Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://online.nashikproperty.com/?zn1YPM=Ppj

Overview

General Information

Sample URL:https://online.nashikproperty.com/?zn1YPM=Ppj
Analysis ID:1525981
Infos:

Detection

Score:2
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Contains functionality for execution timing, often used to detect debuggers
Contains functionality to call native functions
Detected potential crypto function
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 4508 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6296 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1944,i,17965116177562204563,11030053410015879069,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 716 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://online.nashikproperty.com/?zn1YPM=Ppj" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • firefox.exe (PID: 6988 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 6972 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 6464 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2232 -prefMapHandle 2224 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {68759cd2-86d7-430c-bb58-ab48e34e1765} 6972 "\\.\pipe\gecko-crash-server-pipe.6972" 218ff86d910 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 4960 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4028 -parentBuildID 20230927232528 -prefsHandle 4020 -prefMapHandle 768 -prefsLen 25481 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56561f6d-b6e1-445b-8d70-cce5381dc73d} 6972 "\\.\pipe\gecko-crash-server-pipe.6972" 21891a17810 rdd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 5848 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5224 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5220 -prefMapHandle 5208 -prefsLen 33172 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3054c5d8-abdb-4a6f-917c-54892363bd7b} 6972 "\\.\pipe\gecko-crash-server-pipe.6972" 2188f638b10 utility MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49707 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.16:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.16:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.23.209.141:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49748 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49749 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49750 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49754 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49753 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49759 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49761 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.222.236.23:443 -> 192.168.2.16:49764 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.222.236.23:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49773 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49776 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49775 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49777 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49779 version: TLS 1.2
Source: Binary string: UxTheme.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A1089000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: rsaenh.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: xWindows.Security.Integrity.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: winsta.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: bcrypt.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150449757.00000218A07EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2174602287.00000218A07EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: WscApi.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ktmw32.pdb source: firefox.exe, 0000000C.00000003.2182950683.00000218FF8F7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2165112336.00000218FF8F5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: msvcrt.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2197436474.000002189AE9D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: xWindows.StateRepositoryPS.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8WinTypes.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: xul.pdb source: firefox.exe, 0000000C.00000003.2182950683.00000218FF8F7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2165112336.00000218FF8F5000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: nssckbi.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: mozglue.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: dcomp.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: winnsi.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: cryptsp.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8dhcpcsvc6.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8softokn3.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2220610175.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ntmarta.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A1089000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: CLBCatQ.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: urlmon.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8twinapi.appcore.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8kernelbase.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: shlwapi.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A10B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2194137180.00000218A10B8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8CoreMessaging.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: win32u.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: dwmapi.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8bcryptprimitives.pdb source: firefox.exe, 0000000C.00000003.2220670433.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: firefox.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: srvcli.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: imm32.pdb source: firefox.exe, 0000000C.00000003.2185419695.00000218A1050000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: freebl3.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ws2_32.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A10B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2194137180.00000218A10B8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: mswsock.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8gkcodecs.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8iphlpapi.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8ExplorerFrame.pdb source: firefox.exe, 0000000C.00000003.2150823644.000002189AC60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC60000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: nsi.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: winmm.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ole32.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A10B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2194137180.00000218A10B8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8CoreUIComponents.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8osclientcerts.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2220610175.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8cryptbase.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8cfgmgr32.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: msasn1.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: DWrite.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: combase.pdb source: firefox.exe, 0000000C.00000003.2185419695.00000218A1050000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8iertutil.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8dhcpcsvc.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8msvcp140.amd64.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ncrypt.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: nss3.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A10B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2194137180.00000218A10B8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8webauthn.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Kernel.Appcore.pdb source: firefox.exe, 0000000C.00000003.2220670433.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8ColorAdapterClient.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8powrprof.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: wsock32.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A10B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2194137180.00000218A10B8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8MMDevAPI.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: wininet.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: UMPDC.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8kernel32.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8oleaut32.pdb source: firefox.exe, 0000000C.00000003.2220670433.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: rpcrt4.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8TextInputFramework.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: pnrpnsp.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: wshbth.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8InputHost.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8ucrtbase.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: version.pdbtoolbar-button-reload source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: xOneCoreUAPCommonProxyStub.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: shcore.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A1089000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8audioses.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Bcp47mrm.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8netutils.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: sspicli.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8rasadhlp.pdb source: firefox.exe, 0000000C.00000003.2150823644.000002189AC60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC60000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: shell32.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A1089000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Bcp47Langs.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8msvcp_win.pdb source: firefox.exe, 0000000C.00000003.2220670433.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8wtsapi32.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8taskschd.pdb source: firefox.exe, 0000000C.00000003.2150823644.000002189AC60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC60000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: dnsapi.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: userenv.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Windows.UI.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: nlaapi.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8fwpuclnt.pdb source: firefox.exe, 0000000C.00000003.2150823644.000002189AC60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC60000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: winhttp.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: msimg32.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ntasn1.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: devobj.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: d3d11.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8advapi32.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Windows.Storage.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8OnDemandConnRouteHelper.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2220610175.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC60000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: dbghelp.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8netprofm.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: gdi32.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185419695.00000218A1050000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: profapi.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: avrt.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Windows.Globalization.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: WLDP.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A1089000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: sechost.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8directmanipulation.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8setupapi.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8vcruntime140_1.amd64.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A927000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: propsys.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8lgpllibs.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8vcruntime140.amd64.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8gdi32full.pdb source: firefox.exe, 0000000C.00000003.2220670433.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: winrnr.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: msctf.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: version.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: propsys.pdbmain-context-menu-stop source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: dbgcore.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: mscms.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: user32.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: twinapi.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8DataExchange.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8wintrust.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: psapi.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8WindowManagementAPI.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ntdll.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: dxgi.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8npmproxy.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8linkinfo.pdb source: firefox.exe, 0000000C.00000003.2150823644.000002189AC60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC60000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Windows.UI.Immersive.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: edputil.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: crypt32.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: firefox.exeMemory has grown: Private usage: 40MB later: 288MB
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: unknownTCP traffic detected without corresponding DNS query: 20.190.160.17
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=rYohnPkDkrRVwL8&MD=OA4lgLhz HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fonline.nashikproperty.&oit=3&cp=30&pgcl=4&gs_rn=42&psi=Ry3v2W9Io9_oTcQX&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fonline.nashikproperty.c&oit=3&cp=31&pgcl=4&gs_rn=42&psi=Ry3v2W9Io9_oTcQX&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fonline.nashikproperty.com&oit=3&cp=33&pgcl=4&gs_rn=42&psi=Ry3v2W9Io9_oTcQX&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=rYohnPkDkrRVwL8&MD=OA4lgLhz HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /client/config?cc=CH&setlang=en-CH HTTP/1.1X-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-UserAgeClass: UnknownX-BM-Market: CHX-BM-DateFormat: dd/MM/yyyyX-Device-OSSKU: 48X-BM-DTZ: -240X-DeviceID: 01000A4109009A83X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDoAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAbtR7UFEaozBIEJX6VrbRbCGnNmyCQwp9yKJHH7qSyI92pw2z0hnEDCGOhnCN9kvTVmV0QU4oAU8f1mXUwwFsgU0bbomXnstfeAOIeD7glo0dtDh6K6RqrcHkGtnWay9eLNjtnuNhQGdhLi/OJCkpavaiJ27FLmBkTsF44wfBuzSWXPAYe0DJgpj/YMFq0euOtRmZ%2BF4FUr7gcDHKaRwHMlYvTGwy4DSGmgoBu3nhl7ElykaLrN5cb%2BzU79Kr9uoN7cJLfCX6ecSeLjQe%2BCR8bsT/NOvMy%2BB6FkXmLem%2B8M6mpYOXwF5pT0zgISElPMK9qNPTgfmlrguZ%2BPtx3b5FJAQZgAAEPGraoIT2Tmu5kB97hv9vzuwAUChfxkiIzc4rTQ7JonfRy6hw/x910NOoHVQMDTF7DthJsngyeRfjvyVfWS35DEYQLwSkN4X1PNXFUHg3IpQuhJfM5TCzTey7ZV4ewJgA3FbDYUtrmcVfCwjwipEgbJKJOHbp/00Iy5Coj35yamXV6jJqK98523w2lZSpIPAWISWPfJhv5uMoCPMWGrqRJWoqisNT9E%2BqYPRtMnwDPkKqKfgJ58P44DfvfRPIZQFO4LgrYZE78/wf3hIqeSzjUcHKeh%2BnXwJPH2n5jeMaCgYP5UU1/Bb62r7oF96lKnArZfOaqwzWbWEhEeZESDamqh3GaihDnfaEHlT9sa6ZwJgOqAgVDHmB0tGOxe7H0%2B71TdB9pMGGK/ztLLRzbNondozpRvkbQZMngZvQzFCRmCKcVGX/Ki2kz1UzkpZD%2BZiwQS%2B7fsLIDGij9TuzF%2B3JM7VfCp1au1UhXRfGn1QlvDVeScfwGKU7V%2BSQiezAWNDt0OHZydWCXOxiqCKSQY8j1Eg/Gi/cmnvnLhGVsB6fGesPRY9qzIuwrSl297yb8wbgq7gTRaq047GGU9yOkOzxM3wv9cB%26p%3DX-Agent-DeviceId: 01000A4109009A83X-BM-CBT: 1728052063User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045X-Device-isOptin: falseAccept-language: en-GB, en, en-USX-Device-Touch: falseX-Device-ClientSession: 2518293977DE49719FE37D8556719A11X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIHost: www.bing.comConnection: Keep-AliveCookie: SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=3a628620&IPMID=1707317755885; MUID=5047E5942BB2460EA35B53CCF78DDB3D; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: BETWEEN :prefix || 'www.' || :strippedURL AND :prefix || 'www.' || :strippedURL || X'FFFF'UpdateService.canUsuallyCheckForUpdates - unable to automatically check for updates, the option has been disabled by the administrator.Take control of your YouTube experience. Automatically block annoying ads, set playback speed and volume, remove annotations, and more. equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://pub.doubleverify.com/signals/pub.js*https://smartblock.firefox.etp/play.svg*://auth.9c9media.ca/auth/main.jsFileUtils_openSafeFileOutputStream*://c.amazon-adsystem.com/aax2/apstag.js*://static.chartbeat.com/js/chartbeat.js*://static.chartbeat.com/js/chartbeat_video.js*://*.imgur.io/js/vendor.*.bundle.js*://*.imgur.com/js/vendor.*.bundle.js@mozilla.org/network/safe-file-output-stream;1FileUtils_closeSafeFileOutputStreamresource://gre/modules/addons/XPIProvider.jsm@mozilla.org/network/file-output-stream;1webcompat-reporter%40mozilla.org:1.5.1https://smartblock.firefox.etp/facebook.svg*://www.google-analytics.com/analytics.js**://pagead2.googlesyndication.com/tag/js/gpt.js**://adservex.media.net/videoAds.js**://cdn.optimizely.com/public/*.js*://*.vidible.tv/*/vidible-min.js**://www.google-analytics.com/plugins/ua/ec.js*://s.webtrends.com/js/advancedLinkTracking.js*://js.maxmind.com/js/apis/geoip2/*/geoip2.js*://s.webtrends.com/js/webtrends.js*://cdn.adsafeprotected.com/iasPET.1.js*://s0.2mdn.net/instream/html5/ima3.js*://s.webtrends.com/js/webtrends.min.js*://www.google-analytics.com/gtm/js**://*.moatads.com/*/moatheader.js*TelemetrySession::onEnvironmentChange equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://track.adform.net/Serving/TrackPoint/**://pubads.g.doubleclick.net/gampad/*xml_vmap2**://www.facebook.com/platform/impression.php**://*.adsafeprotected.com/*/unit/**://*.adsafeprotected.com/jload?*addons-search-detection@mozilla.comaddons-search-detection%40mozilla.com:2.0.0resource://search-extensions/google/resource://search-extensions/amazondotcom/amazondotcom%40search.mozilla.org:1.6wikipedia%40search.mozilla.org:1.3resource://search-extensions/bing/resource://search-extensions/ddg/firefox-compact-light%40mozilla.org:1.2firefox-compact-dark%40mozilla.org:1.2resource://builtin-themes/alpenglow/resource://builtin-addons/search-detection/firefox-compact-light@mozilla.orgfirefox-alpenglow%40mozilla.org:1.4resource://gre/modules/AsyncShutdown.sys.mjs9928c898-4941-555d-e502-54a90e9e5371 equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/platform/impression.php*resource://services-sync/constants.sys.mjs equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2451649772.000002188F18D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: -l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Wikipedia&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.reddit.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="R"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/reddit-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Reddit<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Reddit&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" href="https://twitter.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="T"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/twitter-com@2x.png)"></div></div></div><div class="title"><span dir="auto">Twitter<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;Twitter&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder hide-for-narrow"><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li></ul><div class="edit-topsites-wrapper"></div></div></section></div></div></div></div><style data-styles="[[null]]"></style></div><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div></div></div></div><style data-styles="[[null]]"></style></div></div></main></div></div> equals www.twitter.com (Twitter)
Source: firefox.exe, 0000000C.00000003.2235943828.0000021891FC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.facebook.com/* equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000003.2236638190.0000021891FAF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2236638190.0000021891FBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.youtube.com/* equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000003.2003597755.000002189A2BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2094243038.000002189A2C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.facebook.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000003.2003597755.000002189A2BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2117833209.000002189AC74000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2094243038.000002189A2C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.youtube.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000003.2235943828.0000021891FC0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2235943828.0000021891FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2523731573.0000021891417000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.facebook.com equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000003.2236638190.0000021891FBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.youtube.com equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: This should only be called from XPCShell testsmedia.gmp-manager.secondsBetweenChecksfindUpdates() - updateTask succeeded for - the given reason to update is not supported*://track.adform.net/serving/scripts/trackpoint/*://www.everestjs.net/static/st.v3.js**://web-assets.toggl.com/app/assets/scripts/*.js*://libs.coremetrics.com/eluminate.jsFileUtils_closeAtomicFileOutputStreamFileUtils_openAtomicFileOutputStream@mozilla.org/network/atomic-file-output-stream;1webcompat-reporter@mozilla.org.xpi*://static.criteo.net/js/ld/publishertag.js*://www.rva311.com/static/js/main.*.chunk.js*://connect.facebook.net/*/sdk.js**://connect.facebook.net/*/all.js**://cdn.branch.io/branch-latest.min.js*resource://gre/modules/FileUtils.sys.mjs@mozilla.org/addons/addon-manager-startup;1pictureinpicture%40mozilla.org:1.0.0resource://gre/modules/TelemetryStorage.sys.mjs equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: UpdateService:_selectAndInstallUpdate - prompting because silent install is disabled. Notifying observers. topic: update-available, status: show-promptmoz-extension://06836808-3da5-4b66-93b7-b66b1a840a96/lib/intervention_helpers.jsYou may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/url('chrome://activity-stream/content/data/content/assets/mr-settodefault.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-pinprivate.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-import.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-modal&utm_campaign=mr2022&utm_content=existing-globalhttps://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/url('chrome://activity-stream/content/data/content/assets/mr-mobilecrosspromo.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-gratitude.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)DeferredTask@resource://gre/modules/DeferredTask.sys.mjs:117:18 equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: UpdateService:_selectAndInstallUpdate - prompting because silent install is disabled. Notifying observers. topic: update-available, status: show-promptmoz-extension://06836808-3da5-4b66-93b7-b66b1a840a96/lib/intervention_helpers.jsYou may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/url('chrome://activity-stream/content/data/content/assets/mr-settodefault.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-pinprivate.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-import.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-modal&utm_campaign=mr2022&utm_content=existing-globalhttps://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/url('chrome://activity-stream/content/data/content/assets/mr-mobilecrosspromo.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-gratitude.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)DeferredTask@resource://gre/modules/DeferredTask.sys.mjs:117:18 equals www.twitter.com (Twitter)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: UpdateService:_selectAndInstallUpdate - prompting because silent install is disabled. Notifying observers. topic: update-available, status: show-promptmoz-extension://06836808-3da5-4b66-93b7-b66b1a840a96/lib/intervention_helpers.jsYou may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/url('chrome://activity-stream/content/data/content/assets/mr-settodefault.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-pinprivate.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-import.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-modal&utm_campaign=mr2022&utm_content=existing-globalhttps://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/url('chrome://activity-stream/content/data/content/assets/mr-mobilecrosspromo.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)url('chrome://activity-stream/content/data/content/assets/mr-gratitude.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color)DeferredTask@resource://gre/modules/DeferredTask.sys.mjs:117:18 equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: You may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: You may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.twitter.com (Twitter)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: You may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: ["www.facebook.com","facebook.com"] equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: ["www.youtube.com","youtube.com"] equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891307000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: [{incognito:null, tabId:null, types:["image"], urls:["*://track.adform.net/Serving/TrackPoint/*", "*://pixel.advertising.com/firefox-etp", "*://*.advertising.com/*.js*", "*://*.advertising.com/*", "*://securepubads.g.doubleclick.net/gampad/*ad-blk*", "*://pubads.g.doubleclick.net/gampad/*ad-blk*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://vast.adsafeprotected.com/vast*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://securepubads.g.doubleclick.net/gampad/*ad*", "*://pubads.g.doubleclick.net/gampad/*ad*", "*://www.facebook.com/platform/impression.php*", "https://ads.stickyadstv.com/firefox-etp", "*://ads.stickyadstv.com/auto-user-sync*", "*://ads.stickyadstv.com/user-matching*", "https://static.adsafeprotected.com/firefox-etp-pixel", "*://*.adsafeprotected.com/*.gif*", "*://*.adsafeprotected.com/*.png*", "*://*.adsafeprotected.com/*.js*", "*://*.adsafeprotected.com/*/adj*", "*://*.adsafeprotected.com/*/imp/*", "*://*.adsafeprotected.com/*/Serving/*", "*://*.adsafeprotected.com/*/unit/*", "*://*.adsafeprotected.com/jload", "*://*.adsafeprotected.com/jload?*", "*://*.adsafeprotected.com/jsvid", "*://*.adsafeprotected.com/jsvid?*", "*://*.adsafeprotected.com/mon*", "*://*.adsafeprotected.com/tpl", "*://*.adsafeprotected.com/tpl?*", "*://*.adsafeprotected.com/services/pub*", "*://*.adsafeprotected.com/*"], windowId:null}, ["blocking"]] equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: [{incognito:null, tabId:null, types:["imageset"], urls:["*://track.adform.net/Serving/TrackPoint/*", "*://pixel.advertising.com/firefox-etp", "*://*.advertising.com/*.js*", "*://*.advertising.com/*", "*://securepubads.g.doubleclick.net/gampad/*ad-blk*", "*://pubads.g.doubleclick.net/gampad/*ad-blk*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://vast.adsafeprotected.com/vast*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://securepubads.g.doubleclick.net/gampad/*ad*", "*://pubads.g.doubleclick.net/gampad/*ad*", "*://www.facebook.com/platform/impression.php*", "https://ads.stickyadstv.com/firefox-etp", "*://ads.stickyadstv.com/auto-user-sync*", "*://ads.stickyadstv.com/user-matching*", "https://static.adsafeprotected.com/firefox-etp-pixel", "*://*.adsafeprotected.com/*.gif*", "*://*.adsafeprotected.com/*.png*", "*://*.adsafeprotected.com/*.js*", "*://*.adsafeprotected.com/*/adj*", "*://*.adsafeprotected.com/*/imp/*", "*://*.adsafeprotected.com/*/Serving/*", "*://*.adsafeprotected.com/*/unit/*", "*://*.adsafeprotected.com/jload", "*://*.adsafeprotected.com/jload?*", "*://*.adsafeprotected.com/jsvid", "*://*.adsafeprotected.com/jsvid?*", "*://*.adsafeprotected.com/mon*", "*://*.adsafeprotected.com/tpl", "*://*.adsafeprotected.com/tpl?*", "*://*.adsafeprotected.com/services/pub*", "*://*.adsafeprotected.com/*"], windowId:null}, ["blocking"]] equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: [{incognito:null, tabId:null, types:["script"], urls:["*://webcompat-addon-testbed.herokuapp.com/shims_test.js", "*://example.com/browser/browser/extensions/webcompat/tests/browser/shims_test.js", "*://example.com/browser/browser/extensions/webcompat/tests/browser/shims_test_2.js", "*://example.com/browser/browser/extensions/webcompat/tests/browser/shims_test_3.js", "*://s7.addthis.com/icons/official-addthis-angularjs/current/dist/official-addthis-angularjs.min.js*", "*://track.adform.net/serving/scripts/trackpoint/", "*://track.adform.net/serving/scripts/trackpoint/async/", "*://*.adnxs.com/*/ast.js*", "*://*.adnxs.com/*/pb.js*", "*://*.adnxs.com/*/prebid*", "*://www.everestjs.net/static/st.v3.js*", "*://static.adsafeprotected.com/vans-adapter-google-ima.js", "*://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js", "*://cdn.branch.io/branch-latest.min.js*", "*://pub.doubleverify.com/signals/pub.js*", "*://c.amazon-adsystem.com/aax2/apstag.js", "*://auth.9c9media.ca/auth/main.js", "*://static.chartbeat.com/js/chartbeat.js", "*://static.chartbeat.com/js/chartbeat_video.js", "*://static.criteo.net/js/ld/publishertag.js", "*://*.imgur.com/js/vendor.*.bundle.js", "*://*.imgur.io/js/vendor.*.bundle.js", "*://www.rva311.com/static/js/main.*.chunk.js", "*://web-assets.toggl.com/app/assets/scripts/*.js", "*://libs.coremetrics.com/eluminate.js", "*://connect.facebook.net/*/sdk.js*", "*://connect.facebook.net/*/all.js*", "*://secure.cdn.fastclick.net/js/cnvr-launcher/*/launcher-stub.min.js*", "*://www.google-analytics.com/analytics.js*", "*://www.google-analytics.com/gtm/js*", "*://www.googletagmanager.com/gtm.js*", "*://www.google-analytics.com/plugins/ua/ec.js", "*://ssl.google-analytics.com/ga.js", "*://s0.2mdn.net/instream/html5/ima3.js", "*://imasdk.googleapis.com/js/sdkloader/ima3.js", "*://www.googleadservices.com/pagead/conversion_async.js", "*://www.googletagservices.com/tag/js/gpt.js*", "*://pagead2.googlesyndication.com/tag/js/gpt.js*", "*://pagead2.googlesyndication.com/gpt/pubads_impl_*.js*", "*://securepubads.g.doubleclick.net/tag/js/gpt.js*", "*://securepubads.g.doubleclick.net/gpt/pubads_impl_*.js*", "*://script.ioam.de/iam.js", "*://cdn.adsafeprotected.com/iasPET.1.js", "*://static.adsafeprotected.com/iasPET.1.js", "*://adservex.media.net/videoAds.js*", "*://*.moatads.com/*/moatad.js*", "*://*.moatads.com/*/moatapi.js*", "*://*.moatads.com/*/moatheader.js*", "*://*.moatads.com/*/yi.js*", "*://*.imrworldwide.com/v60.js", "*://cdn.optimizely.com/js/*.js", "*://cdn.optimizely.com/public/*.js", "*://id.rambler.ru/rambler-id-helper/auth_events.js", "*://media.richrelevance.com/rrserver/js/1.2/p13n.js", "*://www.gstatic.com/firebasejs/*/firebase-messaging.js*", "*://*.vidible.tv/*/vidible-min.js*", "*://vdb-cdn-files.s3.amazonaws.com/*/vidible-min.js*", "*://js.maxmind.com/js/apis/geoip2/*/geoip2.js", "*://s.webtrends.com/js/advancedLinkTracking.js", "*://s.webtrends.com/js/webtrends.js", "*://s.webtrends.com/js/webtrends.min.js"], windowId
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: [{incognito:null, tabId:null, types:["script"], urls:["*://webcompat-addon-testbed.herokuapp.com/shims_test.js", "*://example.com/browser/browser/extensions/webcompat/tests/browser/shims_test.js", "*://example.com/browser/browser/extensions/webcompat/tests/browser/shims_test_2.js", "*://example.com/browser/browser/extensions/webcompat/tests/browser/shims_test_3.js", "*://s7.addthis.com/icons/official-addthis-angularjs/current/dist/official-addthis-angularjs.min.js*", "*://track.adform.net/serving/scripts/trackpoint/", "*://track.adform.net/serving/scripts/trackpoint/async/", "*://*.adnxs.com/*/ast.js*", "*://*.adnxs.com/*/pb.js*", "*://*.adnxs.com/*/prebid*", "*://www.everestjs.net/static/st.v3.js*", "*://static.adsafeprotected.com/vans-adapter-google-ima.js", "*://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js", "*://cdn.branch.io/branch-latest.min.js*", "*://pub.doubleverify.com/signals/pub.js*", "*://c.amazon-adsystem.com/aax2/apstag.js", "*://auth.9c9media.ca/auth/main.js", "*://static.chartbeat.com/js/chartbeat.js", "*://static.chartbeat.com/js/chartbeat_video.js", "*://static.criteo.net/js/ld/publishertag.js", "*://*.imgur.com/js/vendor.*.bundle.js", "*://*.imgur.io/js/vendor.*.bundle.js", "*://www.rva311.com/static/js/main.*.chunk.js", "*://web-assets.toggl.com/app/assets/scripts/*.js", "*://libs.coremetrics.com/eluminate.js", "*://connect.facebook.net/*/sdk.js*", "*://connect.facebook.net/*/all.js*", "*://secure.cdn.fastclick.net/js/cnvr-launcher/*/launcher-stub.min.js*", "*://www.google-analytics.com/analytics.js*", "*://www.google-analytics.com/gtm/js*", "*://www.googletagmanager.com/gtm.js*", "*://www.google-analytics.com/plugins/ua/ec.js", "*://ssl.google-analytics.com/ga.js", "*://s0.2mdn.net/instream/html5/ima3.js", "*://imasdk.googleapis.com/js/sdkloader/ima3.js", "*://www.googleadservices.com/pagead/conversion_async.js", "*://www.googletagservices.com/tag/js/gpt.js*", "*://pagead2.googlesyndication.com/tag/js/gpt.js*", "*://pagead2.googlesyndication.com/gpt/pubads_impl_*.js*", "*://securepubads.g.doubleclick.net/tag/js/gpt.js*", "*://securepubads.g.doubleclick.net/gpt/pubads_impl_*.js*", "*://script.ioam.de/iam.js", "*://cdn.adsafeprotected.com/iasPET.1.js", "*://static.adsafeprotected.com/iasPET.1.js", "*://adservex.media.net/videoAds.js*", "*://*.moatads.com/*/moatad.js*", "*://*.moatads.com/*/moatapi.js*", "*://*.moatads.com/*/moatheader.js*", "*://*.moatads.com/*/yi.js*", "*://*.imrworldwide.com/v60.js", "*://cdn.optimizely.com/js/*.js", "*://cdn.optimizely.com/public/*.js", "*://id.rambler.ru/rambler-id-helper/auth_events.js", "*://media.richrelevance.com/rrserver/js/1.2/p13n.js", "*://www.gstatic.com/firebasejs/*/firebase-messaging.js*", "*://*.vidible.tv/*/vidible-min.js*", "*://vdb-cdn-files.s3.amazonaws.com/*/vidible-min.js*", "*://js.maxmind.com/js/apis/geoip2/*/geoip2.js", "*://s.webtrends.com/js/advancedLinkTracking.js", "*://s.webtrends.com/js/webtrends.js", "*://s.webtrends.com/js/webtrends.min.js"], windowId
Source: firefox.exe, 0000000C.00000002.2520756835.000002189130C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: [{incognito:null, tabId:null, types:["xmlhttprequest"], urls:["*://track.adform.net/Serving/TrackPoint/*", "*://pagead2.googlesyndication.com/pagead/*.js*fcd=true", "*://pagead2.googlesyndication.com/pagead/js/*.js*fcd=true", "*://pixel.advertising.com/firefox-etp", "*://cdn.cmp.advertising.com/firefox-etp", "*://*.advertising.com/*.js*", "*://*.advertising.com/*", "*://securepubads.g.doubleclick.net/gampad/*ad-blk*", "*://pubads.g.doubleclick.net/gampad/*ad-blk*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://vast.adsafeprotected.com/vast*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://securepubads.g.doubleclick.net/gampad/*ad*", "*://pubads.g.doubleclick.net/gampad/*ad*", "*://www.facebook.com/platform/impression.php*", "https://ads.stickyadstv.com/firefox-etp", "*://ads.stickyadstv.com/auto-user-sync*", "*://ads.stickyadstv.com/user-matching*", "https://static.adsafeprotected.com/firefox-etp-pixel", "https://static.adsafeprotected.com/firefox-etp-js", "*://*.adsafeprotected.com/*.gif*", "*://*.adsafeprotected.com/*.png*", "*://*.adsafeprotected.com/*.js*", "*://*.adsafeprotected.com/*/adj*", "*://*.adsafeprotected.com/*/imp/*", "*://*.adsafeprotected.com/*/Serving/*", "*://*.adsafeprotected.com/*/unit/*", "*://*.adsafeprotected.com/jload", "*://*.adsafeprotected.com/jload?*", "*://*.adsafeprotected.com/jsvid", "*://*.adsafeprotected.com/jsvid?*", "*://*.adsafeprotected.com/mon*", "*://*.adsafeprotected.com/tpl", "*://*.adsafeprotected.com/tpl?*", "*://*.adsafeprotected.com/services/pub*", "*://*.adsafeprotected.com/*"], windowId:null}, ["blocking"]] equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2520756835.000002189130C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: [{incognito:null, tabId:null, types:["xmlhttprequest"], urls:["*://track.adform.net/Serving/TrackPoint/*", "*://pagead2.googlesyndication.com/pagead/*.js*fcd=true", "*://pagead2.googlesyndication.com/pagead/js/*.js*fcd=true", "*://pixel.advertising.com/firefox-etp", "*://cdn.cmp.advertising.com/firefox-etp", "*://*.advertising.com/*.js*", "*://*.advertising.com/*", "*://securepubads.g.doubleclick.net/gampad/*ad-blk*", "*://pubads.g.doubleclick.net/gampad/*ad-blk*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://vast.adsafeprotected.com/vast*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://securepubads.g.doubleclick.net/gampad/*ad*", "*://pubads.g.doubleclick.net/gampad/*ad*", "*://www.facebook.com/platform/impression.php*", "https://ads.stickyadstv.com/firefox-etp", "*://ads.stickyadstv.com/auto-user-sync*", "*://ads.stickyadstv.com/user-matching*", "https://static.adsafeprotected.com/firefox-etp-pixel", "https://static.adsafeprotected.com/firefox-etp-js", "*://*.adsafeprotected.com/*.gif*", "*://*.adsafeprotected.com/*.png*", "*://*.adsafeprotected.com/*.js*", "*://*.adsafeprotected.com/*/adj*", "*://*.adsafeprotected.com/*/imp/*", "*://*.adsafeprotected.com/*/Serving/*", "*://*.adsafeprotected.com/*/unit/*", "*://*.adsafeprotected.com/jload", "*://*.adsafeprotected.com/jload?*", "*://*.adsafeprotected.com/jsvid", "*://*.adsafeprotected.com/jsvid?*", "*://*.adsafeprotected.com/mon*", "*://*.adsafeprotected.com/tpl", "*://*.adsafeprotected.com/tpl?*", "*://*.adsafeprotected.com/services/pub*", "*://*.adsafeprotected.com/*"], windowId:null}, ["blocking"]]/* do not warn (bug no): cannot use an index to sort */ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.facebook.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.youtube.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://vk.com/,https://www.youtube.com/,https://ok.ru/,https://www.avito.ru/,https://www.aliexpress.com/,https://www.wikipedia.org/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000003.2003597755.000002189A2BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2094243038.000002189A2C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000003.2003597755.000002189A2BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2117833209.000002189AC74000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2094243038.000002189A2C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/https://vk.com/,https://www.youtube.com/,https://ok.ru/,https://www.avito.ru/,https://www.aliexpress.com/,https://www.wikipedia.org/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/https://vk.com/,https://www.youtube.com/,https://ok.ru/,https://www.avito.ru/,https://www.aliexpress.com/,https://www.wikipedia.org/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.twitter.com (Twitter)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/url('chrome://activity-stream/content/data/content/assets/mr-privacysegmentation.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color) equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/url('chrome://activity-stream/content/data/content/assets/mr-privacysegmentation.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color) equals www.twitter.com (Twitter)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/url('chrome://activity-stream/content/data/content/assets/mr-privacysegmentation.svg') var(--mr-secondary-position) no-repeat var(--mr-screen-background-color) equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.twitter.com (Twitter)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDD03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDD03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.twitter.com (Twitter)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDD03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/8j equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/8j equals www.twitter.com (Twitter)
Source: firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/8j equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: moz-extension://06836808-3da5-4b66-93b7-b66b1a840a96/injections/js/bug1842437-www.youtube.com-performance-now-precision.js equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000003.2235943828.0000021891FC0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2505086721.00000218906F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2119039211.000002189A79F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000002.2392705028.00000190A4000000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.comP equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000C.00000003.2359510992.000002189AE94000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2392705028.00000190A4000000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2236638190.0000021891FBD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A79F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com- equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2392705028.00000190A4000000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.comP equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000C.00000002.2511945144.0000021890923000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2186425548.00000218A0809000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2500043314.0000021890382000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: x*://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
Source: global trafficDNS traffic detected: DNS query: online.nashikproperty.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: prod.classify-client.prod.webservices.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: detectportal.firefox.com
Source: global trafficDNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: contile.services.mozilla.com
Source: global trafficDNS traffic detected: DNS query: spocs.getpocket.com
Source: global trafficDNS traffic detected: DNS query: prod.ads.prod.webservices.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: www.youtube.com
Source: global trafficDNS traffic detected: DNS query: www.facebook.com
Source: global trafficDNS traffic detected: DNS query: youtube-ui.l.google.com
Source: global trafficDNS traffic detected: DNS query: www.wikipedia.org
Source: global trafficDNS traffic detected: DNS query: star-mini.c10r.facebook.com
Source: global trafficDNS traffic detected: DNS query: dyna.wikimedia.org
Source: global trafficDNS traffic detected: DNS query: www.reddit.com
Source: global trafficDNS traffic detected: DNS query: twitter.com
Source: global trafficDNS traffic detected: DNS query: reddit.map.fastly.net
Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: example.org
Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
Source: global trafficDNS traffic detected: DNS query: content-signature-2.cdn.mozilla.net
Source: global trafficDNS traffic detected: DNS query: prod.content-signature-chains.prod.webservices.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: firefox.settings.services.mozilla.com
Source: global trafficDNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: shavar.services.mozilla.com
Source: global trafficDNS traffic detected: DNS query: push.services.mozilla.com
Source: global trafficDNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
Source: global trafficDNS traffic detected: DNS query: services.addons.mozilla.org
Source: global trafficDNS traffic detected: DNS query: normandy.cdn.mozilla.net
Source: global trafficDNS traffic detected: DNS query: normandy-cdn.services.mozilla.com
Source: unknownHTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: */*User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 3592Host: login.live.com
Source: firefox.exe, 0000000C.00000002.2467790881.000002188F62E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2208367892.0000021893775000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2370614209.00000124CCA40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
Source: firefox.exe, 0000000C.00000003.2003597755.000002189A2BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.0/
Source: firefox.exe, 0000000C.00000003.2003597755.000002189A2BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.1/
Source: firefox.exe, 0000000C.00000003.2003597755.000002189A2BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.0/
Source: firefox.exe, 0000000C.00000003.2003597755.000002189A2BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.1/
Source: firefox.exe, 0000000C.00000003.2148488051.000002188F549000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: firefox.exe, 0000000C.00000003.2162065733.000002188F589000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2148488051.000002188F549000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F560000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F534000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2176308215.000002188F590000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2148488051.000002188F55C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: firefox.exe, 0000000C.00000002.2491655632.000002188FFE8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
Source: firefox.exe, 0000000C.00000002.2491655632.000002188FFE8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
Source: firefox.exe, 0000000C.00000003.2148488051.000002188F549000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F534000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
Source: firefox.exe, 0000000C.00000002.2460799496.000002188F560000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2162065733.000002188F548000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F4DC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: firefox.exe, 0000000C.00000003.2162065733.000002188F589000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F534000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2176308215.000002188F590000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%shttps://poczta.interia.pl/mh/?mailto=%s
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%shttps://poczta.interia.pl/mh/?mailto=%shttps://mail.
Source: firefox.exe, 0000000C.00000003.2223987688.000002189A080000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%ss
Source: firefox.exe, 0000000C.00000003.2137630269.000002188F5A4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2142688756.000002188F5A4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2140616637.000002188F5A4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F5A4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2181486061.000002188F5A4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2162065733.000002188F5A4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2136406491.000002188F58E000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2176308215.000002188F5A9000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2148488051.000002188F5A5000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2166110236.000002188F5A5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.microsoft
Source: firefox.exe, 0000000C.00000002.2491655632.000002188FFE8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
Source: firefox.exe, 0000000C.00000003.2162065733.000002188F589000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2148488051.000002188F549000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F560000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F534000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2176308215.000002188F590000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2148488051.000002188F55C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: firefox.exe, 0000000C.00000003.2148488051.000002188F549000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
Source: firefox.exe, 0000000C.00000002.2491655632.000002188FFE8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
Source: firefox.exe, 0000000C.00000002.2491655632.000002188FFE8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
Source: firefox.exe, 0000000C.00000002.2460799496.000002188F560000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2162065733.000002188F548000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F4DC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: firefox.exe, 0000000C.00000003.2162065733.000002188F589000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F534000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2176308215.000002188F590000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: firefox.exe, 0000000C.00000003.2148488051.000002188F549000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F534000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
Source: firefox.exe, 0000000C.00000003.2148488051.000002188F549000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: firefox.exe, 0000000C.00000002.2491655632.000002188FFE8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
Source: firefox.exe, 0000000C.00000003.2148488051.000002188F549000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F534000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
Source: firefox.exe, 0000000C.00000002.2491655632.000002188FFE8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
Source: firefox.exe, 0000000C.00000003.2172311154.000002189A243000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2425012768.000002188C932000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2511945144.000002189092D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2505086721.0000021890693000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2209630655.00000218936BC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2227243784.000002189A76D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2081964775.00000218A10EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899D77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2208367892.00000218937E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com
Source: firefox.exe, 0000000C.00000003.2235943828.0000021891FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/
Source: firefox.exe, 0000000C.00000003.2191062797.0000021899DBC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2203660165.0000021899DC5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2301904203.000002189AEAC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2370614209.00000124CCA40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.html
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.htmlfinish
Source: firefox.exe, 0000000C.00000003.2089748254.000002189AEC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2511945144.0000021890942000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2219905442.00000218A0714000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2414333291.000002188BBA9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2001476844.000002189ACC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2197436474.000002189AECA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2505086721.00000218906CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1945675164.000002189ACC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2170776591.000002189ACC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2370614209.00000124CCA40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
Source: firefox.exe, 0000000C.00000003.2188444127.000002189ACC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2467790881.000002188F66A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2219905442.00000218A0714000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2511945144.000002189096C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2301904203.000002189AEAC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2414333291.000002188BBA9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2001476844.000002189ACC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2197436474.000002189AECA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1945675164.000002189ACC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2170776591.000002189ACC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2370614209.00000124CCA40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
Source: firefox.exe, 0000000C.00000003.2206722073.0000021894535000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListener
Source: firefox.exe, 0000000C.00000003.2206722073.0000021894535000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListener
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B28A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/common
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B281000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/dates-and-times
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B28A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/math
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B281000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/regular-expressionsP
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B28A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/sets
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-04/schema#
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-06/schema#
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-07/schema#
Source: firefox.exe, 0000000C.00000002.2392705028.00000190A4000000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.o
Source: firefox.exe, 0000000C.00000003.2034470450.000002189A482000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org
Source: firefox.exe, 0000000C.00000003.2341722197.00001AB57B404000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2505086721.0000021890685000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2346676447.0000314826603000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2343370391.00003664EC603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/aboutWelcomeBehavior
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/addonsFeatureGate
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/addonsShowLessFrequentlyCap
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/addonsUITreatment
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/appId
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/appName
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/autoFillAdaptiveHistoryEnabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/autoFillAdaptiveHistoryMinCharsThreshold
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/autoFillAdaptiveHistoryUseCountThreshold
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bestMatchBlockingEnabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/boolean
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/feature
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/feature/properties/featureId
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/feature/properties/value
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/feature/properties/value/additiona
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/feature/properties/valuehttp://moz
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/ratio
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/ratiohttp://mozilla.org/#/properti
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0/items/properties/slug
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/0http://mozilla.org/#/properties/branches/anyOf/1http
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature/properties/enabled
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature/properties/enabledhttp://m
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature/properties/featureId
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature/properties/value
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature/properties/value/additiona
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/featurehttp://mozilla.org/#/proper
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/features
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/features/items/properties/featureI
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/features/items/properties/value
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/features/items/properties/value/ad
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/features/itemsresource:///modules/
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/1/items/properties/ratio
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features/items/properties/featureI
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features/items/properties/value
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features/items/properties/value/ad
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features/itemshttp://mozilla.org/#
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/featuresMethod
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/ratio
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/slug
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2/items/properties/slugresource:///modules/urlbar/pri
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/branches/anyOf/2http://mozilla.org/#/properties/id
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bucketConfig
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bucketConfig/properties/count
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bucketConfig/properties/namespace
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bucketConfig/properties/randomizationUnit
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bucketConfig/properties/randomizationUnitchrome://browser/content/sc
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bucketConfig/properties/start
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/bucketConfig/properties/total
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/channel
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/disableGreaseOnFallback
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/dnsMaxAnyPriorityThreads
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/dnsMaxPriorityThreads
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/ehPreconnectEnabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/ehPreloadEnabledhttp://mozilla.org/#/properties/preconnect
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/enrollmentEndDate
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/featureIds
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/featureIds/itemshttp://mozilla.org/#/properties/branches
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/forceWaitHttpsRRbrowser.download.start_downloads_in_tmp_dir
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/greasePaddingSize
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/h3Enabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/h3GreaseEnabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/isBestMatchExperiment
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/isEnrollmentPaused
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/louserzations/anyOf/0/additionalProperties
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/louserzations/anyOf/0/additionalProperties/additionalProperties
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/louserzations/anyOf/0/additionalPropertiesresource:///modules/urlbar
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/merinoClientVariants
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/merinoEndpointURL
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/migrateExtensions
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/networkPredictorCan
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/outcomes
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/outcomes/items
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/outcomes/items/properties/priority
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/outcomes/items/properties/slug
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pocketFeatureGate
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/pocketShowLessFrequentlyCap
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/proposedDuration
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestAllowPositionInSuggestions
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestBlockingEnabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestDataCollectionEnabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestEnabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestImpressionCapsNonSponsoredEnabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestImpressionCapsSponsoredEnabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestNonSponsoredEnabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestNonSponsoredIndex
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestOnboardingDialogVariation
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestRemoteSettingsDataType
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestRemoteSettingsEnabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestScenario
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestScoreMap
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestShouldShowOnboardingDialog
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestShowOnboardingDialogAfterNRestarts
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestSponsoredEnabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/quickSuggestSponsoredIndex
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/recordNavigationalSuggestionTelemetry
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/schemaVersion
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/showExposureResults
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/showImportAll
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/showPreferencesEntrypoint
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/showSearchTermsFeatureGate
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/slug
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/tlsEnabled
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/tlsGreaseProb
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/useNewWizard
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/userFacingDescription
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/userFacingName
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/#/properties/weatherFeatureGate
Source: firefox.exe, 0000000C.00000003.2341722197.00001AB57B404000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2346676447.0000314826603000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2343370391.00003664EC603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/0
Source: firefox.exe, 0000000C.00000003.2026696823.000002189E2A7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2212758919.0000021892B9E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2072767170.000002188FADA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A988000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2484691837.000002188FB2D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2226352203.000002189AECE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2436767169.000002188CE26000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2142863607.000002188CE30000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2091401519.000002189A985000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2284720979.000002188D1D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1973945374.00000218A0A63000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2359200586.000002189AECA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2436767169.000002188CE20000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2212173073.0000021892BB8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1976153169.00000218907CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1897811133.000002188CE89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2016628476.0000021899FB9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1968674286.000002189E242000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2467790881.000002188F603000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1898432560.00000218908DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2227396883.0000021899F3D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0/.
Source: firefox.exe, 0000000C.00000003.2341722197.00001AB57B404000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2346676447.0000314826603000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2343370391.00003664EC603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/Z
Source: firefox.exe, 0000000C.00000002.2491655632.000002188FFE8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
Source: firefox.exe, 0000000C.00000003.2162065733.000002188F589000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F534000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2176308215.000002188F590000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
Source: firefox.exe, 0000000C.00000003.2162065733.000002188F589000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2148488051.000002188F549000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F560000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F534000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2176308215.000002188F590000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2148488051.000002188F55C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0C
Source: firefox.exe, 0000000C.00000003.2148488051.000002188F549000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F534000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0N
Source: firefox.exe, 0000000C.00000002.2460799496.000002188F560000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2162065733.000002188F548000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F4DC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
Source: firefox.exe, 0000000C.00000002.2491655632.000002188FFE8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%s
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%shttps://mail.yahoo.co.jp/compose/?To=%shttp://win.mail.ru/cgi-
Source: firefox.exe, 0000000C.00000003.2223987688.000002189A080000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%sw
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%s
Source: firefox.exe, 0000000C.00000003.2223987688.000002189A080000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%sy
Source: firefox.exe, 0000000C.00000003.2148488051.000002188F549000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F534000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%s
Source: firefox.exe, 0000000C.00000003.2223987688.000002189A080000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%su
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-update
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-updateapp.update.checkOnlyInstance.enabled
Source: firefox.exe, 0000000C.00000003.2003597755.000002189A2BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2006/browser/search/
Source: firefox.exe, 0000000C.00000002.2438709190.000002188CF05000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2058086023.0000021B0003F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1939620347.000002189AEF5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2117833209.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BCA8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC96000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
Source: firefox.exe, 0000000C.00000002.2477537584.000002188F9EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul8
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul:
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulError
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCAD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulRequired
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulchrome://global/content/elements/moz-me
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulhttp://www.mozilla.org/keymaster/gateke
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulprefEmailTrackingProtectionEnabledInPri
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulresource://gre/modules/addons/AddonSett
Source: firefox.exe, 0000000C.00000002.2491655632.000002188FFE8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2088251200.000002189B015000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
