB75C84899ABBF6EF8520471588AAE505DB391DB35ED058B91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4CFBC Relevance: .3, Instructions: 277COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                                                                                            control_flow_graph 1950 5f4cfbc-5f4d02e 1953 5f4d030-5f4d03b 1950->1953 1954 5f4d078-5f4d07a 1950->1954 1953->1954 1956 5f4d03d-5f4d049 1953->1956 1955 5f4d07c-5f4d095 1954->1955 1963 5f4d097-5f4d0a3 1955->1963 1964 5f4d0e1-5f4d0e3 1955->1964 1957 5f4d06c-5f4d076 1956->1957 1958 5f4d04b-5f4d055 1956->1958 1957->1955 1960 5f4d057 1958->1960 1961 5f4d059-5f4d068 1958->1961 1960->1961 1961->1961 1962 5f4d06a 1961->1962 1962->1957 1963->1964 1965 5f4d0a5-5f4d0b1 1963->1965 1966 5f4d0e5-5f4d13d 1964->1966 1967 5f4d0d4-5f4d0df 1965->1967 1968 5f4d0b3-5f4d0bd 1965->1968 1975 5f4d187-5f4d189 1966->1975 1976 5f4d13f-5f4d14a 1966->1976 1967->1966 1970 5f4d0c1-5f4d0d0 1968->1970 1971 5f4d0bf 1968->1971 1970->1970 1972 5f4d0d2 1970->1972 1971->1970 1972->1967 1978 5f4d18b-5f4d1a3 1975->1978 1976->1975 1977 5f4d14c-5f4d158 1976->1977 1979 5f4d15a-5f4d164 1977->1979 1980 5f4d17b-5f4d185 1977->1980 1984 5f4d1a5-5f4d1b0 1978->1984 1985 5f4d1ed-5f4d1ef 1978->1985 1982 5f4d166 1979->1982 1983 5f4d168-5f4d177 1979->1983 1980->1978 1982->1983 1983->1983 1986 5f4d179 1983->1986 1984->1985 1987 5f4d1b2-5f4d1be 1984->1987 1988 5f4d1f1-5f4d242 1985->1988 1986->1980 1989 5f4d1c0-5f4d1ca 1987->1989 1990 5f4d1e1-5f4d1eb 1987->1990 1996 5f4d248-5f4d256 1988->1996 1991 5f4d1cc 1989->1991 1992 5f4d1ce-5f4d1dd 1989->1992 1990->1988 1991->1992 1992->1992 1994 5f4d1df 1992->1994 1994->1990 1997 5f4d25f-5f4d2bf 1996->1997 1998 5f4d258-5f4d25e 1996->1998 2005 5f4d2c1-5f4d2c5 1997->2005 2006 5f4d2cf-5f4d2d3 1997->2006 1998->1997 2005->2006 2009 5f4d2c7 2005->2009 2007 5f4d2d5-5f4d2d9 2006->2007 2008 5f4d2e3-5f4d2e7 2006->2008 2007->2008 2010 5f4d2db 2007->2010 2011 5f4d2f7-5f4d2fb 2008->2011 2012 5f4d2e9-5f4d2ed 2008->2012 2009->2006 2010->2008 2014 5f4d2fd-5f4d301 2011->2014 2015 5f4d30b-5f4d30f 2011->2015 2012->2011 2013 5f4d2ef 2012->2013 2013->2011 2014->2015 2016 5f4d303 2014->2016 2017 5f4d311-5f4d315 2015->2017 2018 5f4d31f-5f4d323 2015->2018 2016->2015 2017->2018 2021 5f4d317 2017->2021 2019 5f4d325-5f4d329 2018->2019 2020 5f4d333-5f4d337 2018->2020 2019->2020 2022 5f4d32b 2019->2022 2023 5f4d347 2020->2023 2024 5f4d339-5f4d33d 2020->2024 2021->2018 2022->2020 2026 5f4d348 2023->2026 2024->2023 2025 5f4d33f 2024->2025 2025->2023 2026->2026
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 72e84d5c08dc4d9cfc31c1e51557620cf2fdeec5c3e0c6aa65e3b6b154822deb
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: bd1e1c330113eb5b367420bbe037d8f40e9dd74a8e954acb59e3f23b840e86d4
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 72e84d5c08dc4d9cfc31c1e51557620cf2fdeec5c3e0c6aa65e3b6b154822deb
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 59B12D70E002199FDB10CFA9C885BAEBFF2BF88714F148129E815E7294D7789985CF95
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F46370 Relevance: .3, Instructions: 271COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 1506c4e0e887f89e08ab48cc390357ac28e573ffec14165a3a27992f169f2d4a
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 3ffb4722c34f02b67124ac16928e138420d00875f455060efd45e93cd0b9d977
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1506c4e0e887f89e08ab48cc390357ac28e573ffec14165a3a27992f169f2d4a
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 87B10875A00204DFDB19DF68D894A6ABBF6FF88311F1484A9E41A9B361DB38EC41CF51
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4D88C Relevance: .3, Instructions: 262COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 905be55720d89c7cf69907e7ebb71b302c197124c4f3bab2252b372382a50d66
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 18bba3306484c7d0274c3844fa5114f4ab02733737c1e3ff07cafe0980c3c244
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 905be55720d89c7cf69907e7ebb71b302c197124c4f3bab2252b372382a50d66
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 42B12870E042599FDB10CFA8C885BADBFF2BB48754F148129D815EB394DB789885CF91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4EFA8 Relevance: .2, Instructions: 222COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 64b204377ee11867bfc4975d0bed389a85698bcc3a860d2d9a749fca04030146
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: e6a9d4880fe5fb8b5fa75d5376b25f198cf99d74fc3ea57e62559e2b63357d34
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 64b204377ee11867bfc4975d0bed389a85698bcc3a860d2d9a749fca04030146
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DE918B75E053449FDB19CF68D844AAABFB2FF85310F1584AAE44A9B351CB38E881CF51