Source: firefox.exe, 0000000C.00000002.2491655632.000002188FFE8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2088251200.000002189B015000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https:////online.nashikproperty.com//?zn1YPM=Ppj%
Source: firefox.exe, 0000000C.00000003.2055286067.000002189AC3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893493174.000002188CF00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/
Source: firefox.exe, 0000000C.00000003.2212173073.0000021892BD2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.bellmedia.c
Source: firefox.exe, 0000000C.00000003.2206005219.0000021897F2A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com
Source: firefox.exe, 0000000C.00000002.2467790881.000002188F620000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2467790881.000002188F66A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2370614209.00000124CCA40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/
Source: firefox.exe, 0000000C.00000003.1946318091.000002189A6BF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.comK
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.comwebRequest.onBeforeSendHeaders
Source: firefox.exe, 0000000C.00000002.2451649772.000002188F174000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/en-US/firefox/collections/4757633/25c2b44583534b3fa8fea977c419cd/?page=1&
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2119039211.000002189A79F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/enhancer-for-youtube/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2119039211.000002189A79F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/facebook-container/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2119039211.000002189A79F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/to-google-translate/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2119039211.000002189A79F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/wikipedia-context-menu-search/
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/4040738/cookie_autodelete-3.8.2.xpi
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/4128570/languagetool-7.1.13.xpi
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/4129240/privacy_badger17-2023.6.23.xpi
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/4134489/enhancer_for_youtube-2.0.119.1.xpi
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/downloads/file/4141092/facebook_container-2.3.11.xpi
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/506/506646-64.png?modified=mcrushed
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/700/700308-64.png?modified=4bc8e79f
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/708/708770-64.png?modified=4f881970
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/784/784287-64.png?modified=mcrushed
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/user-media/addon_icons/954/954390-64.png?modified=97d4c956
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads-us.rd.linksynergy.com/as.php
Source: firefox.exe, 0000000C.00000002.2520756835.000002189130C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891307000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1999522643.00000218A07EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2500043314.0000021890382000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2500043314.000002189030D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891303000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads.stickyadstv.com/firefox-etp
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A79F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A79F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/a8bxj8j?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
Source: firefox.exe, 0000000C.00000003.1944869216.0000021891C6F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2233700900.00000218936F2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1946894330.0000021891C6F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2209630655.00000218936BC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org
Source: firefox.exe, 0000000C.00000003.2356949819.00000218A0865000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2425012768.000002188C932000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/
Source: firefox.exe, 0000000C.00000003.2208367892.0000021893775000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2181854329.00000218A070F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2091401519.000002189A918000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2219905442.00000218A0712000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2505086721.0000021890693000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2511945144.0000021890950000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/Firefox/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B2BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2372630841.0000023C2B6C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDE7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2384253336.00000124CCE03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.12.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&ci=1696581201119.12791&key=1696581201400600
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B2BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2372630841.0000023C2B6C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDE7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2384253336.00000124CCE03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.12.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&ci=1696581201119.12791&key=1696581201400600000.1&cta
Source: firefox.exe, 0000000C.00000003.2097918495.0000021897F79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2095762238.00000218983F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mo
Source: firefox.exe, 0000000C.00000003.2097435421.0000021897FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1170143
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2098595076.0000021897F52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2097435421.0000021897FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1189266
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2097435421.0000021897FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1193802
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC40000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2097435421.0000021897FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1207993
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCAD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1238180
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCAD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1238180Error:
Source: firefox.exe, 0000000C.00000003.2098595076.0000021897F52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2097435421.0000021897FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2064313614.000002189A559000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2064048582.00000218A0AEB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1266220
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2097435421.0000021897FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1283601
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942251079.000002189A266000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1539075
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942251079.000002189A266000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1584464
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1584464DELETE
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942251079.000002189A266000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1607439
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1607439https://bugzilla.mozilla.org/show_bug.cgi?id=153
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942251079.000002189A266000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1616739
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2073427810.000002188F3DA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2098595076.0000021897F52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2097435421.0000021897FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1678448
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2068160949.000002189A589000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2097435421.0000021897FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=792480
Source: firefox.exe, 0000000C.00000003.2063484255.000002188F3D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2097435421.0000021897FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=793869
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC40000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2063484255.000002188F3F3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2097435421.0000021897FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=809550
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC40000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2097435421.0000021897FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2066517148.000002188F7BD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=840161
Source: firefox.exe, 0000000C.00000003.2091401519.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893985959.000002188D105000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893493174.000002188CF00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
Source: firefox.exe, 0000000C.00000002.2451649772.000002188F1A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net
Source: firefox.exe, 0000000C.00000003.1945675164.000002189ACED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2000812292.000002189ACED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/
Source: firefox.exe, 0000000C.00000003.2171318685.000002189AC73000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2117833209.000002189AC74000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC74000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1944929087.0000021891C63000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2091401519.000002189A918000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2001476844.000002189AC74000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1945675164.000002189AC74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-202
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B2BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2372630841.0000023C2B6C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDE7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2384253336.00000124CCE03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.12.drString found in binary or memory: https://contile-images.services.mozilla.com/T23eBL4EHswiSaF6kya2gYsRHvdfADK-NYjs1mVRNGE.3351.jpg
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B2BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2372630841.0000023C2B6C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDE7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2384253336.00000124CCE03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.12.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
Source: firefox.exe, 0000000C.00000003.2152639532.000002189A73C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2245442226.000002189A73C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2529921858.0000021891655000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2211655201.0000021892BD8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2370614209.00000124CCA40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/v1/tiles
Source: firefox.exe, 0000000C.00000003.2356949819.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2270129434.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2186425548.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2083988626.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2158656471.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2115616970.00000218A085B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://datastudio.google.com/embed/reporting/
Source: firefox.exe, 0000000C.00000003.2206722073.000002189453D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullSc
Source: firefox.exe, 0000000C.00000003.2206722073.0000021894548000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2206722073.000002189453F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapture
Source: firefox.exe, 0000000C.00000003.2206722073.000002189453F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureElementReleaseCaptureWarningElem
Source: firefox.exe, 0000000C.00000003.2206722073.000002189453F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#EncryptionPreventDefaultFromP
Source: firefox.exe, 0000000C.00000003.2026696823.000002189E2A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIEffectiveTLDServi
Source: firefox.exe, 0000000C.00000003.1893985959.000002188D105000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2237549175.0000021891FA3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2015737713.000002189A5D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893493174.000002188CF00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/
Source: firefox.exe, 0000000C.00000003.2055286067.000002189AC3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/?t=ffab&q=
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/y
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%s
Source: firefox.exe, 0000000C.00000003.2223987688.000002189A080000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%sz
Source: firefox.exe, 0000000C.00000003.2223987688.000002189A080000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%szw
Source: firefox.exe, 0000000C.00000003.2222916888.000002189A089000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%s
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%shttps://outlook.live.com/default.aspx?rru=compose&
Source: firefox.exe, 0000000C.00000003.2206722073.0000021894548000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDD12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCC13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAF7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/673d2808-e5d8-41b9-957
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAF7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/706c7a85-cf23-442e-8a9
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/74f06853-c80d-4afc-9b2
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/d8e772fe-4909-4f05-9f9
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.allizom.org/v1/buckets/main-preview/collections/search-config/reco
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/records
Source: firefox.exe, 0000000C.00000003.2088251200.000002189B0F8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2171318685.000002189AC44000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2055286067.000002189AC3E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2117833209.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com
Source: firefox.exe, 0000000C.00000002.2511945144.00000218909BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2425012768.000002188C932000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main-preview/collections/search-config/reco
Source: firefox.exe, 0000000C.00000003.2089748254.000002189AECA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2088251200.000002189B084000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2197436474.000002189AECA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2195519208.000002189B084000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/records
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/recordshttps
Source: firefox.exe, 0000000C.00000002.2505086721.00000218906F9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2484691837.000002188FBB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expe
Source: firefox.exe, 0000000C.00000002.2484691837.000002188FB0B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?colle
Source: firefox.exe, 0000000C.00000002.2451649772.000002188F149000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2451649772.000002188F105000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDD12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCC13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2203806642.0000021899DA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCCC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
Source: firefox.exe, 0000000C.00000003.2303371339.0000021899DA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trendi
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2203806642.0000021899DA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCCC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DBC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDD2F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCC30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=40249-e88c401e1b1f2242d9e4
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtab
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtabL
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtabgetHardcodedLayout/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtab
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtabC
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtabexperimental-features-cookie-sam
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtab
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtabA
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtabresource://gre/modules/SearchSuggestionCo
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtab
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtabE
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtabhttps://getpocket.com/explore/science?u
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtab
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtabG
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab?
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtabbrowser.newtabpage.activity-s
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtab
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtabN
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtabUnable
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2203806642.0000021899DA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCCC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
Source: firefox.exe, 0000000C.00000003.2191062797.0000021899DD7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabL
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabSends
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabexperimental-features-devtools-compatibility-pa
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtab
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtabI
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtabgetHardcodedLayout/
Source: firefox.exe, 0000000C.00000003.1946318091.000002189A6D3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_moreError
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_morehome-prefs-recent-activity-description
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_morehome-prefs-recent-activity-descriptionsection.highli
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2203806642.0000021899DA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCCC4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendations
Source: firefox.exe, 0000000C.00000003.2191062797.0000021899DD7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS
Source: firefox.exe, 0000000C.00000003.2191062797.0000021899DD7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS7
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationschrome://browser/content/cfr-lightning.svgchrome://global/skin/
Source: firefox.exe, 0000000C.00000003.2191062797.0000021899DD7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=basic
Source: firefox.exe, 0000000C.00000003.1921525880.0000021899FCE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query-all.ts
Source: firefox.exe, 0000000C.00000003.1921525880.0000021899FCE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query.ts
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893985959.000002188D105000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893493174.000002188CF00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshotsexperiment-apis/pictureInPicture.jsonhttps://screensh
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla/webcompat-reporter
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2505086721.0000021890693000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942251079.000002189A266000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/blob/master/css-grid-2/MASONRY-EXPLAINER.md
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942251079.000002189A266000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/issues/4650
Source: firefox.exe, 0000000C.00000003.2190958491.0000021899DF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/zertosh/loose-envify)
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gpuweb.github.io/gpuweb/webrtc-global-mute-toggles
Source: firefox.exe, 0000000C.00000003.1987506329.00000218915C0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1983696765.00000218A0A4C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2511945144.0000021890950000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ib.absa.co.za/
Source: firefox.exe, 0000000C.00000003.2082373451.00000218A105A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/oldsyncS
Source: firefox.exe, 0000000C.00000003.1996519027.00000218A10A9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/relay
Source: firefox.exe, 0000000C.00000003.2082373451.00000218A105A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/H
Source: firefox.exe, 0000000C.00000003.2082373451.00000218A105A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/HCX
Source: firefox.exe, 0000000C.00000003.2082373451.00000218A105A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryU
Source: firefox.exe, 0000000C.00000003.2082373451.00000218A105A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryUFj
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/resource://gre/modules/XPCOMUtils.sys.mjsdiscoverystream.perso
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B2BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2372630841.0000023C2B6C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDE7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2384253336.00000124CCE03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.12.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4CLXfQbX4pbW4QbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDC1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCCF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit
Source: firefox.exe, 0000000C.00000002.2511945144.00000218909A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/events/1/0d7e832e-1769-4546-a100-3b72e
Source: firefox.exe, 0000000C.00000002.2511945144.00000218909C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/metrics/1/4b67210c-5477-47c6-b74d-d110
Source: firefox.exe, 0000000C.00000002.2406442711.000002188B303000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/newtab/1/8c6e30c8-b4b7-49ae-8d28-45d7f
Source: firefox.exe, 0000000C.00000002.2511945144.00000218909C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2511945144.00000218909E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/4f7ef03d-9702-45b6
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/a9450968-2d75-4288
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submithttps://getpocket.com/recommendationsConfiguration
Source: firefox.exe, 0000000C.00000003.2191062797.0000021899DD7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submits
Source: firefox.exe, 0000000C.00000003.1941708601.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema
Source: firefox.exe, 0000000C.00000002.2406442711.000002188B3F1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2491655632.000002188FFFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com
Source: firefox.exe, 0000000C.00000002.2467790881.000002188F66A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2370614209.00000124CCA40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
Source: firefox.exe, 0000000C.00000002.2511945144.000002189096C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb
Source: firefox.exe, 0000000C.00000003.2212173073.0000021892BD2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
Source: firefox.exe, 0000000C.00000003.2356949819.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2270129434.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2356949819.00000218A08AB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2186425548.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2083988626.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2083988626.00000218A08AA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2158656471.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2194733712.00000218A08AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2115616970.00000218A08AB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2115616970.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2158656471.00000218A08AD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2186425548.00000218A08AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lookerstudio.google.com/embed/reporting/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%s
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%sRejected
Source: firefox.exe, 0000000C.00000003.2222916888.000002189A089000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%s
Source: firefox.exe, 0000000C.00000003.2223987688.000002189A080000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%sv
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%s
Source: firefox.exe, 0000000C.00000003.2223987688.000002189A080000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%st
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2193427051.00000218FF8DB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2081053914.00000218FF8D7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2112858446.00000218FF8DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2183543967.00000218FF8D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2372630841.0000023C2B672000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDD81000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCC8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
Source: firefox.exe, 0000000C.00000003.1978009251.00000218A0AEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mochitest.youtube.com/
Source: firefox.exe, 0000000C.00000002.2451649772.000002188F174000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2414333291.000002188BBA9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com
Source: firefox.exe, 0000000C.00000003.2162065733.000002188F548000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2166110236.000002188F55D000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2162065733.000002188F55D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org0/
Source: firefox.exe, 0000000C.00000002.2505086721.0000021890688000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net
Source: firefox.exe, 0000000C.00000002.2505086721.0000021890688000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2370614209.00000124CCA40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1
Source: firefox.exe, 0000000C.00000002.2406442711.000002188B3A2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2484691837.000002188FBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2505086721.0000021890603000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2505086721.00000218906CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ok.ru/
Source: firefox.exe, 0000000C.00000002.2360537981.000000A9EB5D8000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: https://online.n
Source: firefox.exe, 0000000C.00000002.2505086721.00000218906D3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2238351230.0000021891CCC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2117137741.000002189B0D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2006862640.0000021898305000.00000004.00000800.00020000.00000000.sdmp, chromecache_95.1.drString found in binary or memory: https://online.nashikproperty.com
Source: firefox.exe, 0000000C.00000002.2505086721.00000218906D3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://online.nashikproperty.com/
Source: firefox.exe, 0000000C.00000003.2185893625.00000218A08D3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2113547908.00000218A10DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2081964775.00000218A10DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2402454604.000002188B257000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2165891507.00000218A08D3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2158656471.00000218A08D1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2117137741.000002189B0D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1996469004.00000218A10DD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2006862640.0000021898305000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2114827994.00000218A08D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://online.nashikproperty.com/?zn1YPM=Ppj
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://online.nashikproperty.com/?zn1ypm=ppj
Source: firefox.exe, 0000000C.00000003.2222916888.000002189A089000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%s
Source: firefox.exe, 0000000C.00000003.1978009251.00000218A0AEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://play.hbomax.com/page/
Source: firefox.exe, 0000000C.00000003.1978009251.00000218A0AEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://play.hbomax.com/player/
Source: firefox.exe, 0000000C.00000003.2222916888.000002189A089000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s
Source: firefox.exe, 0000000C.00000003.2223987688.000002189A080000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%sx
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2370614209.00000124CCA40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B23E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com/
Source: firefox.exe, 0000000C.00000002.2438709190.000002188CF05000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com
Source: firefox.exe, 0000000C.00000002.2438709190.000002188CF05000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redux.js.org/api-reference/store#subscribe(listener)
Source: firefox.exe, 0000000C.00000003.2208367892.0000021893775000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2370614209.00000124CCA40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/accounts/profile/?utm_medium=firefox-desktop&utm_source=modal&utm_campaign
Source: firefox.exe, 0000000C.00000003.2235943828.0000021891FC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
Source: firefox.exe, 0000000C.00000002.2523731573.0000021891475000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=AIzaSyC7jsptDS
Source: firefox.exe, 0000000C.00000003.2181854329.00000218A070F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2209630655.000002189368C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2204539256.0000021897F8F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2233700900.00000218936AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2229286470.0000021897F92000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=AIzaSy
Source: firefox.exe, 0000000C.00000002.2451649772.000002188F174000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com
Source: firefox.exe, 0000000C.00000003.1893985959.000002188D105000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2467790881.000002188F66A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2467790881.000002188F657000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893493174.000002188CF00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/Web
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/getCurrentInnerWindowWithId
Source: firefox.exe, 0000000C.00000003.2026696823.000002189E2A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2002762653.000002189A67A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addonThe
Source: firefox.exe, 0000000C.00000003.2356949819.00000218A088C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2534407330.0000021891789000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-
Source: firefox.exe, 0000000C.00000003.2194466541.00000218A08CD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2158656471.00000218A08CD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1997612579.00000218A08CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2054102791.00000218A08CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2083988626.00000218A08CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com
Source: firefox.exe, 0000000C.00000003.2187735941.00000218A07A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2054233902.00000218A08B4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=118.0&pver=2.2
Source: firefox.exe, 0000000C.00000002.2484691837.000002188FBDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/facebook.svg
Source: firefox.exe, 0000000C.00000002.2484691837.000002188FBDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/play.svg
Source: firefox.exe, 0000000C.00000003.1945675164.000002189AC5C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2091401519.000002189A95A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222271795.000002189A95B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com
Source: firefox.exe, 0000000C.00000003.2091401519.000002189A927000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2293522968.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222477939.000002189A949000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDD12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCC13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/Routed
Source: firefox.exe, 0000000C.00000003.1945675164.000002189ACED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222916888.000002189A094000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2246863563.000002189A094000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2451649772.000002188F1EB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2000812292.000002189ACED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222477939.000002189A949000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#l
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs:
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs_attachTippyTopIconForSearchShortcutresource://gre/modules/Region.s
Source: firefox.exe, 0000000C.00000003.2215598068.00000218921C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DD7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDC1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCCF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/userdiscoverystream.rec.impressions
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/userdiscoverystream.rec.impressionsActivityStream:PreloadedBrowserDISCOV
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/usertracking-protection-icon-container
Source: firefox.exe, 0000000C.00000002.2520756835.000002189130C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2158656471.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2115616970.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2500043314.000002189030D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js
Source: firefox.exe, 0000000C.00000002.2520756835.000002189130C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2158656471.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2115616970.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891307000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2500043314.0000021890382000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2500043314.000002189030D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891303000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixel
Source: firefox.exe, 0000000C.00000002.2451649772.000002188F174000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2089748254.000002189AEB5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org
Source: firefox.exe, 0000000C.00000003.2197436474.000002189AEAC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2089748254.000002189AEAC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2190032539.000002189A659000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2002762653.000002189A647000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2301904203.000002189AEAC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2056060498.000002189A659000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/
Source: firefox.exe, 0000000C.00000003.1939620347.000002189AEDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2484691837.000002188FBB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2511945144.00000218909E1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2505086721.0000021890693000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2370614209.00000124CCA40000.00000002.10000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/captive-portal
Source: firefox.exe, 0000000C.00000003.2055286067.000002189AC1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2511945144.00000218909BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2123201687.0000021897FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/firefox-crashes-troubleshoot-prevent-and-get-helpgetCanApplyUpdates
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings
Source: firefox.exe, 0000000C.00000003.2234823818.000002189363A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settingspromiseLangPacksUpdated
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causes
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causesstartMigration
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/website-translation
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/website-translationonly
Source: firefox.exe, 0000000C.00000002.2511945144.00000218909BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2123201687.0000021897FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefox
Source: firefox.exe, 0000000C.00000003.2055286067.000002189AC1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.oGUCFCdKfd-E
Source: firefox.exe, 0000000C.00000003.2206722073.0000021894548000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2206722073.000002189453F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2413619985.000002188B990000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-2
Source: firefox.exe, 0000000C.00000003.2206722073.000002189453F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2413619985.000002188B990000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-3.1
Source: firefox.exe, 0000000C.00000003.2206722073.000002189453F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2413619985.000002188B990000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-4
Source: firefox.exe, 0000000C.00000003.2206722073.000002189453F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2413619985.000002188B990000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc7515#appendix-C)
Source: firefox.exe, 0000000C.00000002.2451649772.000002188F174000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://truecolors.firefox.com
Source: firefox.exe, 0000000C.00000003.2237549175.0000021891FA3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://truecolors.firefox.com/
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2117833209.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://vk.com/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://watch.sling.com/
Source: firefox.exe, 0000000C.00000003.2190958491.0000021899DF9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://webpack.js.org/concepts/mode/)
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://weibo.com/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.aliexpress.com/
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B2BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2372630841.0000023C2B6C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDE7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2384253336.00000124CCE03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.12.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_39e4b8f6fd6635158ad433436bdaa069841cfdf8e1989e03
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2187489981.00000218A07ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2087386307.00000218A07EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2116685311.00000218A07EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2015737713.000002189A5D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2001476844.000002189AC74000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1999522643.00000218A07EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893493174.000002188CF00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1945675164.000002189AC74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/chrome://extensions/content/schemas/management.js
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.avito.ru/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ctrip.com/
Source: firefox.exe, 0000000C.00000003.2148488051.000002188F549000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2146078305.000002188F5BC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.digicert.com/CPS0
Source: firefox.exe, 0000000C.00000003.1942251079.000002189A2E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1921525880.0000021899FDC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893985959.000002188D105000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893493174.000002188CF00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2220670433.000002189A98A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2001944252.000002189A6B1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2015737713.000002189A5D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2301904203.000002189AEAC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2314869800.000002189A98A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893493174.000002188CF00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
Source: firefox.exe, 0000000C.00000003.2097918495.0000021897F79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899D77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2000812292.000002189ACED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/searchwikipedia
Source: firefox.exe, 0000000C.00000003.1978009251.00000218A0AEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.hulu.com/watch/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ifeng.com/
Source: firefox.exe, 0000000C.00000003.1978009251.00000218A0AEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.instagram.com/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.iqiyi.com/
Source: firefox.exe, 0000000C.00000003.2167893174.00000218A076F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2000657520.00000218A07A2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2187735941.00000218A07A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2174602287.00000218A07A2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mobilesuica.com/
Source: firefox.exe, 0000000C.00000002.2425012768.000002188C9F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2091401519.000002189A983000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org
Source: firefox.exe, 0000000C.00000003.1945675164.000002189AC5A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2091401519.000002189A9ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/
Source: firefox.exe, 0000000C.00000003.2346676447.0000314826603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/Z
Source: firefox.exe, 0000000C.00000002.2511945144.00000218909BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2123201687.0000021897FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/
Source: firefox.exe, 0000000C.00000003.2055286067.000002189AC1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.c0yfKF26qNRb
Source: firefox.exe, 0000000C.00000003.1947791765.000002189AAF7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2119039211.000002189A79F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/anything/?
Source: firefox.exe, 0000000C.00000002.2511945144.00000218909BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2123201687.0000021897FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/
Source: firefox.exe, 0000000C.00000003.2055286067.000002189AC1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.w0HgyL2ZPBj2
Source: firefox.exe, 0000000C.00000003.2186425548.00000218A0809000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2425012768.000002188C932000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2158656471.00000218A0810000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2086586730.00000218A0810000.00000004.00000800.00020000.00000000.sdmp, targeting.snapshot.json.tmp.12.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/
Source: firefox.exe, 0000000C.00000003.2055286067.000002189AC1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/gro.allizom.www.d
Source: firefox.exe, 0000000C.00000002.2451649772.000002188F18D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/
Source: firefox.exe, 0000000C.00000003.2055286067.000002189AC1D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2511945144.00000218909BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2123201687.0000021897FCF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BC73000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2119039211.000002189A79F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-mod
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/new/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/new/SELECT
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B25C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2372630841.0000023C2B6C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCCF4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-content
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-contentP
Source: firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/Error
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/V
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B25C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/f
Source: firefox.exe, 0000000C.00000003.2055286067.000002189AC1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
Source: firefox.exe, 0000000C.00000002.2379329869.000000A9F30BB000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.orgo
Source: firefox.exe, 0000000C.00000003.2212173073.0000021892BD2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCAD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.openh264.org/
Source: firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/
Source: firefox.exe, 0000000C.00000002.2402454604.000002188B2BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2372630841.0000023C2B6C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDE7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2384253336.00000124CCE03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.12.drString found in binary or memory: https://www.t-mobile.com/cell-phones/brand/apple?cmpid=MGPO_PAM_P_EVGRNIPHN_
Source: firefox.exe, 0000000C.00000003.2235943828.0000021891FC0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2235943828.0000021891FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2106852855.000002189A4D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tiktok.com/
Source: firefox.exe, 0000000C.00000003.2091401519.000002189A927000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2001476844.000002189AC74000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDD03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCC0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
Source: firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.zhihu.com/
Source: firefox.exe, 0000000C.00000003.2206722073.0000021894535000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warning
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49696
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 49696 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49707 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.16:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.16:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.23.209.141:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49748 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49749 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49750 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49754 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49753 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49759 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49760 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49761 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.222.236.23:443 -> 192.168.2.16:49764 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.222.236.23:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49773 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49776 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49775 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49777 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49779 version: TLS 1.2
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 14_2_000001A9CDE27F77 NtQuerySystemInformation,14_2_000001A9CDE27F77
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 14_2_000001A9CDE43B32 NtQuerySystemInformation,14_2_000001A9CDE43B32
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 14_2_000001A9CDE27F7714_2_000001A9CDE27F77
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 14_2_000001A9CDE43B3214_2_000001A9CDE43B32
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 14_2_000001A9CDE43B7214_2_000001A9CDE43B72
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 14_2_000001A9CDE4425C14_2_000001A9CDE4425C
Source: classification engineClassification label: clean2.win@34/31@65/16
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Temp\firefoxJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
Source: firefox.exe, 0000000C.00000003.2161630048.00000218948DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2173358002.0000021897FD8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2122953581.0000021897FD8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2206005219.0000021897F2A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2157233195.00000218948D3000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE timestamp BETWEEN date(:dateFrom) AND date(:dateTo);
Source: firefox.exe, 0000000C.00000003.2206005219.0000021897F2A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE events (id INTEGER PRIMARY KEY, type INTEGER NOT NULL, count INTEGER NOT NULL, timestamp DATE );
Source: firefox.exe, 0000000C.00000003.2206005219.0000021897F2A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: INSERT INTO events (type, count, timestamp) VALUES (:type, 1, date(:date));
Source: firefox.exe, 0000000C.00000003.2206005219.0000021897F2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;
Source: firefox.exe, 0000000C.00000003.2206005219.0000021897F2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;Fy6
Source: firefox.exe, 0000000C.00000003.2206005219.0000021897F2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: UPDATE events SET count = count + 1 WHERE id = :id;-
Source: firefox.exe, 0000000C.00000003.2206005219.0000021897F2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9'
Source: firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: UPDATE events SET count = count + 1 WHERE id = :id;
Source: firefox.exe, 0000000C.00000003.2206005219.0000021897F2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9
Source: firefox.exe, 0000000C.00000003.2206005219.0000021897F2A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE type = :type AND timestamp = date(:date);
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1944,i,17965116177562204563,11030053410015879069,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://online.nashikproperty.com/?zn1YPM=Ppj"
Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe"
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe"
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2232 -prefMapHandle 2224 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {68759cd2-86d7-430c-bb58-ab48e34e1765} 6972 "\\.\pipe\gecko-crash-server-pipe.6972" 218ff86d910 socket
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4028 -parentBuildID 20230927232528 -prefsHandle 4020 -prefMapHandle 768 -prefsLen 25481 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56561f6d-b6e1-445b-8d70-cce5381dc73d} 6972 "\\.\pipe\gecko-crash-server-pipe.6972" 21891a17810 rdd
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5224 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5220 -prefMapHandle 5208 -prefsLen 33172 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3054c5d8-abdb-4a6f-917c-54892363bd7b} 6972 "\\.\pipe\gecko-crash-server-pipe.6972" 2188f638b10 utility
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1944,i,17965116177562204563,11030053410015879069,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe"Jump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2232 -prefMapHandle 2224 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {68759cd2-86d7-430c-bb58-ab48e34e1765} 6972 "\\.\pipe\gecko-crash-server-pipe.6972" 218ff86d910 socketJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4028 -parentBuildID 20230927232528 -prefsHandle 4020 -prefMapHandle 768 -prefsLen 25481 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56561f6d-b6e1-445b-8d70-cce5381dc73d} 6972 "\\.\pipe\gecko-crash-server-pipe.6972" 21891a17810 rddJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5224 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5220 -prefMapHandle 5208 -prefsLen 33172 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3054c5d8-abdb-4a6f-917c-54892363bd7b} 6972 "\\.\pipe\gecko-crash-server-pipe.6972" 2188f638b10 utilityJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: Binary string: UxTheme.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A1089000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: rsaenh.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: xWindows.Security.Integrity.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: winsta.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: bcrypt.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150449757.00000218A07EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2174602287.00000218A07EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: WscApi.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ktmw32.pdb source: firefox.exe, 0000000C.00000003.2182950683.00000218FF8F7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2165112336.00000218FF8F5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: NapiNSP.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: msvcrt.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2197436474.000002189AE9D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: xWindows.StateRepositoryPS.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8WinTypes.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: xul.pdb source: firefox.exe, 0000000C.00000003.2182950683.00000218FF8F7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2165112336.00000218FF8F5000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: nssckbi.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: mozglue.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: dcomp.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: winnsi.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: cryptsp.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8dhcpcsvc6.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8softokn3.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2220610175.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ntmarta.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A1089000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: CLBCatQ.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: urlmon.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8twinapi.appcore.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8kernelbase.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: shlwapi.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A10B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2194137180.00000218A10B8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8CoreMessaging.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: win32u.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: dwmapi.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8bcryptprimitives.pdb source: firefox.exe, 0000000C.00000003.2220670433.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: firefox.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: srvcli.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: imm32.pdb source: firefox.exe, 0000000C.00000003.2185419695.00000218A1050000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: freebl3.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ws2_32.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A10B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2194137180.00000218A10B8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: mswsock.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8gkcodecs.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8iphlpapi.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8ExplorerFrame.pdb source: firefox.exe, 0000000C.00000003.2150823644.000002189AC60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC60000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: nsi.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: winmm.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ole32.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A10B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2194137180.00000218A10B8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8CoreUIComponents.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8osclientcerts.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2220610175.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8cryptbase.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8cfgmgr32.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: msasn1.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: DWrite.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: combase.pdb source: firefox.exe, 0000000C.00000003.2185419695.00000218A1050000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8iertutil.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8dhcpcsvc.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8msvcp140.amd64.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ncrypt.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: nss3.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A10B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2194137180.00000218A10B8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8webauthn.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Kernel.Appcore.pdb source: firefox.exe, 0000000C.00000003.2220670433.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8ColorAdapterClient.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8powrprof.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: wsock32.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A10B7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2194137180.00000218A10B8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8MMDevAPI.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: wininet.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: UMPDC.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8kernel32.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8oleaut32.pdb source: firefox.exe, 0000000C.00000003.2220670433.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: rpcrt4.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8TextInputFramework.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: pnrpnsp.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: wshbth.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8InputHost.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8ucrtbase.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: version.pdbtoolbar-button-reload source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: xOneCoreUAPCommonProxyStub.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: shcore.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A1089000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8audioses.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Bcp47mrm.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8netutils.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: sspicli.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8rasadhlp.pdb source: firefox.exe, 0000000C.00000003.2150823644.000002189AC60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC60000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: shell32.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A1089000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Bcp47Langs.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8msvcp_win.pdb source: firefox.exe, 0000000C.00000003.2220670433.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8wtsapi32.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8taskschd.pdb source: firefox.exe, 0000000C.00000003.2150823644.000002189AC60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC60000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: dnsapi.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: userenv.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Windows.UI.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: nlaapi.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8fwpuclnt.pdb source: firefox.exe, 0000000C.00000003.2150823644.000002189AC60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC60000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: winhttp.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: msimg32.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ntasn1.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: devobj.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: d3d11.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8advapi32.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Windows.Storage.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8OnDemandConnRouteHelper.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2220610175.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC60000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: dbghelp.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8netprofm.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: gdi32.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185419695.00000218A1050000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: profapi.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: avrt.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Windows.Globalization.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: WLDP.pdb source: firefox.exe, 0000000C.00000003.2183830894.00000218A1089000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: sechost.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8directmanipulation.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8setupapi.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8vcruntime140_1.amd64.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A927000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: propsys.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8lgpllibs.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8vcruntime140.amd64.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A970000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222212119.000002189A971000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8gdi32full.pdb source: firefox.exe, 0000000C.00000003.2220670433.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199738799.000002189A9AE000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: winrnr.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: msctf.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: version.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: propsys.pdbmain-context-menu-stop source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: dbgcore.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: mscms.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: user32.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: twinapi.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8DataExchange.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8wintrust.pdb source: firefox.exe, 0000000C.00000003.2199738799.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: psapi.pdb source: firefox.exe, 0000000C.00000003.2174602287.00000218A071F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2167893174.00000218A071E000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8WindowManagementAPI.pdb source: firefox.exe, 0000000C.00000003.2171318685.000002189AC41000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: ntdll.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: dxgi.pdb source: firefox.exe, 0000000C.00000003.2185495122.00000218A103A000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8npmproxy.pdb source: firefox.exe, 0000000C.00000003.2243326542.000002189AC39000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC39000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8linkinfo.pdb source: firefox.exe, 0000000C.00000003.2150823644.000002189AC60000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2199265763.000002189AC60000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: 8Windows.UI.Immersive.pdb source: firefox.exe, 0000000C.00000003.2199662501.000002189AC42000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2150823644.000002189AC42000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: edputil.pdb source: firefox.exe, 0000000C.00000003.2204539256.0000021897F68000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: crypt32.pdb source: firefox.exe, 0000000C.00000003.2158656471.00000218A08C5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2185893625.00000218A08C8000.00000004.00000800.00020000.00000000.sdmp
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 14_2_000001A9CDE27F77 rdtsc 14_2_000001A9CDE27F77
Source: firefox.exe, 0000000D.00000002.2385927434.0000023C2B905000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWV
Source: firefox.exe, 0000000D.00000002.2385927434.0000023C2B905000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2367280227.0000023C2B36A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2387010057.000001A9CE310000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2367121438.000001A9CDA6A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2383820341.00000124CCD00000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: firefox.exe, 0000000C.00000002.2406442711.000002188B3D0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2383635964.0000023C2B812000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW : 2 : 34 : 1 : 1 : 0x20026 : 0x8 : %SystemRoot%\system32\mswsock.dll : : 1234191b-4bf7-4ca7-86e0-dfd7c32b5445
Source: firefox.exe, 0000000F.00000002.2367120706.00000124CCA0A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW@
Source: firefox.exe, 0000000D.00000002.2385927434.0000023C2B905000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2387010057.000001A9CE310000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 14_2_000001A9CDE27F77 rdtsc 14_2_000001A9CDE27F77
Source: firefox.exe, 0000000C.00000002.2374049172.000000A9F13FB000.00000004.00000010.00020000.00000000.sdmpBinary or memory string: ?ProgmanListenerWi
Source: firefox.exe, 0000000C.00000003.2134714703.0000021894001000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: hSoftware\Policies\Microsoft\Windows\PersonalizationNoChangingStartMenuBackgroundPersonalColors_BackgroundWilStaging_02RtlDisownModuleHeapAllocationRtlQueryFeatureConfigurationRtlRegisterFeatureConfigurationChangeNotificationRtlSubscribeWnfStateChangeNotificationRtlDllShutdownInProgressntdll.dllNtQueryWnfStateDataLocal\SM0:%d:%d:%hs_p0Local\SessionImmersiveColorPreferenceBEGINTHMthmfile\Sessions\%d\Windows\ThemeSectionMessageWindowendthemewndThemeApiConnectionRequest\ThemeApiPortwinsta0SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\PersonalizeAppsUseLightThemeSystemUsesLightThemedefaultshell\themes\uxtheme\render.cppCompositedWindow::WindowdeletedrcacheMDIClientSoftware\Microsoft\Windows\DWMColorPrevalenceSoftware\Microsoft\Windows\CurrentVersion\ImmersiveShellTabletModeMENUAccentColorSoftware\Microsoft\Windows\CurrentVersion\Explorer\AccentDefaultStartColorControl Panel\DesktopAutoColorizationAccentColorMenuStartColorMenuAutoColorSoftware\Microsoft\Windows\CurrentVersion\Themes\History\ColorsSoftware\Microsoft\Windows\CurrentVersion\Themes\HistoryAccentPaletteTab$Shell_TrayWndLocal\SessionImmersiveColorMutex