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F432BC Relevance: .2, Instructions: 205COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: a3a3a5eb5dfbe30a52c37c88e6e4d3bd9856cfcebc98452a0c2a038940becba2
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 6bf0f37c5de3c61d4de0d9f5811a83df509c27388cc8cc6ea7d9970329934257
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a3a3a5eb5dfbe30a52c37c88e6e4d3bd9856cfcebc98452a0c2a038940becba2
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 15614933D042585BCF356A688894AFEBF77BB55310F064877E846AB2D1DA384CC58F92
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4496C Relevance: .2, Instructions: 194COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: bbf1194ef5b1a4e61f70e5c6b87ef079d1eb900e352543f66082272f8f8e0adc
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 4a03060b294fcc98384d784263a192a9304621f3a5c99da2bc3632f950fd3a07
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bbf1194ef5b1a4e61f70e5c6b87ef079d1eb900e352543f66082272f8f8e0adc
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AE718231E006199FDB14DFA9C8546ADBBB2FF89300F25856AD406BB390DF74AD45CB90
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4D610 Relevance: .2, Instructions: 180COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 03d6df8ad9bbe89569687be8e09b997a42a6d81193e54f7928db2c9c8b57d6d7
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 6743aad01a6b0b05ae4901ac8003705ceb941b77558faec45f93042dc798ac76
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 03d6df8ad9bbe89569687be8e09b997a42a6d81193e54f7928db2c9c8b57d6d7
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 78714A71E002199FDB14CFA9C884BAEBFF2BF88714F148529E415E7290DB789881CF91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4D604 Relevance: .2, Instructions: 179COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: ca67ede36cb20173f838d6872c1f5bea3908e398171a5cbe21f856d45dc246f4
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 49d4ff2158f43007d47736b681b28edb6aa25070387f60e9fde0eb1b2971ce34
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ca67ede36cb20173f838d6872c1f5bea3908e398171a5cbe21f856d45dc246f4
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A3713971E002599FDB10CFA9C885BAEBFF2BF88714F148529E415E7290D7789881CF95
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F46D4A Relevance: .2, Instructions: 178COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 58d3459771ba9ee2257839c43ad4d0f6a5d5c37a74a0285b76bfcdbf91743d5f
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: a3cf9fb34e3dab86a0fe09144ec06b7e18e7b7ab20f00af88085a9cc75c2bd77
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 58d3459771ba9ee2257839c43ad4d0f6a5d5c37a74a0285b76bfcdbf91743d5f
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BD510E747503589FEF0597B8A4187AE37AFEB9C701F20C029B406E3794CE799C5197A1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F46D58 Relevance: .2, Instructions: 172COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 323901049c383221af4e3185af0ddd31c8fb72232d60b814e0d018552fa2a278
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: dd69eb7ad25abdf77142fe1db089f2e2a19f78c5bd78a8014d6d994ab8186bab
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 323901049c383221af4e3185af0ddd31c8fb72232d60b814e0d018552fa2a278
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FC51EA747503589FEF05A7B8A8187AE37AFEB9C701F20C029B406E3794CE799C5197A1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F45E58 Relevance: .1, Instructions: 111COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 980a435e9901e6a993795925b22c76aa29058a46d950fd8214d41107beacaeca
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ff4fee2d6570b28438ea831fa996c1505429bee23e745f438219e6efc9d051bf
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 980a435e9901e6a993795925b22c76aa29058a46d950fd8214d41107beacaeca
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 47412675D042198FDB10DFA9C848AEEBBF9EB48310F10842AD505B7350DB78A904CFA4
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F45D40 Relevance: .1, Instructions: 102COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: ba93fa390a39a5c3d3b090f8c4cb75ea077961cfbaf2356cb75c48aa475ce2fe
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 8a997b9604cbf49fbe26d730198932862d6b116dc6088b34c098c4ddff09d035
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ba93fa390a39a5c3d3b090f8c4cb75ea077961cfbaf2356cb75c48aa475ce2fe
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4E31BC31E0020A8FCB10EFB9D8545EEBBB4FF89310B11816AE545E7210EB34A942CB90
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4370C Relevance: .1, Instructions: 100COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: c7e099110f0b2d58daade552e8a52a19e85fad05c696a8eeeb1b7f47e92fbe3f
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 2e50b291d4f23bfb931fa7dbcc4b1c341f2a6b373bda27c5960a132552930bc2
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c7e099110f0b2d58daade552e8a52a19e85fad05c696a8eeeb1b7f47e92fbe3f
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DA41BFB1D013189FDB20DFA9C584ACEFBB5EF49704F24842AD409BB250D7756A8ACF91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F46A49 Relevance: .1, Instructions: 98COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 932e2cc554fea85ee32b1c90ca06913c42a835cfa854b3100216e2336898da30
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 07b1ad2fe8e67fb5e99f1b5e012c6512216fa7d353fe6555d2647c48045668ad
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 932e2cc554fea85ee32b1c90ca06913c42a835cfa854b3100216e2336898da30
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3F31EF35B042549FDB18DFA8D8647EE7FB2ABC5220F2041AAD005EB390DE385D06CBE1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F47C60 Relevance: .1, Instructions: 97COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 3fdadd974ffbd655289b53ed7932113dbb6590b6b34b29daec0f65c12e154187
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 558601e6ef2f6e3b975c30c1e60da27ef55a4af2dd1e85f28ba5da853681c123
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3fdadd974ffbd655289b53ed7932113dbb6590b6b34b29daec0f65c12e154187
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7231A131B102448FEB14EBB9D4547AE7BF6EB88210F1484A9D506EB390CF79AC45CBA0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F43718 Relevance: .1, Instructions: 96COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: e5ebd4c83dce4db654ce0d044eec2da9b200c5aec652392ba3e122602b6b0a4f
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 48e8de6ba626a679365af17af5c246ba39b1aa76bad4cf5963c692011b60a5af
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e5ebd4c83dce4db654ce0d044eec2da9b200c5aec652392ba3e122602b6b0a4f
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B141B0B1D01319DBDB20CFA9C584ADEFBB5BF48304F24842AD408BB250D7756A8ACF91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4B4DF Relevance: .1, Instructions: 92COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 47f5207eefac4c8b8a1dd3d2b35a1ee7f84168f4a56a4fe961fe7a31b2a98684
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: fdfb5e0e27ecd1d4a27ad3ebf2557327c417621fe2030a5f9b171c015f8911f4
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 47f5207eefac4c8b8a1dd3d2b35a1ee7f84168f4a56a4fe961fe7a31b2a98684
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5C41D271D003499FEF14CFA9C494BDEBBB5BF48304F148429E819AB254DB799985CF90
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4B4E8 Relevance: .1, Instructions: 90COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: c116611b687420dffb0631ab7f2efc0e04832311de489ee5642c157e350e9173
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 9a3d08662f3fde588a7b884c16f0aec49ae3580f056d2c58fe369244e981d836
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c116611b687420dffb0631ab7f2efc0e04832311de489ee5642c157e350e9173
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C941E1B1D003499FEF10CF99C884ADEBBB5BF48300F108429E809AB254DB79A985CF90
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4A4E5 Relevance: .1, Instructions: 89COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 2cfb67ce40b272193d08ee5737d742ba4acc6574b3936fbc615a3fe9a0bca3dc
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 8ae600590b225f25f9e61723defcb5430e3727773da06b0caadbc4f2b517f51f
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2cfb67ce40b272193d08ee5737d742ba4acc6574b3936fbc615a3fe9a0bca3dc
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D43136B5D442889FDB14CFA8C9457DEBFB2BB08314F148529E855AB380D7789881CF95
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F47B58 Relevance: .1, Instructions: 89COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 0796f807482c35e6de24166d0cd1b68c33bdab6b2f4888a2e54a55ea5ea3caa8
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 8241ca3cb0c93a693e4a75d4b2f34c211a672d2b416a8b5dccc6daa7aa044542
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0796f807482c35e6de24166d0cd1b68c33bdab6b2f4888a2e54a55ea5ea3caa8
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 393155B0D442889FDB14CFA9C985B9EBFB2FB08314F148129E855AB340E7789881CF95
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F47754 Relevance: .1, Instructions: 78COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 71320d995ca2d4b00e5b963775b52b424a592db9567b16470e500d5dbc22405a
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 7e39a57cdf33c8d2dd2b4def5fd20b721fab7b48ea6b312023d54dba2e387db9
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 71320d995ca2d4b00e5b963775b52b424a592db9567b16470e500d5dbc22405a
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 83215E327002048FDB24EB29D484969BBBBFFD521174589AAE606CB260DE38FC45CB52