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		2
Process Injection		1
Masquerading		OS Credential Dumping11
Security Software Discovery		Remote Services1
Archive Collected Data		11
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		2
Process Injection		LSASS Memory1
Process Discovery		Remote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Extra Window Memory Injection		1
Extra Window Memory Injection		Security Account Manager1
File and Directory Discovery		SMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1525981 URL: https://online.nashikproper... Startdate: 04/10/2024 Architecture: WINDOWS Score: 2 25 youtube-ui.l.google.com 2->25 27 www.youtube.com 2->27 29 31 other IPs or domains 2->29 7 firefox.exe 1 2->7         started        9 chrome.exe 9 2->9         started        12 chrome.exe 2->12         started        process3 dnsIp4 14 firefox.exe 13 183 7->14         started        31 192.168.2.16, 138, 443, 49696 unknown unknown 9->31 33 192.168.2.8 unknown unknown 9->33 35 239.255.255.250 unknown Reserved 9->35 17 chrome.exe 9->17         started        process5 dnsIp6 37 prod.detectportal.prod.cloudops.mozgcp.net 34.107.221.82, 49728, 49735, 49736 GOOGLEUS United States 14->37 39 push.services.mozilla.com 34.107.243.93, 443, 49751, 49758 GOOGLEUS United States 14->39 45 9 other IPs or domains 14->45 19 firefox.exe 1 14->19         started        21 firefox.exe 1 14->21         started        23 firefox.exe 1 14->23         started        41 www.google.com 142.250.185.164, 443, 49708, 49713 GOOGLEUS United States 17->41 43 online.nashikproperty.com 45.61.137.230, 443, 49704, 49705 AS40676US United States 17->43 process7