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F43284 Relevance: .1, Instructions: 76COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: b3f5d85854af88788ba5aa426be9e40f3ee78580cf5831142b99425da78f9421
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: f32b259833eb645b833bb205f196f021b8c9792747466c07a0f123779954f1b6
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b3f5d85854af88788ba5aa426be9e40f3ee78580cf5831142b99425da78f9421
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A421AA70A083489FCB05EF748C1596A7FF9DF06200B1548EAE945CB292FA35DD059BA2
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02BAD006 Relevance: .1, Instructions: 73COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2016970923.0000000002BAD000.00000040.00000800.00020000.00000000.sdmp, Offset: 02BAD000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_2bad000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 40a23f3c16b9614a51fc5294ed093fc0c35ea40b70678250f39ee5e3577a0ad3
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: c2b403010a4e6d57263636c69f3656428f3a963c41da8c9f8671b7365c84e5bc
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 40a23f3c16b9614a51fc5294ed093fc0c35ea40b70678250f39ee5e3577a0ad3
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 97314A7550E3C08FD7138F2088A0755BF71AB46214F29C5EBD8888F6A7C339980ACB62
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02BAD044 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2016970923.0000000002BAD000.00000040.00000800.00020000.00000000.sdmp, Offset: 02BAD000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_2bad000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: e4167e9bb00e24ddd3986c31f1fc49cb5f14f37df36f282982b2e286df854451
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ae4ee92aa3f71ad25ff806b9f514afb2768990a94e90978f591fb8a2191f55f8
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e4167e9bb00e24ddd3986c31f1fc49cb5f14f37df36f282982b2e286df854451
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 63215B71508345DFEB24DF10D9E1B26BBA5FB88324F24C5AEE8094B646C376D447CB62
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02BAD1F4 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2016970923.0000000002BAD000.00000040.00000800.00020000.00000000.sdmp, Offset: 02BAD000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_2bad000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 889fb4bf911639da63196f33bc28d5636720fc96397a7b3cc5da61fae0f118de
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 22584a0184962847670006a33af3a15e02c932a29100d225272c42077b5e8a87
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 889fb4bf911639da63196f33bc28d5636720fc96397a7b3cc5da61fae0f118de
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B2212971608344DFEB15DF10D5D0B26BBA1FB84314F20C9ADE8894F651C336D846CB61
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F43438 Relevance: .1, Instructions: 67COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 4be2bf068a278e3f22faa678dc7533dad5a170badce9cd5f535eb7adbbb270cb
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 107dfdd6bfbb4fced766608b9a243f738912c2b289bb83dd7f1fc5a125b7c4ae
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4be2bf068a278e3f22faa678dc7533dad5a170badce9cd5f535eb7adbbb270cb
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4111E132F002599FDB04DB65DC049EE7BB6EFC5310B0584AAE504EB2A1EB34A904CB90
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F46BB3 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 5c0301e6509a99b16e8c46d6e99094f90e1b1cf47ffb595ce1caeb73543bc266
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 457bc08434afdcae80bb5027ae5bc7a7b3eb56498dccfad55d3161f4198f3bb4
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5c0301e6509a99b16e8c46d6e99094f90e1b1cf47ffb595ce1caeb73543bc266
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 462120B5C012089FCB00CF9AD980BDEFBF4FB48220F24842AE519A7340C378A944CFA4
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F45EF4 Relevance: .1, Instructions: 65COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: b7398ab517355ada64761150bb3431ce4c885cd452bd84b2d073459bdf1d698c
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 9d930d191ddaf217fc1030b603f189f73cf722f4ef47dda3495efbc61d8933e6
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b7398ab517355ada64761150bb3431ce4c885cd452bd84b2d073459bdf1d698c
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 512133B5D043488FDB10DFAAD848BDEFBF4AB49310F10842AE459A3310D778A904CFA5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4E189 Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: fafd08c97daec6272d2d31ed2a3c5d6dfc9b69ea0d1d442e3fd92a6d61732ab8
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 2250152867af879ba9e863e3cac5effc52556b5def06051e5b3792e7e2e3d010
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fafd08c97daec6272d2d31ed2a3c5d6dfc9b69ea0d1d442e3fd92a6d61732ab8
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FD21B171E141498BEF00CBA8D8017AE7FBAFB84304F004165E651E72D0DB7CAA058F92
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F47170 Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: ff1d781d751dc8b6c22947eb162fb15f660f964ffce39aff39e15f9cea061594
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: d24245cfd32a6f2bdf937534faf98e1976a3a3cc7f7e6dac48962fad514d1de5
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ff1d781d751dc8b6c22947eb162fb15f660f964ffce39aff39e15f9cea061594
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F7214731A45208CBDB14AB71D8596AE7FB6FB89305F245428E402B7390DF39AD42CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F43F34 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 94a2ab386cf7f83bc01ee396dd7acbd862e619e450fac3ae02d7e2836c863e71
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: fd35ef6e6a53659b5b1a2785597e1102e2e3a457df9bdf7f8ea87216df234d6b
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 94a2ab386cf7f83bc01ee396dd7acbd862e619e450fac3ae02d7e2836c863e71
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4D117552B0E3D51FD317567818607AA2FB68B9B11078A44EBE2C5DB2E3D8189C0A8762
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F461A4 Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 076f6d996971578cc14f3d73a2873f6e053326196d8819ed7dabe910dc623673
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 20eff612832ab508c0473c8badb50493cd3a97f2e36621574b69f0aa67fa1f58
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 076f6d996971578cc14f3d73a2873f6e053326196d8819ed7dabe910dc623673
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2721DFB59012099FDB10CF9AD984AEEFBF4EB48210F20846AE959A7200D375A944CFA4
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F47180 Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 488e50e0088b903878574c29143f864bde4b51808e92eba597880314d734c5e1
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 99f1a3e04e31c4e51bc9f1b615688ea4ae0d0df36b4fcc77eef6fb62e65fc54f
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 488e50e0088b903878574c29143f864bde4b51808e92eba597880314d734c5e1
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1C212430B41208CBDB14EBB5D8596AE7FB6FB89311F145029E402E7390DB39AD42CFA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F43190 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 2ba9f4d74221e313d190128517348737527e281972a3cd9ea3ddea8216ca355c
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 64162d4f6ef87253a3e5f75942e4e08f7917a0435e21c4a03b5369d3e767d3fc
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2ba9f4d74221e313d190128517348737527e281972a3cd9ea3ddea8216ca355c
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D221D3B69043499FDB10CF9AD884BDEBFF4FB49310F10842AE919A7210D379A954CFA5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4E2B8 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: a25e9561141de3daef4d494bbb531dbddf58e7de5c319b9cc7e8f2ed01192db8
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 06df123be49c50a223cc52cff58bce1725fdf2e25c1b4f8497ccd27253080992
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a25e9561141de3daef4d494bbb531dbddf58e7de5c319b9cc7e8f2ed01192db8
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E7117C70A44209DBDB24DFA5C484AEEBFF6FF88310F248569D102A73A0DB789945CF52
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F46360 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: cb3269d45f4a8f63c7bf1987b7b1c77f8cca8cbe697b29da837c02ab46c27b89
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 56858960b54e9ab62b6d37701ffca0ab42617525c2e7ee297560a7ffb42c46fe
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cb3269d45f4a8f63c7bf1987b7b1c77f8cca8cbe697b29da837c02ab46c27b89
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2A01C0327002109FD704AB69D894B2E7BAAFF89750B5485A9E506CB361CF79EC02CB90
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F47B68 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 3981f7a417b2d9fa57a3894c11407aef76b192913caee1cc218d42fa9896049a
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 678d7cdef1d132818b3409c21198147006f950b67cb27a4282f6dc0fca16b200
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3981f7a417b2d9fa57a3894c11407aef76b192913caee1cc218d42fa9896049a
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6811C4717002109FD704EB69D894B5E7BAAFF89254F5441A9E6069B361CF75FC02CBD0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F434F8 Relevance: .1, Instructions: 54COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 17d01ee0d35388b4c560401cd4ae979c1a05bd944903946720eeb7780189b732