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://crl.microsoft0%URL Reputationsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
star-mini.c10r.facebook.com
157.240.0.35
truefalse
    		unknown
    example.org
    		93.184.215.14
    		truefalse
      		unknown
      online.nashikproperty.com
      		45.61.137.230
      		truefalse
        		unknown
        prod.classify-client.prod.webservices.mozgcp.net
        		35.190.72.216
        		truefalse
          		unknown
          prod.balrog.prod.cloudops.mozgcp.net
          		35.244.181.201
          		truefalse
            		unknown
            twitter.com
            		104.244.42.65
            		truefalse
              		unknown
              prod.detectportal.prod.cloudops.mozgcp.net
              		34.107.221.82
              		truefalse
                		unknown
                services.addons.mozilla.org
                		52.222.236.23
                		truefalse
                  		unknown
                  dyna.wikimedia.org
                  		185.15.59.224
                  		truefalse
                    		unknown
                    prod.remote-settings.prod.webservices.mozgcp.net
                    		34.149.100.209
                    		truefalse
                      		unknown
                      contile.services.mozilla.com
                      		34.117.188.166
                      		truefalse
                        		unknown
                        prod.content-signature-chains.prod.webservices.mozgcp.net
                        		34.160.144.191
                        		truefalse
                          		unknown
                          youtube-ui.l.google.com
                          		142.250.185.142
                          		truefalse
                            		unknown
                            reddit.map.fastly.net
                            		151.101.129.140
                            		truefalse
                              		unknown
                              ipv4only.arpa
                              		192.0.0.170
                              		truefalse
                                		unknown
                                prod.ads.prod.webservices.mozgcp.net
                                		34.117.188.166
                                		truefalse
                                  		unknown
                                  push.services.mozilla.com
                                  		34.107.243.93
                                  		truefalse
                                    		unknown
                                    www.google.com
                                    		142.250.185.164
                                    		truefalse
                                      		unknown
                                      normandy-cdn.services.mozilla.com
                                      		35.201.103.21
                                      		truefalse
                                        		unknown
                                        telemetry-incoming.r53-2.services.mozilla.com
                                        		34.120.208.123
                                        		truefalse
                                          		unknown
                                          www.reddit.com
                                          		unknown
                                          		unknownfalse
                                            		unknown
                                            spocs.getpocket.com
                                            		unknown
                                            		unknownfalse
                                              		unknown
                                              content-signature-2.cdn.mozilla.net
                                              		unknown
                                              		unknownfalse
                                                		unknown
                                                firefox.settings.services.mozilla.com
                                                		unknown
                                                		unknownfalse
                                                  		unknown
                                                  www.youtube.com
                                                  		unknown
                                                  		unknownfalse
                                                    		unknown
                                                    www.facebook.com
                                                    		unknown
                                                    		unknownfalse
                                                      		unknown
                                                      detectportal.firefox.com
                                                      		unknown
                                                      		unknownfalse
                                                        		unknown
                                                        normandy.cdn.mozilla.net
                                                        		unknown
                                                        		unknownfalse
                                                          		unknown
                                                          shavar.services.mozilla.com
                                                          		unknown
                                                          		unknownfalse
                                                            		unknown
                                                            www.wikipedia.org
                                                            		unknown
                                                            		unknownfalse
                                                              		unknown