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ae50ac3cb6bad8eae1a80af7f70144fd93a4f88664a44e0c16522dd09998a483
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 17d01ee0d35388b4c560401cd4ae979c1a05bd944903946720eeb7780189b732
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E921C2B58003499FDB10CF9AD884BDEBFF4FB49320F14841AE959A7210C378A954CFA5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 02BAD1EF Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2016970923.0000000002BAD000.00000040.00000800.00020000.00000000.sdmp, Offset: 02BAD000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_2bad000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 24b986c293b76f43647e5a6542cab87a0f72804c36a9ab50d54beaa8ae0cf00b
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ad0b14ad83de0acc5a8ecec5f9084de9ad9d97dec084870cf947ff74e7070d99
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 24b986c293b76f43647e5a6542cab87a0f72804c36a9ab50d54beaa8ae0cf00b
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D711DD75508380CFDB02CF10C5D4B15BBA1FB84318F24CAAAD8894B656C33AD81ACB61
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F45F18 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: db970aa5bd096f5fd4cff4b12541143af77a7df0ed54c26c4009126ed987da0e
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 4d7495438151d146c19b212b17f2fd116e040731715b074f669100fe33d9a178
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: db970aa5bd096f5fd4cff4b12541143af77a7df0ed54c26c4009126ed987da0e
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2811BFB5C043589FDB10DF9AD844BDEFBF4BB49320F10852AE458B7210C378A9448FA5
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4EEC1 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 9f873aaeaee96908800f9c1b9cffd4384929b9e8b53b425014138fb7bda66d1a
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: ec54cabdbdd73f4712dceab38082358b36af1c6138482e00d58d633f7ade14bb
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9f873aaeaee96908800f9c1b9cffd4384929b9e8b53b425014138fb7bda66d1a
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 82115371614B408FD365DF2DD846A16BBE5EB45324714CA5EE0AACBB81D638F8018F44
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F45DB8 Relevance: .0, Instructions: 48COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: f7467ca447268db50e67ce5263789ca8ca2e0c2ea487c2401ad775d1506debb5
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: b8587abdac0bad35aae2b32b99cb3d41fe35b1003c0f26b8baed32a71fb4af1d
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f7467ca447268db50e67ce5263789ca8ca2e0c2ea487c2401ad775d1506debb5
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FD11B631D0070A8ECB10EFA9C5405DEBBF4FF49310B11966AD559B7211E730EA81CB90
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4EBD1 Relevance: .0, Instructions: 46COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 74515af1c8cd08eba1bff8838eb141c512ba5774fe6325f4dd83fb030321cb34
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: a18d538aa84e6fcb4e1564326aea78a52f2852d222690d6b2a07fa5a3435604b
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 74515af1c8cd08eba1bff8838eb141c512ba5774fe6325f4dd83fb030321cb34
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CD01B5326043408FD720EF25C444A65BFBEFF81611B058AA9E7068B261CA38E844CF53
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F435A8 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 276e4743a8c5f2c21bb369f4306714efa44a113fa35ea859b8609dcd772eb4eb
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: e6d36a502b4c450da0e5e1909d8a715d745127e63bf66a52fef6aac03fecdd97
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 276e4743a8c5f2c21bb369f4306714efa44a113fa35ea859b8609dcd772eb4eb
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0E01D472900209DFDB10EFA6D80579DBBF5EB44315F208569D409E3351D639AD41CF61
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F46C81 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 73388fff91ac5fb73e016873320044644c64c66f3e830a9e6acc908dfd49fe37
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 09394133284709159d63a3659cc792512817e4e771b4b4b825fa1c1dfbf70c4d
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 73388fff91ac5fb73e016873320044644c64c66f3e830a9e6acc908dfd49fe37
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5B014C75A01219CFCB00DFA8D9945BEBBB2FB88316B248469E904E7346D734AD45CF91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F46C90 Relevance: .0, Instructions: 42COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 817f45cca5607c0169910995787fd33b5a3f744fd22b25e3a83debf9be0a8aa6
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: d7258f092673dcdb96e8ac84f697fad45f410c8f747865761420f1c8049c1ef5
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 817f45cca5607c0169910995787fd33b5a3f744fd22b25e3a83debf9be0a8aa6
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4D015634A00219CFCB00DFA8D8849AEBBF2FB88311B208429E904E7305DB35AC41CF90
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4F3F6 Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: f59cbaafea4699e7a222f29a04baadbfaade4c239d0f1350cffc7ce5ef028829
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: c4db3294db58b829c8bdf94c1ca21f540c50748614e3ff8bec57a6c7bd9d0d3b
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f59cbaafea4699e7a222f29a04baadbfaade4c239d0f1350cffc7ce5ef028829
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 52014436A00104CFDB04DA94E494AADBBB2FB88224F145069E519E7760CF399D41CF50
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F45D31 Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 3f06c250e9bde9eefc0ea570c84da77ed8ba9aa4fdbfc7b8c1996df4d86693c4
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 51566d4c0d7bbc2f590cea8fca52587da0ba852cf565bb1c9fb3bbbbce3f0031
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3f06c250e9bde9eefc0ea570c84da77ed8ba9aa4fdbfc7b8c1996df4d86693c4
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B9E022B6B082004BC7156A54DC29BBA3F7ABFC1B11709802FF102CB3D1DF248806CB60
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4F428 Relevance: .0, Instructions: 29COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: edbd474b9ea35a4f498e29d9b7834df8e7399e31f8c886a0b8d4df31382c09df
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 9c79af7b19d7229df76d5c2e9330f18cf8939ef3f053416e3c4c1a81ba168816
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: edbd474b9ea35a4f498e29d9b7834df8e7399e31f8c886a0b8d4df31382c09df
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2AF05E76B002149FDB04DBA4D848AEDBBF1EB88224F1444A9D59A9B351CB369D42CF80
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4F51F Relevance: .0, Instructions: 28COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: d59c2f0bf8cd2f66b1c89cbea76eae1612f76db9dcae0ce74547fe1742b0567d
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 030f9d20bf2638e5ba7198122228383ddfd46ad4c3ac5d0a0f887ea4fa4aeaf0
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d59c2f0bf8cd2f66b1c89cbea76eae1612f76db9dcae0ce74547fe1742b0567d
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5CF0E275E146A99BEB14CF94C584BADBBF1BB48610F144489E416B7391CB78AE408EA0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F47C4F Relevance: .0, Instructions: 28COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: e26ff27a108f38e7c3c0ad686aca111430ae29d67027e0412c83e08ffde1c3a0
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 17276c034e155126b72912b186e66e4b0f66efcbcbb2ffe1e47299d323fde413
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e26ff27a108f38e7c3c0ad686aca111430ae29d67027e0412c83e08ffde1c3a0
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 09E06832F1424827DF2015BA9856ADEBF39DB84120B0040BFDA0293281EA29941487E0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F46A18 Relevance: .0, Instructions: 28COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 3dbf3a4302954346f8cf73618fc8a1fd5bedad732e31f25ca94408cd79ba2ec0
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 35124bce9f20c25d221df93c79d5703c7f32b783d616b1c2d6e26c7b0bd6fe0f
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3dbf3a4302954346f8cf73618fc8a1fd5bedad732e31f25ca94408cd79ba2ec0
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 03F0F4719502199BDF14CF84C858BEEBFB2BB89314F208019D401BB240DBB85E40DBA0
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F47C09 Relevance: .0, Instructions: 26COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: e885d40d3ed26ecce52c547e89a1d41783833777294c3f2ab79ea2f27409787d
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 352c2e0764f3302e58aff751b0fdcc535870a700c5daf01f39a6aa08be135014
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e885d40d3ed26ecce52c547e89a1d41783833777294c3f2ab79ea2f27409787d
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DEE086277101400FCB0511AA584935A6BEACFDD111B484065EA0AC7380EC2CEC0782D1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F43C98 Relevance: .0, Instructions: 20COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 9d9b9cc27f9a39efa381bfec210aaf0c29d6eae892efa834bd0fe32378e5c5f5
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 681603dc0405a5fe2dc384cf40f3cfc65dae267d97727e188369ad2d5850937b
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9d9b9cc27f9a39efa381bfec210aaf0c29d6eae892efa834bd0fe32378e5c5f5
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 52E04F318083496BCB027EB4D8159CA7F79EF07210F02445AF5841B162E6619165A7E3
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F435B8 Relevance: .0, Instructions: 19COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 054af5b5021a9b3be1dc3bd662a0f4ec9fe49ff086e9433cdf7fa428131a4cd3