                                                              URLs from Memory and Binaries

                                                              NameSourceMaliciousAntivirus DetectionReputation
                                                              https://accounts.firefox.comwebRequest.onBeforeSendHeadersfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                		unknown
                                                                https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=40249-e88c401e1b1f2242d9e4firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                  		unknown
                                                                  http://mozilla.org/#/properties/branches/anyOf/1/items/properties/features/itemsresource:///modules/firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    		unknown
                                                                    https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_lfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2203806642.0000021899DA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCCC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      		unknown
                                                                      http://mozilla.org/#/properties/branches/anyOf/2/items/properties/featuresfirefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        		unknown
                                                                        http://mozilla.org/#/properties/showImportAllfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		unknown
                                                                          http://detectportal.firefox.com/firefox.exe, 0000000C.00000003.2235943828.0000021891FCF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		unknown
                                                                            http://crl.microsoftfirefox.exe, 0000000C.00000003.2137630269.000002188F5A4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2142688756.000002188F5A4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2140616637.000002188F5A4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2460799496.000002188F5A4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2181486061.000002188F5A4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2162065733.000002188F5A4000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2136406491.000002188F58E000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2176308215.000002188F5A9000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2148488051.000002188F5A5000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2166110236.000002188F5A5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            • URL Reputation: safe
                                                                            		unknown
                                                                            http://mozilla.org/#/properties/schemaVersionfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		unknown
                                                                              http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature/properties/valuefirefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		unknown
                                                                                https://datastudio.google.com/embed/reporting/firefox.exe, 0000000C.00000003.2356949819.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2270129434.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2186425548.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2083988626.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2158656471.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2115616970.00000218A085B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		unknown
                                                                                  https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/recordsfirefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		unknown
                                                                                    https://merino.services.mozilla.com/api/v1/suggestfirefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2193427051.00000218FF8DB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2081053914.00000218FF8D7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2112858446.00000218FF8DC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2183543967.00000218FF8D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2372630841.0000023C2B672000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDD81000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCC8F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		unknown
                                                                                      http://mozilla.ofirefox.exe, 0000000C.00000002.2392705028.00000190A4000000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		unknown
                                                                                        http://mozilla.org/#/properties/disableGreaseOnFallbackfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		unknown
                                                                                          http://mozilla.org/#/properties/quickSuggestRemoteSettingsDataTypefirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		unknown
                                                                                            https://spocs.getpocket.com/spocsfirefox.exe, 0000000C.00000003.1945675164.000002189ACED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222916888.000002189A094000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2246863563.000002189A094000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2451649772.000002188F1EB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2000812292.000002189ACED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222477939.000002189A949000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		unknown
                                                                                              https://addons.mozilla.org/user-media/addon_icons/784/784287-64.png?modified=mcrushedfirefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		unknown
                                                                                                https://screenshots.firefox.comfirefox.exe, 0000000C.00000002.2451649772.000002188F174000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		unknown
                                                                                                  https://shavar.services.mozilla.comfirefox.exe, 0000000C.00000003.2194466541.00000218A08CD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2158656471.00000218A08CD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1997612579.00000218A08CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2054102791.00000218A08CE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2083988626.00000218A08CE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		unknown
                                                                                                    https://completion.amazon.com/search/complete?q=firefox.exe, 0000000C.00000003.2091401519.000002189A9ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893985959.000002188D105000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893493174.000002188CF00000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		unknown
                                                                                                      https://ads.stickyadstv.com/firefox-etpfirefox.exe, 0000000C.00000002.2520756835.000002189130C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891307000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1999522643.00000218A07EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2500043314.0000021890382000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2500043314.000002189030D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891303000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		unknown
                                                                                                        https://addons.mozilla.org/user-media/addon_icons/700/700308-64.png?modified=4bc8e79ffirefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		unknown
                                                                                                          https://identity.mozilla.com/ids/ecosystem_telemetryUfirefox.exe, 0000000C.00000003.2082373451.00000218A105A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		unknown
                                                                                                            http://mozilla.org/#/properties/greasePaddingSizefirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		unknown
                                                                                                              https://addons.mozilla.org/en-US/firefox/collections/4757633/25c2b44583534b3fa8fea977c419cd/?page=1&firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		unknown
                                                                                                                https://spocs.getpocket.com/userdiscoverystream.rec.impressionsActivityStream:PreloadedBrowserDISCOVfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		unknown
                                                                                                                  http://mozilla.org/#/properties/channelfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		unknown
                                                                                                                    https://github.com/w3c/csswg-drafts/issues/4650firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942251079.000002189A266000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		unknown
                                                                                                                      https://xhr.spec.whatwg.org/#sync-warningfirefox.exe, 0000000C.00000003.2206722073.0000021894535000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		unknown
                                                                                                                        https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/74f06853-c80d-4afc-9b2firefox.exe, 0000000C.00000003.1947791765.000002189AAC2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		unknown
                                                                                                                          https://www.amazon.com/exec/obidos/external-search/firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2187489981.00000218A07ED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2087386307.00000218A07EE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2116685311.00000218A07EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2015737713.000002189A5D4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2001476844.000002189AC74000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1999522643.00000218A07EC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893493174.000002188CF00000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1945675164.000002189AC74000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		unknown
                                                                                                                            http://mozilla.org/#/properties/userFacingNamefirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		unknown
                                                                                                                              https://profiler.firefox.com/firefox.exe, 0000000C.00000002.2402454604.000002188B23E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		unknown
                                                                                                                                https://www.msn.comfirefox.exe, 0000000C.00000003.2212173073.0000021892BD2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		unknown
                                                                                                                                  http://mozilla.org/#/properties/bucketConfig/properties/namespacefirefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		unknown
                                                                                                                                    http://mozilla.org/#/properties/quickSuggestSponsoredEnabledfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		unknown
                                                                                                                                      http://mozilla.org/#/properties/featureIdsfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		unknown
                                                                                                                                        http://mozilla.org/#/properties/outcomes/items/properties/slugfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		unknown
                                                                                                                                          https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_39e4b8f6fd6635158ad433436bdaa069841cfdf8e1989e03firefox.exe, 0000000C.00000002.2402454604.000002188B2BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2372630841.0000023C2B6C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDE7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2384253336.00000124CCE03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.12.drfalse
                                                                                                                                            		unknown
                                                                                                                                            http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature/properties/enabledhttp://mfirefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		unknown
                                                                                                                                              http://mozilla.org/0firefox.exe, 0000000C.00000003.2341722197.00001AB57B404000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2346676447.0000314826603000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2343370391.00003664EC603000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		unknown
                                                                                                                                                https://github.com/mozilla-services/screenshotsfirefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893985959.000002188D105000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1893493174.000002188CF00000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		unknown
                                                                                                                                                  http://exslt.org/setsfirefox.exe, 0000000C.00000002.2402454604.000002188B28A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		unknown
                                                                                                                                                    https://screenshots.firefox.com/Webfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		unknown
                                                                                                                                                      https://content-signature-2.cdn.mozilla.net/firefox.exe, 0000000C.00000003.1945675164.000002189ACED000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2000812292.000002189ACED000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		unknown
                                                                                                                                                        http://mozilla.org/#/properties/branches/anyOf/1/items/properties/features/items/properties/valuefirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		unknown
                                                                                                                                                          http://mozilla.org/#/properties/outcomes/itemsfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		unknown
                                                                                                                                                            http://mozilla.org/#/properties/quickSuggestSponsoredIndexfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		unknown
                                                                                                                                                              https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=htfirefox.exe, 0000000C.00000003.2119039211.000002189A79F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		unknown
                                                                                                                                                                https://www.instagram.com/firefox.exe, 0000000C.00000003.1978009251.00000218A0AEF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		unknown
                                                                                                                                                                  http://exslt.org/commonfirefox.exe, 0000000C.00000002.2402454604.000002188B28A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		unknown
                                                                                                                                                                    https://ok.ru/firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		unknown
                                                                                                                                                                      https://www.amazon.com/firefox.exe, 0000000C.00000003.2119039211.000002189A70B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		unknown
                                                                                                                                                                        https://fpn.firefox.comfirefox.exe, 0000000C.00000002.2451649772.000002188F149000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2451649772.000002188F105000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		unknown
                                                                                                                                                                          https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullScfirefox.exe, 0000000C.00000003.2206722073.000002189453D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		unknown
                                                                                                                                                                            http://exslt.org/dates-and-timesfirefox.exe, 0000000C.00000002.2402454604.000002188B281000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		unknown
                                                                                                                                                                              http://mozilla.org/#/properties/quickSuggestAllowPositionInSuggestionsfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		unknown
                                                                                                                                                                                http://ocsp.rootca1.amazontrust.com0:firefox.exe, 0000000C.00000002.2491655632.000002188FFE8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causesfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    http://mozilla.org/#/properties/branches/anyOf/0/items/properties/featurefirefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      http://win.mail.ru/cgi-bin/sentmsg?mailto=%sfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		unknown
                                                                                                                                                                                        https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&ci=1696581201119.12791&key=1696581201400600firefox.exe, 0000000C.00000002.2402454604.000002188B2BD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000002.2372630841.0000023C2B6C9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDE7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2384253336.00000124CCE03000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.12.drfalse
                                                                                                                                                                                          		unknown
                                                                                                                                                                                          https://www.youtube.com/firefox.exe, 0000000C.00000003.2091401519.000002189A927000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2001476844.000002189AC74000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDD03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCC0C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		unknown
                                                                                                                                                                                            https://bugzilla.mozilla.org/show_bug.cgi?id=1283601firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2097435421.0000021897FCF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		unknown
                                                                                                                                                                                              https://email.seznam.cz/newMessageScreen?mailto=%shttps://outlook.live.com/default.aspx?rru=compose&firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		unknown
                                                                                                                                                                                                http://mozilla.org/#/properties/proposedDurationfirefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                  http://mozilla.org/#/properties/featureIds/itemshttp://mozilla.org/#/properties/branchesfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    https://online.nfirefox.exe, 0000000C.00000002.2360537981.000000A9EB5D8000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://mozilla.org/#/properties/quickSuggestImpressionCapsSponsoredEnabledfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                        https://addons.mozilla.org/firefox/addon/to-google-translate/firefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2119039211.000002189A79F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		unknown
                                                                                                                                                                                                          https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2203806642.0000021899DA6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2191062797.0000021899DA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDDC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCCC4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		unknown
                                                                                                                                                                                                            http://127.0.0.1:firefox.exe, 0000000C.00000002.2467790881.000002188F62E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2208367892.0000021893775000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2370614209.00000124CCA40000.00000002.10000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                              https://bugzilla.mozilla.org/show_bug.cgi?id=1266220firefox.exe, 0000000C.00000003.2098595076.0000021897F52000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2097435421.0000021897FCF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2064313614.000002189A559000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2064048582.00000218A0AEB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		unknown
                                                                                                                                                                                                                https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152firefox.exe, 0000000C.00000003.2026696823.000002189E2A7000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                                  https://bugzilla.mofirefox.exe, 0000000C.00000003.2097918495.0000021897F79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2095762238.00000218983F3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                    https://support.mozilla.org/kb/website-translationonlyfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                                      https://static.adsafeprotected.com/firefox-etp-jsfirefox.exe, 0000000C.00000002.2520756835.000002189130C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2158656471.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2115616970.00000218A085B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2500043314.000002189030D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2418903046.000002188BC03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                                        http://mozilla.org/#/properties/h3GreaseEnabledfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		unknown
                                                                                                                                                                                                                          https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapturefirefox.exe, 0000000C.00000003.2206722073.0000021894548000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2206722073.000002189453F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            		unknown
                                                                                                                                                                                                                            https://spocs.getpocket.com/firefox.exe, 0000000C.00000003.2091401519.000002189A927000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2293522968.000002189AC5D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.2222477939.000002189A949000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2372733795.000001A9CDD12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2373254493.00000124CCC13000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                                              http://mozilla.org/#/properties/recordNavigationalSuggestionTelemetryfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                		unknown
                                                                                                                                                                                                                                https://www.iqiyi.com/firefox.exe, 0000000C.00000002.2418903046.000002188BCDF000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942134965.000002189AC4B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                                                  http://mozilla.org/#/properties/branches/anyOf/1/items/properties/feature/properties/enabledfirefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                                    http://mozilla.org/#/properties/branches/anyOf/2/items/properties/features/items/properties/featureIfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                                                      https://online.nashikproperty.com/firefox.exe, 0000000C.00000002.2505086721.00000218906D3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                                                        http://mozilla.org/#/properties/addonsFeatureGatefirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		unknown
                                                                                                                                                                                                                                          http://mozilla.org/#/properties/branches/anyOf/2/items/properties/ratiofirefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            		unknown
                                                                                                                                                                                                                                            http://mozilla.org/#/properties/louserzations/anyOf/0/additionalPropertiesfirefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                                                              https://www.google.com/searchwikipediafirefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                		unknown
                                                                                                                                                                                                                                                http://mozilla.org/#/properties/branches/anyOf/2http://mozilla.org/#/properties/idfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                                                                  http://mozilla.org/#/properties/addonsShowLessFrequentlyCapfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                                                    http://mozilla.org/#/properties/autoFillAdaptiveHistoryEnabledfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                                                                      https://bugzilla.mozilla.org/show_bug.cgi?id=1584464firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000003.1942251079.000002189A266000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                                                                        https://services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-firefox.exe, 0000000C.00000003.2356949819.00000218A088C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2534407330.0000021891789000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                          		unknown
                                                                                                                                                                                                                                                          http://mozilla.org/#/properties/bestMatchBlockingEnabledfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                            		unknown
                                                                                                                                                                                                                                                            http://mozilla.org/#/properties/booleanfirefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                                                                              http://mozilla.org/#/properties/outcomes/items/properties/priorityfirefox.exe, 0000000C.00000002.2520756835.000002189137F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                		unknown
                                                                                                                                                                                                                                                                https://screenshots.firefox.com/getCurrentInnerWindowWithIdfirefox.exe, 0000000C.00000002.2418903046.000002188BC79000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                                                                                  http://a9.com/-/spec/opensearch/1.0/firefox.exe, 0000000C.00000003.2003597755.000002189A2BA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000C.00000002.2520756835.0000021891317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                    		unknown

                                                                                                                                                                                                                                                                    World Map of Contacted IPs

                                                                                                                                                                                                                                                                    • No. of IPs < 25%
                                                                                                                                                                                                                                                                    • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                                    • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                                    • 75% < No. of IPs

                                                                                                                                                                                                                                                                    Public IPs

                                                                                                                                                                                                                                                                    IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                                    34.117.188.166
                                                                                                                                                                                                                                                                    		contile.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                    		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                                                    52.222.236.23
                                                                                                                                                                                                                                                                    		services.addons.mozilla.orgUnited States
                                                                                                                                                                                                                                                                    		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                    142.250.185.164
                                                                                                                                                                                                                                                                    		www.google.comUnited States
                                                                                                                                                                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                    35.201.103.21
                                                                                                                                                                                                                                                                    		normandy-cdn.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                    34.120.208.123
                                                                                                                                                                                                                                                                    		telemetry-incoming.r53-2.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                    34.149.100.209
                                                                                                                                                                                                                                                                    		prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                    		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                    34.107.243.93
                                                                                                                                                                                                                                                                    		push.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                    34.107.221.82
                                                                                                                                                                                                                                                                    		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                    45.61.137.230
                                                                                                                                                                                                                                                                    		online.nashikproperty.comUnited States
                                                                                                                                                                                                                                                                    		40676AS40676USfalse
                                                                                                                                                                                                                                                                    35.244.181.201
                                                                                                                                                                                                                                                                    		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                    239.255.255.250
                                                                                                                                                                                                                                                                    		unknownReserved
                                                                                                                                                                                                                                                                    		unknownunknownfalse
                                                                                                                                                                                                                                                                    35.190.72.216
                                                                                                                                                                                                                                                                    		prod.classify-client.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                    		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                    34.160.144.191
                                                                                                                                                                                                                                                                    		prod.content-signature-chains.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                    		2686ATGS-MMD-ASUSfalse

                                                                                                                                                                                                                                                                    Private

                                                                                                                                                                                                                                                                    IP
                                                                                                                                                                                                                                                                    192.168.2.8
                                                                                                                                                                                                                                                                    192.168.2.16
                                                                                                                                                                                                                                                                    127.0.0.1

                                                                                                                                                                                                                                                                    General Information

                                                                                                                                                                                                                                                                    Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                                                                    Analysis ID:1525981
                                                                                                                                                                                                                                                                    Start date and time:2024-10-04 16:26:15 +02:00
                                                                                                                                                                                                                                                                    Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                                    Overall analysis duration:0h 5m 22s
                                                                                                                                                                                                                                                                    Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                                    Report type:full
                                                                                                                                                                                                                                                                    Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                                                                                                                                                                                                                    Sample URL:https://online.nashikproperty.com/?zn1YPM=Ppj
                                                                                                                                                                                                                                                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                                    Number of analysed new started processes analysed:16
                                                                                                                                                                                                                                                                    Number of new started drivers analysed:0
                                                                                                                                                                                                                                                                    Number of existing processes analysed:0
                                                                                                                                                                                                                                                                    Number of existing drivers analysed:0
                                                                                                                                                                                                                                                                    Number of injected processes analysed:0
                                                                                                                                                                                                                                                                    Technologies:
                                                                                                                                                                                                                                                                    • HCA enabled
                                                                                                                                                                                                                                                                    • EGA enabled
                                                                                                                                                                                                                                                                    • AMSI enabled
                                                                                                                                                                                                                                                                    Analysis Mode:default
                                                                                                                                                                                                                                                                    Analysis stop reason:Timeout
                                                                                                                                                                                                                                                                    Detection:CLEAN
                                                                                                                                                                                                                                                                    Classification:clean2.win@34/31@65/16
                                                                                                                                                                                                                                                                    EGA Information:
                                                                                                                                                                                                                                                                    • Successful, ratio: 33.3%
                                                                                                                                                                                                                                                                    HCA Information:
                                                                                                                                                                                                                                                                    • Successful, ratio: 100%
                                                                                                                                                                                                                                                                    • Number of executed functions: 4
                                                                                                                                                                                                                                                                    • Number of non-executed functions: 1

                                                                                                                                                                                                                                                                    Warnings

                                                                                                                                                                                                                                                                    • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                                                                                    • Excluded IPs from analysis (whitelisted): 142.250.185.99, 142.251.168.84, 142.250.186.78, 34.104.35.123, 93.184.221.240, 172.217.16.131, 172.217.18.3, 44.242.117.95, 35.86.24.102, 54.70.187.236, 142.250.184.202, 142.250.181.234, 172.217.16.206, 142.250.185.174, 2.22.61.59, 2.22.61.56
                                                                                                                                                                                                                                                                    • Excluded domains from analysis (whitelisted): www.bing.com, clients1.google.com, shavar.prod.mozaws.net, ciscobinary.openh264.org, accounts.google.com, slscr.update.microsoft.com, incoming.telemetry.mozilla.org, ctldl.windowsupdate.com, clientservices.googleapis.com, a17.rackcdn.com.mdc.edgesuite.net, detectportal.prod.mozaws.net, aus5.mozilla.org, fe3cr.delivery.mp.microsoft.com, a19.dscg10.akamai.net, clients2.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, login.live.com, update.googleapis.com, safebrowsing.googleapis.com, clients.l.google.com, www.gstatic.com, location.services.mozilla.com
                                                                                                                                                                                                                                                                    • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                                    • VT rate limit hit for: https://online.nashikproperty.com/?zn1YPM=Ppj