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 2ffdfa4f56e6f48bb547f9ef9a3dc94a2a565e651fef1a0e150d31dbab5174e8
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 054af5b5021a9b3be1dc3bd662a0f4ec9fe49ff086e9433cdf7fa428131a4cd3
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 88E0867094020DEFCB04DFA2D60559DBBF6FB48305B2081ACE809A3301DB317E009F91
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F4702C Relevance: .0, Instructions: 19COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: a74154dcdc87a435adcbdbc07de8bced4592461f10b7767a7ee6c7101c33da85
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 9e40080810b91187087762aad90af43b80bb5aa96f4a5dc0c7fcc7635cbe353f
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a74154dcdc87a435adcbdbc07de8bced4592461f10b7767a7ee6c7101c33da85
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 96D0A757A0F1908FC71257E85C514E4BF34D9972A674401D7D189CB07AE308D25693A2
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F46FF7 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 4b1e77e6486a693bfa75842d702a2a6e6bb274ac1ad6d5a369a28fa1c84bb0e3
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: da54e0be36a53a24fb0de998702848a7812f1fc4289e229fa8771b1f659ace1e
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4b1e77e6486a693bfa75842d702a2a6e6bb274ac1ad6d5a369a28fa1c84bb0e3
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 49D0A7765047508BCA0757F47509ACF3FA95B4D3937194082D04AD7356D73ACD168FA1
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F40BD0 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 096c8dfc99311763acdbbf871d70055da5a9cf5d7dfaf86934fe87c833664c60
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 3fcdbd89eacfc3fe87795db574e938453889ea6641b377a6650c252075db2d2b
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 096c8dfc99311763acdbbf871d70055da5a9cf5d7dfaf86934fe87c833664c60
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DED0978721C2C097E303BB304C051482FE049B3120F8FC0FA4202CB112D04DC409C223
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F43368 Relevance: .0, Instructions: 9COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: 1fde9ee38a7eef50205ef69f6715a74df60be85f69a8beacef6ffc14803c7884
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 75eac2817f4442819dcc7dfd551d2227ffcf4385abf296641119ee468bb5ad8c
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1fde9ee38a7eef50205ef69f6715a74df60be85f69a8beacef6ffc14803c7884
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2CC012B11006408BDF289F1885892143FA1EBA1328B700A8EB02A4A1D2CB3AD587CBD2
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                                            Function 05F43FF3 Relevance: .0, Instructions: 6COMMON
                                                                                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                            • Source File: 00000027.00000002.2045375778.0000000005F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 05F40000, based on PE: false
                                                                                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_39_2_5f40000_Pots.jbxd
                                                                                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                                                                                            • Opcode ID: a3d8028bfee22647cc7727779697208551add712dd40156fe64eb1570aa24e76
                                                                                                                                                                                                                                                                                                                                                            • Instruction ID: 7de4f41d5a9d854b0aad643916181359088950507d53458e40ae2fb7ba2f7a8e
                                                                                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a3d8028bfee22647cc7727779697208551add712dd40156fe64eb1570aa24e76
                                                                                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CDC04CB14106008BDF189F15D5492003FA1AB50328B30028DA0284A2D2C77AD547DBD2
                                                                                                                                                                                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                                                                                                                                                                                            Uniqueness Score: -1.00%