                                                                                                                                                                                                                                                                    Simulations

                                                                                                                                                                                                                                                                    Behavior and APIs

                                                                                                                                                                                                                                                                    TimeTypeDescription
                                                                                                                                                                                                                                                                    10:28:03API Interceptor1x Sleep call for process: firefox.exe modified

                                                                                                                                                                                                                                                                    Joe Sandbox View / Context

                                                                                                                                                                                                                                                                    IPs

                                                                                                                                                                                                                                                                    No context

                                                                                                                                                                                                                                                                    Domains

                                                                                                                                                                                                                                                                    No context

                                                                                                                                                                                                                                                                    ASNs

                                                                                                                                                                                                                                                                    No context

                                                                                                                                                                                                                                                                    JA3 Fingerprints

                                                                                                                                                                                                                                                                    No context

                                                                                                                                                                                                                                                                    Dropped Files

                                                                                                                                                                                                                                                                    No context

                                                                                                                                                                                                                                                                    Created / dropped Files

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):32768
                                                                                                                                                                                                                                                                    Entropy (8bit):0.4593089050301797
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:48:9SP0nUgwyZXYI65yFRX2D3GNTTfyn0Mk1iA:9SDKaIjo3UzyE1L
                                                                                                                                                                                                                                                                    MD5:D910AD167F0217587501FDCDB33CC544
                                                                                                                                                                                                                                                                    SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                                                                                                                                                                                                                                    SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                                                                                                                                                                                                                                    SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 13:27:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):2673
                                                                                                                                                                                                                                                                    Entropy (8bit):3.977801213091939
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:48:8BdiTuGHHbidAKZdA1FehwiZUklqehQy+3:8mTFvy
                                                                                                                                                                                                                                                                    MD5:C7901A4C59562C69B2175FA3754BBB87
                                                                                                                                                                                                                                                                    SHA1:F779D263D173D32C360D57A323790D871EA66F5D
                                                                                                                                                                                                                                                                    SHA-256:0D4D95B0D6EBDEFA12DC4BDDA1E1429F88AD06FDBDC8C5D8E7C8E331DB540A9E
                                                                                                                                                                                                                                                                    SHA-512:72525D1EF968C40421379DC41FA00B4CA47BC4571954A796573C29392FF555ADB28D5963951C1835EFBAF7CE18B19333AF2CAAA23A4E5D5C3BDD22313F4874D1
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:L..................F.@.. ...$+.,......cyi...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDYRs....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY]s....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDY]s....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDY]s..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDY`s...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............?.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 13:27:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):2675
                                                                                                                                                                                                                                                                    Entropy (8bit):3.995142380009808
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:48:8HEdiTuGHHbidAKZdA1seh/iZUkAQkqehfy+2:8HNTb9QWy
                                                                                                                                                                                                                                                                    MD5:0E17A18BA34AC2CDE3B5A43B41582BFD
                                                                                                                                                                                                                                                                    SHA1:B66988108A4094AE5033955E75A733E4EDA2305C
                                                                                                                                                                                                                                                                    SHA-256:7429C840E81917D3C057385BA97190412B68B948059FA1C5CEF3A63856F142A0
                                                                                                                                                                                                                                                                    SHA-512:16FF521643F14E17C50DB2843590C82797493873B7AE741F8DB573DE391F7D56DBCAD6C01355F8F0664175EA0987BB34B25E004F3D1EAA76A3AC454EB41EA35C
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:L..................F.@.. ...$+.,......Vyi...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDYRs....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY]s....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDY]s....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDY]s..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDY`s...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............?.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):2689
                                                                                                                                                                                                                                                                    Entropy (8bit):4.00652879788622
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:48:8IdiTuGAHbidAKZdA14meh7sFiZUkmgqeh7sVy+BX:8RTSnjy
                                                                                                                                                                                                                                                                    MD5:2C74543D649AD8405A3962ECECFCD150
                                                                                                                                                                                                                                                                    SHA1:67EF78ECD130D36DDCA9DE6EB96F63DE48FFB6CF
                                                                                                                                                                                                                                                                    SHA-256:6675A1BF574256FD605E8255FACF315351E1D83CD5B566818D60A778D844AEC9
                                                                                                                                                                                                                                                                    SHA-512:0A490D88C7A24D2BFA7E2CCFBC53C832474285D93FBF9755A8878ECB4FF427E786DBCE69C22CA7F0FAA5E0B2694A2A3C4A16DB80AE5745B530B52E46D07AE062
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDYRs....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY]s....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDY]s....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDY]s..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............?.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 13:27:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):2677
                                                                                                                                                                                                                                                                    Entropy (8bit):3.992914376627318
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:48:8dudiTuGHHbidAKZdA1TehDiZUkwqehLy+R:8d7TIdy
                                                                                                                                                                                                                                                                    MD5:D14AA4AA7C1B28F5A8BB7021F1BDE8DC
                                                                                                                                                                                                                                                                    SHA1:B076791202E0E64D36348D7DEBFF6FAC663C0C55
                                                                                                                                                                                                                                                                    SHA-256:0E31434D009DF80617D55C90D04066428146997C7D71B7034294F610CC27C542
                                                                                                                                                                                                                                                                    SHA-512:F2914048A8435634AB1EA95EC53C076D63CD893B9D09E56274465C0255CF4292E339D4A152483ED0D0222A279EF1B1644F39A2E20020375F1F65C7ACAD175334
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:L..................F.@.. ...$+.,.....Oyi...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDYRs....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY]s....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDY]s....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDY]s..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDY`s...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............?.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 13:27:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):2677
                                                                                                                                                                                                                                                                    Entropy (8bit):3.9796680141317777
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:48:8LtdiTuGHHbidAKZdA1dehBiZUk1W1qehJy+C:8LCT49py
                                                                                                                                                                                                                                                                    MD5:9319BAD0BCB31CD49EEB0BEB3E77BBB7
                                                                                                                                                                                                                                                                    SHA1:418820CB3BD5CFC41694DCC2A8F3CC3212BC1EF2
                                                                                                                                                                                                                                                                    SHA-256:2E4A0CCAB6F5F6DC6F3F9CD7FDC48057E3A5D3159BAD9BB91F10EB62C3788E14
                                                                                                                                                                                                                                                                    SHA-512:34D37D9C0F44209814D8517B55AD89BF10DD7A4F6A6F5CC8DDEA730F4FA449D1D201B8FB483B4F23F3168DC9E57B0E66C414E0E8270F4383792589A1AD4AD606
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:L..................F.@.. ...$+.,....K.\yi...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDYRs....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY]s....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDY]s....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDY]s..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDY`s...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............?.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 13:26:59 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):2679
                                                                                                                                                                                                                                                                    Entropy (8bit):3.9918544884244116
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:48:8udiTuGHHbidAKZdA1duTeehOuTbbiZUk5OjqehOuTbjy+yT+:87TKTfTbxWOvTbjy7T
                                                                                                                                                                                                                                                                    MD5:57149CF6AF1CA2E0723DBDC7DF38D7F2
                                                                                                                                                                                                                                                                    SHA1:9A9A19004E9B89792DDA41E3E9B0D55CE7C7DEF5
                                                                                                                                                                                                                                                                    SHA-256:8C829D7705494F8AF1202F2D9C2CBE39A3EE88A93E17750A532B784457E5D0FD
                                                                                                                                                                                                                                                                    SHA-512:BA7C1959EEEC5BBEE8B4B339B62633208B991A642EF31BCB9B621CB6F02ED9E652DA6CE269BCD5E825EB53AD8FEC4A5E2E7E1E2709E132AE5A8ACC2E6C3B6BB6
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:L..................F.@.. ...$+.,......Eyi...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IDYRs....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDY]s....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDY]s....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDY]s..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDY`s...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............?.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\ExperimentStoreData.json (copy)

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):3621
                                                                                                                                                                                                                                                                    Entropy (8bit):4.929558659010521
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:48:YnSwkmrOIfPUFuOdwNIOdoWLEWLtkDB/u4x5FBvipA6kbSathfkLuhakNNYnA9mu:8S+OIfPUFuOdwNIOd8jvYR0uLaYAE8P
                                                                                                                                                                                                                                                                    MD5:3DE517DA26502564B409542A4F1AE1C4
                                                                                                                                                                                                                                                                    SHA1:5EF1B1AFBD575534EF329D0FE65E22908B037BA7
                                                                                                                                                                                                                                                                    SHA-256:B40FECCA8961FD4BBE113DF67C89F0672D6425D611D383D70E01663F267362FF
                                                                                                                                                                                                                                                                    SHA-512:2740316E8AC220A0D85C2E5617E1ED2C796385DDB2B5369C0A87160DAE7DBE2D5BF60655E047D26A98B7B20E60D5CF3A7B969AE3415CE3D23447CB105C5B33E1
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"9c4f630b-d3dc-4236-9fe2-a1415309e4e4","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-06T09:08:30.452Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\ExperimentStoreData.json.tmp

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):3621
                                                                                                                                                                                                                                                                    Entropy (8bit):4.929558659010521
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:48:YnSwkmrOIfPUFuOdwNIOdoWLEWLtkDB/u4x5FBvipA6kbSathfkLuhakNNYnA9mu:8S+OIfPUFuOdwNIOd8jvYR0uLaYAE8P
                                                                                                                                                                                                                                                                    MD5:3DE517DA26502564B409542A4F1AE1C4
                                                                                                                                                                                                                                                                    SHA1:5EF1B1AFBD575534EF329D0FE65E22908B037BA7
                                                                                                                                                                                                                                                                    SHA-256:B40FECCA8961FD4BBE113DF67C89F0672D6425D611D383D70E01663F267362FF
                                                                                                                                                                                                                                                                    SHA-512:2740316E8AC220A0D85C2E5617E1ED2C796385DDB2B5369C0A87160DAE7DBE2D5BF60655E047D26A98B7B20E60D5CF3A7B969AE3415CE3D23447CB105C5B33E1
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"9c4f630b-d3dc-4236-9fe2-a1415309e4e4","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-06T09:08:30.452Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addonStartup.json.lz4 (copy)

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 23432 bytes
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):5312
                                                                                                                                                                                                                                                                    Entropy (8bit):6.615424734763731
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:96:V2YbKsKNU2xWrp327tGmD4wBON6h6cHaJVJuZMd0JGkkrw2D:VTx2x2t0FDJ4NpwZMd0EJws
                                                                                                                                                                                                                                                                    MD5:1B9C8056D3619CE5A8C59B0C09873F17
                                                                                                                                                                                                                                                                    SHA1:1015C630E1937AA63F6AB31743782ECB5D78CCD8
                                                                                                                                                                                                                                                                    SHA-256:A6AE5DE0733FED050AB570AD9374FF4593D554F695B5AE4E2495871D171D34A3
                                                                                                                                                                                                                                                                    SHA-512:B1DC9CC675D5476C270A2D5B214D3DF2B3856576ED7EFE92D9A606C2D9D34E781018902AE75CE9C1E25007BB7F8D8F7B52997E6F05B845EF44BAF22F614FE899
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:mozLz40..[....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addonStartup.json.lz4.tmp

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 23432 bytes
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):5312
                                                                                                                                                                                                                                                                    Entropy (8bit):6.615424734763731
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:96:V2YbKsKNU2xWrp327tGmD4wBON6h6cHaJVJuZMd0JGkkrw2D:VTx2x2t0FDJ4NpwZMd0EJws
                                                                                                                                                                                                                                                                    MD5:1B9C8056D3619CE5A8C59B0C09873F17
                                                                                                                                                                                                                                                                    SHA1:1015C630E1937AA63F6AB31743782ECB5D78CCD8
                                                                                                                                                                                                                                                                    SHA-256:A6AE5DE0733FED050AB570AD9374FF4593D554F695B5AE4E2495871D171D34A3
                                                                                                                                                                                                                                                                    SHA-512:B1DC9CC675D5476C270A2D5B214D3DF2B3856576ED7EFE92D9A606C2D9D34E781018902AE75CE9C1E25007BB7F8D8F7B52997E6F05B845EF44BAF22F614FE899
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:mozLz40..[....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\content-prefs.sqlite

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 8, cookie 0x6, schema 4, largest root page 8, UTF-8, vacuum mode 1, version-valid-for 4
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):262144
                                                                                                                                                                                                                                                                    Entropy (8bit):0.04905141882491872
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:24:DLSvwae+Q8Uu50xj0aWe9LxYkKA25Q5tvAA:DKwae+QtMImelekKDa5
                                                                                                                                                                                                                                                                    MD5:8736A542C5564A922C47B19D9CC5E0F2
                                                                                                                                                                                                                                                                    SHA1:CE9D58967DA9B5356D6C1D8A482F9CE74DA9097A
                                                                                                                                                                                                                                                                    SHA-256:97CE5D8AFBB0AA610219C4FAC3927E32C91BFFD9FD971AF68C718E7B27E40077
                                                                                                                                                                                                                                                                    SHA-512:99777325893DC7A95FD49B2DA18D32D65F97CC7A8E482D78EDC32F63245457FA5A52750800C074D552D20B6A215604161FDC88763D93C76A8703470C3064196B
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j......|....~.}.}z}-|.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\favicons.sqlite-shm

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):32768
                                                                                                                                                                                                                                                                    Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                    MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                    SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                    SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                    SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\formhistory.sqlite

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 2, database pages 8, cookie 0x7, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                    Category:modified
                                                                                                                                                                                                                                                                    Size (bytes):262144
                                                                                                                                                                                                                                                                    Entropy (8bit):0.07361480481465442
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:24:DLsVxExBWrkier5NzW6LlmProNpNmVIpPuVM7rBmxF/EzgvA:DIHMArt0pmcNptpGVM7rBw/v
                                                                                                                                                                                                                                                                    MD5:EF201C46A373CB8F4CF28F4B1EF972CE
                                                                                                                                                                                                                                                                    SHA1:17398045FCB53FA8C68B24CF5A67F6AE0C2D312B
                                                                                                                                                                                                                                                                    SHA-256:A65CF82FFC9CCA702BB5C33230142209297CBE4459D6E2AEF8DB2E3ED38A7CAD
                                                                                                                                                                                                                                                                    SHA-512:BF997E2E70A93557D7F62A3952FBC1590506817FE73B0A38ED329B2FE816E976899D2A193FCE783C5D9B86B73A6ED97025D29B51CB65D74FBC3FAA39DCC694F8
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j......z....~k}.|o{.{wz...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\places.sqlite-shm

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):32768
                                                                                                                                                                                                                                                                    Entropy (8bit):0.035699946889726504
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:3:GtlstFGNBra2Rs9o3lstFGNBra2RsltL89//alEl:GtWtEDTs9o3WtEDTsltL89XuM
                                                                                                                                                                                                                                                                    MD5:F97EC4BDBA0FD19A9A8140AB1102C469
                                                                                                                                                                                                                                                                    SHA1:A60C97EB955213635AE90344F5AFFA783E22AC0E
                                                                                                                                                                                                                                                                    SHA-256:9AA48E06260C38085C8825F8264E114BBBC3F85C52867936650A4696810E67F6
                                                                                                                                                                                                                                                                    SHA-512:2F6EF950FCDA2139A07948F97939780F66B9769E26628F7AF959A4D66340AF7F981C6BF33C2CD0B75C7BC38AC18EF4F1660EAA63B001D76FB3606B9FA1A15637
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:..-.......................$n.9eO/..^;......7a....-.......................$n.9eO/..^;......7a..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\places.sqlite-wal

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):32824
                                                                                                                                                                                                                                                                    Entropy (8bit):0.039920253262097694
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:3:Ol17AadJ3lCfKUe+14YxLl8rEXsxdwhml8XW3R2:KlnJ85hl8dMhm93w
                                                                                                                                                                                                                                                                    MD5:C1F831CE64AAF17248AEE089D9C1F8C0
                                                                                                                                                                                                                                                                    SHA1:F9204A773CF6F21B2BB58FE0F7B44BBC25DB0A7C
                                                                                                                                                                                                                                                                    SHA-256:E7DDA92264F39D8E00C006B0E115E622DB2FAC3B52513E00A9537A9FC0810D7B
                                                                                                                                                                                                                                                                    SHA-512:1A87376976E164E203A48AD1A990EC991669079A16C20E04C0116A5E517A3851C55F40A65F8781F495B5237ECED337B457A1CBCDB2C9CF2CF8E8ADD0F1D14E2E
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:7....-........../..^;...3..B..."......../..^;...n$..Oe9.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\prefs-1.js

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):12237
                                                                                                                                                                                                                                                                    Entropy (8bit):5.481898403083178
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:192:2nGRvo1YYbBp6iDLZwxhaXZ6+qN8v5RuFNBw8d3Se:Ve7FwxLTSEw8b
                                                                                                                                                                                                                                                                    MD5:473A2D072380ADBDCA59AE3A13A4F588
                                                                                                                                                                                                                                                                    SHA1:CB8AC210F10369CB84C2335F838A12DB3E2CAAB9
                                                                                                                                                                                                                                                                    SHA-256:6DC5622AA329A492428450B11C4C7D08201DF79DC730C89B2719D0C4A677EA55
                                                                                                                                                                                                                                                                    SHA-512:F8382D332F6DC26434A702B9319C69E63E9E900D315738B239BC239B16DBA3E28271DF9F5EC7ECC1569A9D42FABEC11BCF6FA8C64EEAD4321B81D3CF58B36E6F
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "0dbf219f-4e18-464a-957c-ae336603cdcc");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1728056300);..user_pref("app.update.lastUpdateTime.background-update-timer", 1728056300);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1728056300);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 172805

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\prefs.js (copy)

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):12237
                                                                                                                                                                                                                                                                    Entropy (8bit):5.481898403083178
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:192:2nGRvo1YYbBp6iDLZwxhaXZ6+qN8v5RuFNBw8d3Se:Ve7FwxLTSEw8b
                                                                                                                                                                                                                                                                    MD5:473A2D072380ADBDCA59AE3A13A4F588
                                                                                                                                                                                                                                                                    SHA1:CB8AC210F10369CB84C2335F838A12DB3E2CAAB9
                                                                                                                                                                                                                                                                    SHA-256:6DC5622AA329A492428450B11C4C7D08201DF79DC730C89B2719D0C4A677EA55
                                                                                                                                                                                                                                                                    SHA-512:F8382D332F6DC26434A702B9319C69E63E9E900D315738B239BC239B16DBA3E28271DF9F5EC7ECC1569A9D42FABEC11BCF6FA8C64EEAD4321B81D3CF58B36E6F
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "0dbf219f-4e18-464a-957c-ae336603cdcc");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1728056300);..user_pref("app.update.lastUpdateTime.background-update-timer", 1728056300);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1728056300);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 172805

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\protections.sqlite

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:SQLite 3.x database, user version 1, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 2, cookie 0x1, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):65536
                                                                                                                                                                                                                                                                    Entropy (8bit):0.04062825861060003
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:3:lSGBl/l/zl9l/AltllPltlnKollzvulJOlzALRWemFxu7TuRjBFbrl58lcV+wgn8:ltBl/lqN1K4BEJYqWvLue3FMOrMZ0l
                                                                                                                                                                                                                                                                    MD5:60C09456D6362C6FBED48C69AA342C3C
                                                                                                                                                                                                                                                                    SHA1:58B6E22DAA48C75958B429F662DEC1C011AE74D3
                                                                                                                                                                                                                                                                    SHA-256:FE1A432A2CD096B7EEA870D46D07F5197E34B4D10666E6E1C357FAA3F2FE2389
                                                                                                                                                                                                                                                                    SHA-512:936DBC887276EF07732783B50EAFE450A8598B0492B8F6C838B337EF3E8A6EA595E7C7A2FA4B3E881887FAAE2D207B953A4C65ED8C964D93118E00D3E03882BD
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:SQLite format 3......@ ..........................................................................j.......x..x..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionCheckpoints.json (copy)

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):90
                                                                                                                                                                                                                                                                    Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                    MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                    SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                    SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                    SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionCheckpoints.json.tmp

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):90
                                                                                                                                                                                                                                                                    Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                    MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                    SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                    SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                    SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionstore-backups\recovery.jsonlz4 (copy)

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 5869 bytes
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):1576
                                                                                                                                                                                                                                                                    Entropy (8bit):6.2596013609821615
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:24:vGUSUGliGozUb5sRGLXZ+f4mZPvdsP/4zxCkcT5sUBbGULOFoHox2yRCC6T/8sqY:rpmzWGGxmPwzxAfb2oIx1CCOsvkkm
                                                                                                                                                                                                                                                                    MD5:92A9090B7EB047C0D718F82F4D9D06BE
                                                                                                                                                                                                                                                                    SHA1:28179FBF52AC9F886DF12C9B65B97C9E7752E9F4
                                                                                                                                                                                                                                                                    SHA-256:312B4B1212EE8A93F095D2C224A7DAF3344DDC92B84CC1A2C9BE6B0CDBAB8353
                                                                                                                                                                                                                                                                    SHA-512:A479F9A819266D52CA214FE7734A6B9A334EBE77ACD0AD2312510061BE8BECBBACABE79EAAC726000F7A778961BC0E3AC1ECE4C75BCF042540AB8E5BC652FF97
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie...}url":"about:home","title":"New Tab","cacheKey":0,"ID":7,"docshellUUID":"{2dc1c43b-7154-4074-a840-4ad8a93fade2}","resultPrincipalURI":null,"p....ToInherit_base64":"{\"0\":...\"moz-null4...:{94e4e998-d22d-48de-bf3f-42ad5888c1db}\"}}","hasUserInteractA...true,"triggeringP[....Q3\":{D...docIdentifier":8,"persistK..+}],"lastAccessed":1728056294477,"hidden":false,"searchMode...userContextId{..attribut....{},"index":1,"requestedI..p0,"imag....chrome://branding/cU..nt/icon32.png"n..TypedValu8...https://online.nashikproperty.com/?zn1YPM=PpjA..Clear":1..aselect...,"_closedT..@],"_!..C....GroupCount":-1,"busy.......Flags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizemh..."minimized","workspace...."544a81f3-86cf-4601-b565-c8cb2ca3983a","zp.....Wu...........r.......1":{!.iUpdate...80,"startTim..P70379...centCrash...0},"global..Dcook.. ho...."addons.mozilla.or...v.. 7cO..*9745a185df1b235fd3ecf9e918cb7cd2b41b70558

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionstore-backups\recovery.jsonlz4.tmp

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:Mozilla lz4 compressed data, originally 5869 bytes
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):1576
                                                                                                                                                                                                                                                                    Entropy (8bit):6.2596013609821615
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:24:vGUSUGliGozUb5sRGLXZ+f4mZPvdsP/4zxCkcT5sUBbGULOFoHox2yRCC6T/8sqY:rpmzWGGxmPwzxAfb2oIx1CCOsvkkm
                                                                                                                                                                                                                                                                    MD5:92A9090B7EB047C0D718F82F4D9D06BE
                                                                                                                                                                                                                                                                    SHA1:28179FBF52AC9F886DF12C9B65B97C9E7752E9F4
                                                                                                                                                                                                                                                                    SHA-256:312B4B1212EE8A93F095D2C224A7DAF3344DDC92B84CC1A2C9BE6B0CDBAB8353
                                                                                                                                                                                                                                                                    SHA-512:A479F9A819266D52CA214FE7734A6B9A334EBE77ACD0AD2312510061BE8BECBBACABE79EAAC726000F7A778961BC0E3AC1ECE4C75BCF042540AB8E5BC652FF97
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie...}url":"about:home","title":"New Tab","cacheKey":0,"ID":7,"docshellUUID":"{2dc1c43b-7154-4074-a840-4ad8a93fade2}","resultPrincipalURI":null,"p....ToInherit_base64":"{\"0\":...\"moz-null4...:{94e4e998-d22d-48de-bf3f-42ad5888c1db}\"}}","hasUserInteractA...true,"triggeringP[....Q3\":{D...docIdentifier":8,"persistK..+}],"lastAccessed":1728056294477,"hidden":false,"searchMode...userContextId{..attribut....{},"index":1,"requestedI..p0,"imag....chrome://branding/cU..nt/icon32.png"n..TypedValu8...https://online.nashikproperty.com/?zn1YPM=PpjA..Clear":1..aselect...,"_closedT..@],"_!..C....GroupCount":-1,"busy.......Flags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizemh..."minimized","workspace...."544a81f3-86cf-4601-b565-c8cb2ca3983a","zp.....Wu...........r.......1":{!.iUpdate...80,"startTim..P70379...centCrash...0},"global..Dcook.. ho...."addons.mozilla.or...v.. 7cO..*9745a185df1b235fd3ecf9e918cb7cd2b41b70558

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\targeting.snapshot.json (copy)

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):4537
                                                                                                                                                                                                                                                                    Entropy (8bit):5.0325116396300915
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:48:YrSAY/pUQZpExB1+anOdWtVheTV2hWUzzc89YMsku7f86SLAVL7Kl5FtsfAcbyJW:yc/dTEr59kUzzctvbw6KkqRrc2Rn27
                                                                                                                                                                                                                                                                    MD5:9D04202383D7611D7F3AD04CFC7DFD6D
                                                                                                                                                                                                                                                                    SHA1:1E990DAA970DEBFAD241F6F56ABF8B56D804474E
                                                                                                                                                                                                                                                                    SHA-256:4B0F5AF34FED973A2F0E1E2D2DAA2FA268ADD2250257E0FDCFDEF9477B98062B
                                                                                                                                                                                                                                                                    SHA-512:E762F0AC815DF9B58963CED0FDD2A26FBD1E1897E8646D980C3736AD09580967DAF8052C2354EBDFCFE67124C0893CF538487644B16ED0D7EA18601C6809C473
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2024-10-04T15:38:14.511Z","profileAgeCreated":1696583300378,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\targeting.snapshot.json.tmp

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                    Size (bytes):4537
                                                                                                                                                                                                                                                                    Entropy (8bit):5.0325116396300915
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:48:YrSAY/pUQZpExB1+anOdWtVheTV2hWUzzc89YMsku7f86SLAVL7Kl5FtsfAcbyJW:yc/dTEr59kUzzctvbw6KkqRrc2Rn27
                                                                                                                                                                                                                                                                    MD5:9D04202383D7611D7F3AD04CFC7DFD6D
                                                                                                                                                                                                                                                                    SHA1:1E990DAA970DEBFAD241F6F56ABF8B56D804474E
                                                                                                                                                                                                                                                                    SHA-256:4B0F5AF34FED973A2F0E1E2D2DAA2FA268ADD2250257E0FDCFDEF9477B98062B
                                                                                                                                                                                                                                                                    SHA-512:E762F0AC815DF9B58963CED0FDD2A26FBD1E1897E8646D980C3736AD09580967DAF8052C2354EBDFCFE67124C0893CF538487644B16ED0D7EA18601C6809C473
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2024-10-04T15:38:14.511Z","profileAgeCreated":1696583300378,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                    Chrome Cache Entry: 94

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (561)
                                                                                                                                                                                                                                                                    Category:downloaded
                                                                                                                                                                                                                                                                    Size (bytes):566
                                                                                                                                                                                                                                                                    Entropy (8bit):4.934859484474443
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:12:u2+/PgrpQUfBHslriFkrX0CwuZsukwu69w4kwzC3:VrSUfBHslgkrX07uZsuFkw+
                                                                                                                                                                                                                                                                    MD5:62B3564F882053E4028285705DF01F11
                                                                                                                                                                                                                                                                    SHA1:9EA5E83752D92C49354E8635CDF8FCBB876EC746
                                                                                                                                                                                                                                                                    SHA-256:B138E0E51710ECB206585EBBE4EA5A769689EFC233CAB4B1964EB167709788B5
                                                                                                                                                                                                                                                                    SHA-512:52232E8A18EDD0D5AC422350B7F1AEFB5B296F87EC9C945B438F0CEC273C49E94C4756D83C81893C1B92C0D225A6858073D002C3824EC01CDC1568AE573230F2
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fonline.nashikproperty.c&oit=3&cp=31&pgcl=4&gs_rn=42&psi=Ry3v2W9Io9_oTcQX&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                                                                                                                                                                                                                                    Preview:)]}'.["https://online.nashikproperty.c",["https //online.nashikproperty.com","https //online.nashikproperty.com login","https //online.nashikproperty.co.in"],["","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestdetail":[{"mp":"\u2026 ","t":"//online.nashikproperty.com"},{"mp":"\u2026 ","t":"//online.nashikproperty.com login"},{"mp":"\u2026 ","t":"//online.nashikproperty.co.in"}],"google:suggestrelevance":[601,600,550],"google:suggestsubtypes":[[160],[160],[160]],"google:suggesttype":["TAIL","TAIL","TAIL"],"google:verbatimrelevance":851}]

                                                                                                                                                                                                                                                                    Chrome Cache Entry: 95

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    File Type:ASCII text
                                                                                                                                                                                                                                                                    Category:downloaded
                                                                                                                                                                                                                                                                    Size (bytes):153
                                                                                                                                                                                                                                                                    Entropy (8bit):4.760168403282845
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:3:Vw2CIkNtXKsR46zwwBHsLpHbGWjLwWkzXFETH1u4:Vw2Cg6z5BHsLRGAwWeXFEL13
                                                                                                                                                                                                                                                                    MD5:AC42EB12E58578BCBB4F77BA2A2883C3
                                                                                                                                                                                                                                                                    SHA1:49D3639CC70B4C90FAEFBFCB5E6C895CCF91B7DF
                                                                                                                                                                                                                                                                    SHA-256:6E0A5291C6FACECA626C73736B64ECF18A38AEB676487FE70E5017CE87767293
                                                                                                                                                                                                                                                                    SHA-512:F46D45542CF026B85169341766AC1D4D8AFF011BA638DA548F52426D57673BBB848C72517A7C01DD7EDE810754F0D2C5AC8F8AF34FF796F1E6171A76143BBA95
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fonline.nashikproperty.com&oit=3&cp=33&pgcl=4&gs_rn=42&psi=Ry3v2W9Io9_oTcQX&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                                                                                                                                                                                                                                    Preview:)]}'.["https://online.nashikproperty.com",[],[],[],{"google:clientdata":{"bpc":false,"tlw":true},"google:suggesttype":[],"google:verbatimrelevance":851}]

                                                                                                                                                                                                                                                                    Chrome Cache Entry: 96

                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (556)
                                                                                                                                                                                                                                                                    Category:downloaded
                                                                                                                                                                                                                                                                    Size (bytes):561
                                                                                                                                                                                                                                                                    Entropy (8bit):4.9300242887252015
                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                    SSDEEP:12:u2d/PgrpKfBHslriFkrzCwuZsukwu69w4kwzC3:QrMfBHslgkrz7uZsuFkw+
                                                                                                                                                                                                                                                                    MD5:744CF8084E9B5CAA9E5875143E8FB184
                                                                                                                                                                                                                                                                    SHA1:AE110A62D19AC3B6947B5D1CC171E318F80FDE2A
                                                                                                                                                                                                                                                                    SHA-256:B607BAE6BFC725B069C7206A6F6738BBEA1A84EC63CD3F01489B2574FB41CE96
                                                                                                                                                                                                                                                                    SHA-512:D61A0FC53D9CC3B8239D9EBB8EC711FA20A5B86E6657FF6544F4DA6E4E3FAEA72FDC2C99920C216F34EC33A5F6125E6D28F2B37148277F65BA86924972CC7E87
                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fonline.nashikproperty.&oit=3&cp=30&pgcl=4&gs_rn=42&psi=Ry3v2W9Io9_oTcQX&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                                                                                                                                                                                                                                    Preview:)]}'.["https://online.nashikproperty.",["https //online.nashikproperty.com","https //online.nashikproperty.com login","https //online.nashikproperty.org"],["","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestdetail":[{"mp":"\u2026 ","t":"//online.nashikproperty.com"},{"mp":"\u2026 ","t":"//online.nashikproperty.com login"},{"mp":"\u2026 ","t":"//online.nashikproperty.org"}],"google:suggestrelevance":[601,600,550],"google:suggestsubtypes":[[160],[160],[160]],"google:suggesttype":["TAIL","TAIL","TAIL"],"google:verbatimrelevance":851}]

                                                                                                                                                                                                                                                                    Static File Info

                                                                                                                                                                                                                                                                    No static file info

                                                                                                                                                                                                                                                                    Network Behavior

                                                                                                                                                                                                                                                                    Network Port Distribution

                                                                                                                                                                                                                                                                    TCP Packets

                                                                                                                                                                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:54.215511084 CEST4968080192.168.2.16192.229.211.108
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:54.550560951 CEST49678443192.168.2.1620.189.173.10
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:55.987550974 CEST49673443192.168.2.16204.79.197.203
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.027529001 CEST4968080192.168.2.16192.229.211.108
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.769907951 CEST49704443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.769932032 CEST4434970445.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.770220995 CEST49704443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.770363092 CEST49705443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.770401955 CEST4434970545.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.770467043 CEST49705443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.770617008 CEST49704443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.770633936 CEST4434970445.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.770839930 CEST49705443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.770853996 CEST4434970545.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.141499043 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.141526937 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.141644955 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.144226074 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.144237995 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.346652985 CEST49708443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.346699953 CEST44349708142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.346812010 CEST49708443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.347405910 CEST49708443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.347419977 CEST44349708142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.938379049 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.938513994 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.981997013 CEST44349708142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.982347012 CEST49708443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.982362032 CEST44349708142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.983484030 CEST44349708142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.983613014 CEST49708443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.984666109 CEST49708443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.984740973 CEST44349708142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.993398905 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.993412971 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.993755102 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.038541079 CEST49708443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.038552046 CEST44349708142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.038635969 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.055413961 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.086553097 CEST49708443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.103401899 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.165498018 CEST49678443192.168.2.1620.189.173.10
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.310373068 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.310400963 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.310410976 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.310420990 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.310451984 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.310549021 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.310570002 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.310606956 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.310628891 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.311019897 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.311101913 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.311106920 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.311166048 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.322540998 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.322562933 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.322580099 CEST49707443192.168.2.164.245.163.56
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:04.322586060 CEST443497074.245.163.56192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:08.634594917 CEST4968080192.168.2.16192.229.211.108
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:13.887948036 CEST44349708142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:13.888010025 CEST44349708142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:13.888066053 CEST49708443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:14.876385927 CEST49708443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:14.876422882 CEST44349708142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.778836966 CEST49704443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.778938055 CEST49705443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.778979063 CEST4434970445.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.779048920 CEST49704443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.779088974 CEST4434970545.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.779134989 CEST49705443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.956860065 CEST49712443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.956908941 CEST4434971245.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.957015991 CEST49712443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.957199097 CEST49711443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.957231045 CEST4434971145.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.957277060 CEST49712443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.957287073 CEST4434971245.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.957490921 CEST49711443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.957490921 CEST49711443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:29.957524061 CEST4434971145.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:34.535868883 CEST49713443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:34.535931110 CEST44349713142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:34.536036015 CEST49713443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:34.536278963 CEST49713443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:34.536304951 CEST44349713142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:34.637933016 CEST49714443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:34.637999058 CEST44349714142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:34.638118982 CEST49714443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:34.638523102 CEST49714443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:34.638534069 CEST44349714142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.361874104 CEST44349714142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.361915112 CEST44349713142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.362349033 CEST49714443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.362349033 CEST49713443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.362368107 CEST44349714142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.362380028 CEST44349713142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.362728119 CEST44349713142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.362780094 CEST44349714142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.363306046 CEST49713443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.363306999 CEST49714443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.363373041 CEST44349714142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.363379002 CEST44349713142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.363414049 CEST49713443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.403623104 CEST49714443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.403623104 CEST49713443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.403647900 CEST44349713142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.722371101 CEST44349713142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.724879026 CEST44349713142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.725279093 CEST49713443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.726717949 CEST49713443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.726732969 CEST44349713142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:36.462410927 CEST49714443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:36.507400036 CEST44349714142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:36.730716944 CEST44349714142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:36.733283997 CEST44349714142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:36.733396053 CEST49714443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:36.734618902 CEST49714443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:36.734637022 CEST44349714142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:37.242192030 CEST49715443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:37.242234945 CEST44349715142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:37.242327929 CEST49715443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:37.242613077 CEST49715443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:37.242631912 CEST44349715142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:37.675753117 CEST49716443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:37.675787926 CEST44349716142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:37.675863028 CEST49716443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:37.677561998 CEST49716443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:37.677580118 CEST44349716142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.120028019 CEST44349715142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.120349884 CEST49715443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.120367050 CEST44349715142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.120712996 CEST44349715142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.121015072 CEST49715443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.121144056 CEST49715443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.121156931 CEST44349715142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.162621975 CEST49715443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.162632942 CEST44349715142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.439217091 CEST44349715142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.439651966 CEST44349716142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.439908028 CEST49716443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.439923048 CEST44349716142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.440253019 CEST44349716142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.440642118 CEST49716443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.440700054 CEST44349716142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.441920996 CEST44349715142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.442013979 CEST49715443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.443031073 CEST49715443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.443058968 CEST44349715142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:38.480721951 CEST49716443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:40.802149057 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:40.802181959 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:40.802289009 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:40.802762985 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:40.802772999 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.669754028 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.669998884 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.673001051 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.673008919 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.673324108 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.681247950 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.727402925 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.935877085 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.935902119 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.935949087 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.936063051 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.936063051 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.936075926 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.936136961 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.937031984 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.937077999 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.937123060 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.937123060 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.937129974 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.937140942 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.937266111 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.940396070 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.940408945 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.940424919 CEST49717443192.168.2.1620.109.210.53
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:41.940432072 CEST4434971720.109.210.53192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:44.489716053 CEST49718443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:44.489777088 CEST4434971820.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:44.489850998 CEST49718443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:44.491821051 CEST49718443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:44.491846085 CEST4434971820.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.278564930 CEST4434971820.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.278650999 CEST49718443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.311878920 CEST49718443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.311899900 CEST4434971820.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.312218904 CEST4434971820.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.313519955 CEST49718443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.313555956 CEST49718443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.313600063 CEST4434971820.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.764828920 CEST4434971820.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.764853954 CEST4434971820.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.764879942 CEST4434971820.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.764918089 CEST49718443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.764925003 CEST4434971820.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.764960051 CEST49718443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.765002012 CEST49718443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.765350103 CEST49718443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.765369892 CEST4434971820.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.765378952 CEST49718443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.765384912 CEST4434971820.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.869041920 CEST49719443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.869077921 CEST4434971920.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.869266987 CEST49719443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.870026112 CEST49719443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:45.870042086 CEST4434971920.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:46.690068960 CEST4434971920.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:46.690273046 CEST49719443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:46.700959921 CEST49719443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:46.700974941 CEST4434971920.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:46.701351881 CEST4434971920.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:46.702084064 CEST49719443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:46.702084064 CEST49719443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:46.702115059 CEST4434971920.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.105052948 CEST4434971920.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.105093002 CEST4434971920.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.105119944 CEST4434971920.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.105197906 CEST49719443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.105221033 CEST4434971920.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.105302095 CEST4434971920.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.105408907 CEST49719443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.105882883 CEST49719443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.105882883 CEST49719443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.105897903 CEST4434971920.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.105906010 CEST4434971920.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.239232063 CEST49720443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.239258051 CEST4434972020.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.239341021 CEST49720443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.239795923 CEST49720443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:47.239809036 CEST4434972020.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.033601999 CEST4434972020.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.034250021 CEST49720443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.034285069 CEST4434972020.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.035058022 CEST49720443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.035067081 CEST4434972020.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.035095930 CEST49720443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.035104990 CEST4434972020.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.348578930 CEST44349716142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.348637104 CEST44349716142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.348757029 CEST49716443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.448939085 CEST4434972020.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.448966980 CEST4434972020.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.448992968 CEST4434972020.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.449043989 CEST49720443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.449070930 CEST4434972020.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.449085951 CEST49720443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.449393988 CEST4434972020.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.449448109 CEST49720443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.449481010 CEST49720443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.449497938 CEST4434972020.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.449507952 CEST49720443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.449512959 CEST4434972020.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.594466925 CEST49725443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.594504118 CEST4434972520.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.594609022 CEST49725443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.594873905 CEST49725443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.594888926 CEST4434972520.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.712496042 CEST49726443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.712522984 CEST4434972635.190.72.216192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.712722063 CEST49726443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.718123913 CEST49726443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.718153000 CEST4434972635.190.72.216192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.870362043 CEST49716443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.870394945 CEST44349716142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.213002920 CEST4434972635.190.72.216192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.213099003 CEST49726443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.225579023 CEST49726443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.225594044 CEST4434972635.190.72.216192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.225675106 CEST49726443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.225780964 CEST4434972635.190.72.216192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.225838900 CEST49726443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.382086992 CEST4434972520.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.388480902 CEST49725443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.388503075 CEST4434972520.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.389175892 CEST49725443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.389182091 CEST4434972520.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.389261961 CEST49725443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.389269114 CEST4434972520.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.780855894 CEST4434972520.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.780877113 CEST4434972520.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.780915976 CEST4434972520.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.780983925 CEST4434972520.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.782087088 CEST49725443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.782510996 CEST49725443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.782520056 CEST4434972520.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.782531977 CEST49725443192.168.2.1620.190.160.17
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.782536983 CEST4434972520.190.160.17192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.964801073 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.964823008 CEST443497272.23.209.141192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.965064049 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.967422009 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:49.967431068 CEST443497272.23.209.141192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.609213114 CEST443497272.23.209.141192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.615410089 CEST443497272.23.209.141192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.615773916 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.625133991 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.625145912 CEST443497272.23.209.141192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.625616074 CEST443497272.23.209.141192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.625721931 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.630019903 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.630043983 CEST443497272.23.209.141192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.758387089 CEST4972880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.764564991 CEST804972834.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.764952898 CEST4972880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.764952898 CEST4972880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.775682926 CEST804972834.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.959227085 CEST443497272.23.209.141192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.959265947 CEST443497272.23.209.141192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.959315062 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.959321976 CEST443497272.23.209.141192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.959398985 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.959398985 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.959723949 CEST443497272.23.209.141192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.959779024 CEST443497272.23.209.141192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.959827900 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.959827900 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.962697983 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.962697983 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.962713957 CEST443497272.23.209.141192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.962866068 CEST49727443192.168.2.162.23.209.141
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.181444883 CEST49729443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.181499004 CEST4434972934.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.181963921 CEST49729443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.183562040 CEST49729443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.183578968 CEST4434972934.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.218521118 CEST49730443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.218553066 CEST4434973034.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.219120026 CEST49730443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.220747948 CEST49730443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.220766068 CEST4434973034.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.503581047 CEST804972834.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.505754948 CEST804972834.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.505835056 CEST4972880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.510181904 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.510210991 CEST4434973135.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.510278940 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.510385036 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.510392904 CEST4434973135.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.687844038 CEST4434972934.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.687922001 CEST49729443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.695900917 CEST49729443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.695915937 CEST4434972934.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.696079016 CEST49729443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.696094036 CEST4434972934.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.696361065 CEST49729443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.696468115 CEST49732443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.696497917 CEST4434973234.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.696670055 CEST49732443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.698028088 CEST49732443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.698039055 CEST4434973234.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.957928896 CEST4434973034.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.958034039 CEST49730443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.964963913 CEST49730443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.964983940 CEST4434973034.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.965046883 CEST49730443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.965220928 CEST4434973034.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.965277910 CEST49730443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.995090961 CEST4434973135.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.995162964 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.998747110 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.998756886 CEST4434973135.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.999084949 CEST4434973135.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.002295017 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.002398014 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.003177881 CEST4434973135.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.003248930 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.173248053 CEST4434973234.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.173937082 CEST49732443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.205977917 CEST49732443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.206001997 CEST4434973234.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.206108093 CEST49732443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.206262112 CEST4434973234.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.207798004 CEST49732443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.420259953 CEST49733443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.420289993 CEST4434973334.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.420568943 CEST49733443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.421955109 CEST49733443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.421979904 CEST4434973334.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.912059069 CEST4434973334.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:52.912134886 CEST49733443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.113667011 CEST49733443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.113692045 CEST4434973334.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.113712072 CEST49733443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.113951921 CEST4434973334.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.114006996 CEST49733443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.131508112 CEST4972880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.140950918 CEST804972834.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.141077042 CEST4972880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.147775888 CEST49734443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.147829056 CEST4434973434.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.148390055 CEST49734443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.149804115 CEST49734443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.149818897 CEST4434973434.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.155488014 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.155652046 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.161169052 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.161181927 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.161315918 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.161360025 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.383625984 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.383837938 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.384500980 CEST49737443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.384541035 CEST4434973734.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.384654999 CEST49737443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.384795904 CEST49737443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.384810925 CEST4434973734.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.388648033 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.388664007 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.617533922 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.619780064 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.633708000 CEST4434973434.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.633807898 CEST49734443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.639401913 CEST49734443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.639425039 CEST4434973434.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.639538050 CEST49734443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.639614105 CEST4434973434.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.639831066 CEST49734443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.639837980 CEST49738443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.639868975 CEST4434973834.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.640202999 CEST49738443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.641360044 CEST49738443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.641369104 CEST4434973834.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.660614014 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.660753012 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.864300013 CEST4434973734.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.864372015 CEST49737443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.867769003 CEST49737443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.867778063 CEST4434973734.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.868066072 CEST4434973734.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.871088028 CEST49737443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.871170998 CEST49737443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.871239901 CEST4434973734.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.871294022 CEST49737443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:54.110096931 CEST4434973834.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:54.110276937 CEST49738443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:54.115387917 CEST49738443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:54.115405083 CEST4434973834.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:54.115497112 CEST49738443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:54.115598917 CEST4434973834.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:54.115760088 CEST49738443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.123358011 CEST49739443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.123394966 CEST4434973934.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.123478889 CEST49739443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.123606920 CEST49739443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.123616934 CEST4434973934.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.326606989 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.332847118 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.334808111 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.338776112 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.407948971 CEST49740443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.407970905 CEST4434974034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.408384085 CEST49740443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.409792900 CEST49740443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.409801006 CEST4434974034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.424458981 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.430032015 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.469651937 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.484683037 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.566489935 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.574337006 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.610759020 CEST4434973934.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.610851049 CEST49739443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.614496946 CEST49739443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.614502907 CEST4434973934.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.614741087 CEST4434973934.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.617346048 CEST49739443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.617444992 CEST49739443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.617511034 CEST4434973934.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.617569923 CEST49739443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.664670944 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.706621885 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.915368080 CEST4434974034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.919132948 CEST49740443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.924295902 CEST49740443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.924309969 CEST4434974034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.924406052 CEST49740443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.924524069 CEST4434974034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.924591064 CEST49740443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:56.297723055 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:56.306034088 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:56.622083902 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:56.630877018 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:56.630949020 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.265376091 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.270292997 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.360342026 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.406734943 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.591619015 CEST49742443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.591649055 CEST4434974245.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.591948032 CEST49742443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.593362093 CEST49742443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.593381882 CEST4434974245.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:59.972704887 CEST49712443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:59.972855091 CEST4434971245.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:59.972875118 CEST49711443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:59.972928047 CEST49712443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:59.973088980 CEST4434971145.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:59.973498106 CEST49711443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.391011953 CEST49744443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.391050100 CEST44349744142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.391180992 CEST49744443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.391566038 CEST49744443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.391583920 CEST44349744142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.651479959 CEST49745443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.651526928 CEST4434974545.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.651942968 CEST49746443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.651956081 CEST4434974645.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.652299881 CEST49745443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.652581930 CEST49746443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.652581930 CEST49746443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.652606964 CEST4434974645.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.652774096 CEST49745443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:03.652787924 CEST4434974545.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.371759892 CEST49747443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.371818066 CEST4434974745.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.375835896 CEST49747443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.379861116 CEST49747443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.379888058 CEST4434974745.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.435332060 CEST44349744142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.435632944 CEST49744443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.435668945 CEST44349744142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.436037064 CEST44349744142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.439121962 CEST49744443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.439229965 CEST44349744142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.441653967 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.446594954 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.449397087 CEST49748443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.449426889 CEST4434974834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.449527025 CEST49748443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.449899912 CEST49748443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.449914932 CEST4434974834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.482995987 CEST49744443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.536361933 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.589726925 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.700757027 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.713893890 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.761816025 CEST49749443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.761835098 CEST4434974935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.762069941 CEST49749443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.762156010 CEST49749443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.762161016 CEST4434974935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.803544044 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.852643967 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.915687084 CEST4434974834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.916429043 CEST49748443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.919739008 CEST49748443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.919745922 CEST4434974834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.919992924 CEST4434974834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.922935009 CEST49748443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.923094988 CEST49748443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.923098087 CEST4434974834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.923109055 CEST4434974834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.923497915 CEST49750443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.923558950 CEST4434975034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.923652887 CEST49750443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.923764944 CEST49750443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.923785925 CEST4434975034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.007246017 CEST49751443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.007291079 CEST4434975134.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.007405996 CEST49751443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.008845091 CEST49751443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.008861065 CEST4434975134.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.127409935 CEST4434974834.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.127528906 CEST49748443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.223272085 CEST4434974935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.223361015 CEST49749443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.226366043 CEST49749443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.226377964 CEST4434974935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.226676941 CEST4434974935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.229461908 CEST49749443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.229556084 CEST49749443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.229727983 CEST4434974935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.229789972 CEST49749443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.387996912 CEST4434975034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.388092995 CEST49750443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.393381119 CEST49750443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.393398046 CEST4434975034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.393697977 CEST4434975034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.397419930 CEST49750443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.397531033 CEST49750443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.397706985 CEST4434975034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.397773981 CEST49750443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.471545935 CEST4434975134.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.471849918 CEST49751443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.477251053 CEST49751443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.477277040 CEST4434975134.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.477334976 CEST49751443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.477480888 CEST4434975134.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:05.477555990 CEST49751443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:07.593679905 CEST49742443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:07.593691111 CEST4434974245.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.769073963 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.833787918 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.836240053 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.836297035 CEST4434975234.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.836383104 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.837923050 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.837941885 CEST4434975234.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.924942017 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.972683907 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.200115919 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.200169086 CEST4434975334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.204694986 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.205419064 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.205430031 CEST4434975434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.205522060 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.205538988 CEST4434975334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.207242966 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.207335949 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.207350969 CEST4434975434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.274219036 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.280605078 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.319236040 CEST4434975234.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.322745085 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.328289032 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.328315020 CEST4434975234.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.328386068 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.328507900 CEST4434975234.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.328561068 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.371146917 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.420661926 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.662015915 CEST4434975434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.662113905 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.665174961 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.665189028 CEST4434975434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.665539980 CEST4434975434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.668343067 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.668452024 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.668567896 CEST4434975434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.668658018 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.681904078 CEST4434975334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.682009935 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.685350895 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.685364962 CEST4434975334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.685722113 CEST4434975334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.688915968 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.689016104 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.689173937 CEST4434975334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.689241886 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.164835930 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.176187038 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.181092024 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.181137085 CEST4434975634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.181236029 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.182702065 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.182717085 CEST4434975634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.264919043 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.280735016 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.285548925 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.314805031 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.375016928 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.423729897 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.658463955 CEST4434975634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.660541058 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.665122986 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.665132046 CEST4434975634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.665206909 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.665324926 CEST4434975634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.665452003 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.966181993 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.967711926 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.967767954 CEST4434975734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.968017101 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.969602108 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.969630003 CEST4434975734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.180857897 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.268029928 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.315709114 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.621176004 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.627840042 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.662683964 CEST4434975734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.662889957 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.716169119 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.721422911 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.721436024 CEST4434975734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.721611977 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.721724033 CEST4434975734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.721796036 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.768312931 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:13.959573030 CEST44349744142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:13.959640026 CEST44349744142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:13.959783077 CEST49744443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.367091894 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.374170065 CEST49758443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.374218941 CEST4434975834.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.375016928 CEST49758443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.375556946 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.376678944 CEST49758443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.376691103 CEST4434975834.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.385092974 CEST49747443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.385107040 CEST4434974745.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.466773033 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.521675110 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.832720995 CEST4434975834.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.835870981 CEST49758443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.870621920 CEST49744443192.168.2.16142.250.185.164
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.870635033 CEST44349744142.250.185.164192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:15.046725035 CEST49758443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:15.046761036 CEST4434975834.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:15.046833992 CEST49758443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:15.047039032 CEST4434975834.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:15.047118902 CEST49758443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:16.060286045 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:16.062980890 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:16.065165997 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:16.068661928 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:16.174913883 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:16.175429106 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:16.224701881 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:16.224714994 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:17.604713917 CEST49742443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:17.604733944 CEST4434974245.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:17.941557884 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:18.196810961 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:18.288453102 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:18.330746889 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:21.239417076 CEST49759443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:21.239471912 CEST4434975935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:21.240227938 CEST49759443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.318391085 CEST49759443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.318428040 CEST4434975935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.774337053 CEST4434975935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.774463892 CEST49759443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.777044058 CEST49759443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.777055025 CEST4434975935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.777316093 CEST4434975935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.780170918 CEST49759443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.780256987 CEST49759443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.780329943 CEST4434975935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.780384064 CEST49759443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.789258957 CEST49760443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.789304972 CEST4434976034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.790568113 CEST49760443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.790734053 CEST49760443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:22.790766001 CEST4434976034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:23.269925117 CEST4434976034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:23.270073891 CEST49760443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:23.434410095 CEST49760443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:23.434452057 CEST4434976034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:23.434786081 CEST4434976034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:23.474731922 CEST49760443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:23.621400118 CEST49760443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:23.621400118 CEST49760443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:23.621689081 CEST4434976034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:23.622077942 CEST49760443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.113737106 CEST49761443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.113781929 CEST4434976134.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.113858938 CEST49761443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.114051104 CEST49761443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.114064932 CEST4434976134.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.395872116 CEST49747443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.395896912 CEST4434974745.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.574567080 CEST4434976134.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.574685097 CEST49761443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.664011955 CEST49761443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.664038897 CEST4434976134.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.664316893 CEST4434976134.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.667917967 CEST49761443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.668036938 CEST49761443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.668076992 CEST4434976134.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:24.668176889 CEST49761443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:26.186722994 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:26.191607952 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:27.611738920 CEST49742443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:27.611768007 CEST4434974245.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.289721966 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.298144102 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.637370110 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.644030094 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.696435928 CEST49763443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.696501017 CEST4434976334.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.696571112 CEST49763443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.698057890 CEST49763443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.698091030 CEST4434976334.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.732904911 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.777720928 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:29.174643040 CEST4434976334.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:29.174875021 CEST49763443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:29.179636002 CEST49763443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:29.179655075 CEST4434976334.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:29.179718971 CEST49763443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:29.179775953 CEST4434976334.107.243.93192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:29.179828882 CEST49763443192.168.2.1634.107.243.93
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:29.639955997 CEST49742443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:29.640157938 CEST4434974245.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:29.646347046 CEST49742443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.482717037 CEST49764443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.482768059 CEST4434976452.222.236.23192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.482861996 CEST49764443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.483036995 CEST49764443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.483046055 CEST4434976452.222.236.23192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.486371994 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.491272926 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.544833899 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.545365095 CEST49765443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.545417070 CEST4434976535.190.72.216192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.545660019 CEST49765443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.547189951 CEST49765443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.547207117 CEST4434976535.190.72.216192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.549796104 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.555527925 CEST49766443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.555579901 CEST4434976635.201.103.21192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.555865049 CEST49766443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.557316065 CEST49766443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.557331085 CEST4434976635.201.103.21192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.581330061 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.622723103 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.638664007 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.685719013 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.004508018 CEST4434976535.190.72.216192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.004570007 CEST49765443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.009419918 CEST49765443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.009430885 CEST4434976535.190.72.216192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.009504080 CEST49765443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.009608030 CEST4434976535.190.72.216192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.009670973 CEST49765443192.168.2.1635.190.72.216
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.019869089 CEST4434976635.201.103.21192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.019958973 CEST49766443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.024262905 CEST49766443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.024270058 CEST4434976635.201.103.21192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.024332047 CEST49766443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.024431944 CEST4434976635.201.103.21192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.024483919 CEST49766443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.225132942 CEST4434976452.222.236.23192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.225213051 CEST49764443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.227993965 CEST49764443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.228007078 CEST4434976452.222.236.23192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.228274107 CEST4434976452.222.236.23192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.230635881 CEST49764443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.230779886 CEST49764443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.230789900 CEST4434976452.222.236.23192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.230834961 CEST49764443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.231149912 CEST49767443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.231180906 CEST4434976752.222.236.23192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.231268883 CEST49767443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.231365919 CEST49767443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.231372118 CEST4434976752.222.236.23192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.963206053 CEST4434976752.222.236.23192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.967412949 CEST4434976752.222.236.23192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.968487024 CEST49767443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.981560946 CEST49767443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.981575012 CEST4434976752.222.236.23192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:31.981930971 CEST4434976752.222.236.23192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:32.003835917 CEST49767443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:32.003925085 CEST49767443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:32.004110098 CEST4434976752.222.236.23192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:32.004198074 CEST49767443192.168.2.1652.222.236.23
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:33.653974056 CEST49746443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:33.654141903 CEST4434974645.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:33.654145956 CEST49745443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:33.654295921 CEST4434974545.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:33.658770084 CEST49746443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:33.658808947 CEST49745443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:34.402723074 CEST49747443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:34.402739048 CEST4434974745.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:34.481925011 CEST49696443192.168.2.16184.28.90.27
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:34.491117954 CEST44349696184.28.90.27192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:34.491173983 CEST49696443192.168.2.16184.28.90.27
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:35.624831915 CEST49700443192.168.2.16184.28.90.27
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:35.631576061 CEST44349700184.28.90.27192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:35.632101059 CEST49700443192.168.2.16184.28.90.27
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:38.674588919 CEST49769443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:38.674643040 CEST4434976945.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:38.674751997 CEST49770443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:38.674762011 CEST4434977045.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:38.675019026 CEST49769443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:38.675313950 CEST49769443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:38.675313950 CEST49770443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:38.675331116 CEST4434976945.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:38.675445080 CEST49770443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:38.675451994 CEST4434977045.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:40.582783937 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:40.591250896 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:40.644723892 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:40.649672985 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:44.417749882 CEST49747443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:44.417762995 CEST4434974745.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:47.188003063 CEST4434974745.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:47.199259996 CEST49747443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:50.593749046 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:50.600744963 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:50.656773090 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:50.661798000 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.452305079 CEST49747443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.452322006 CEST4434974745.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.453190088 CEST49771443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.453221083 CEST4434977145.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.453685999 CEST49771443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.455295086 CEST49771443192.168.2.1645.61.137.230
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.455315113 CEST4434977145.61.137.230192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.477929115 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.478573084 CEST4977280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.481781006 CEST49773443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.481829882 CEST4434977335.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.481954098 CEST49773443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.482122898 CEST49773443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.482136011 CEST4434977335.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.483176947 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.483721972 CEST4977480192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.484716892 CEST804977234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.484803915 CEST4977280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.484939098 CEST4977280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.484997988 CEST804973534.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.485057116 CEST4973580192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.490463972 CEST804973634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.490735054 CEST804977434.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.490768909 CEST4973680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.490806103 CEST4977480192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.490890026 CEST4977480192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.491868019 CEST804977234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.498163939 CEST804977434.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.502233982 CEST49775443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.502259970 CEST4434977535.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.502387047 CEST49776443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.502470970 CEST4434977635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.506141901 CEST49775443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.506225109 CEST49775443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.506233931 CEST49776443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.506249905 CEST4434977535.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.506405115 CEST49776443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.506431103 CEST4434977635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.556278944 CEST49777443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.556325912 CEST4434977734.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.556405067 CEST49777443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.556529999 CEST49777443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.556540966 CEST4434977734.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.947098970 CEST804977434.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.947968006 CEST4977280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.954231977 CEST804977234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.954324007 CEST4977280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.954842091 CEST4434977335.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.954924107 CEST49773443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.956893921 CEST804977234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.957088947 CEST4977280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.958277941 CEST49773443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.958291054 CEST4434977335.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.958565950 CEST4434977335.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.961033106 CEST49773443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.961112022 CEST49773443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.961186886 CEST4434977335.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.961237907 CEST49773443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.963238955 CEST4977880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.964001894 CEST4977480192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.968100071 CEST4434977635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.968198061 CEST49776443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.971267939 CEST49776443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.971278906 CEST4434977635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.971533060 CEST4434977635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.973835945 CEST49776443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.973921061 CEST49776443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.973998070 CEST4434977635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.974054098 CEST49776443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.974235058 CEST804977834.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.974291086 CEST804977434.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.974315882 CEST4977880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.974415064 CEST4977880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.987512112 CEST804977834.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.991178036 CEST4434977535.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.991290092 CEST49775443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.994374990 CEST49775443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.994384050 CEST4434977535.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.994638920 CEST4434977535.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.996910095 CEST49775443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.997041941 CEST49775443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.997042894 CEST4434977535.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.997052908 CEST4434977535.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.997133017 CEST49775443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.017970085 CEST4434977734.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.018088102 CEST49777443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.021332026 CEST49777443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.021346092 CEST4434977734.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.021687984 CEST4434977734.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.023929119 CEST49777443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.024072886 CEST49777443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.024338007 CEST4434977734.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.024404049 CEST49777443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.024503946 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.024549961 CEST4434977934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.024626017 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.024754047 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.024764061 CEST4434977934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.064888954 CEST804977434.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.065813065 CEST4977880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.068308115 CEST4978180192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.073574066 CEST804978134.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.073687077 CEST4978180192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.073837042 CEST4978180192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.081830025 CEST804978134.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.112739086 CEST4977480192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.113805056 CEST804977834.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.357563019 CEST804977834.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.357631922 CEST4977880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.491067886 CEST4434977934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.491164923 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.494504929 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.494523048 CEST4434977934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.494777918 CEST4434977934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.497389078 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.497492075 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.497566938 CEST4434977934.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.497622013 CEST49779443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.499917984 CEST4977480192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.507031918 CEST804977434.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.542681932 CEST804978134.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.583784103 CEST4978180192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.597531080 CEST804977434.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.600204945 CEST4978180192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.607115984 CEST804978134.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.646780968 CEST4977480192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.701638937 CEST804978134.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.741833925 CEST4978180192.168.2.1634.107.221.82

                                                                                                                                                                                                                                                                    UDP Packets

                                                                                                                                                                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:58.510915041 CEST53626981.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:58.531270027 CEST53608651.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.516206026 CEST53611071.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.749181986 CEST4996453192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.749496937 CEST5476753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.769193888 CEST53499641.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.769493103 CEST53547671.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.326376915 CEST5728253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.326591015 CEST6343753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.334542036 CEST53634371.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.344667912 CEST53572821.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:16.443063974 CEST53526301.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:35.299863100 CEST53611011.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:44.110424042 CEST138138192.168.2.16192.168.2.255
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.714713097 CEST5329753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.726262093 CEST53532971.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.727231979 CEST6137253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.741164923 CEST53613721.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.713476896 CEST6018153192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.733316898 CEST6460553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.744029999 CEST53646051.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.745223045 CEST6369753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.757441044 CEST53636971.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.169914961 CEST6454153192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.178149939 CEST53645411.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.181976080 CEST5047953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.190125942 CEST53504791.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.191328049 CEST6362953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.201786041 CEST53636291.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.210370064 CEST5774753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.217259884 CEST53577471.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.218950987 CEST5342353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.229495049 CEST53534231.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.230236053 CEST5415953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.244271994 CEST5880653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.505803108 CEST53541591.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.506650925 CEST6032953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST53588061.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.509444952 CEST6103453192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.510153055 CEST6147853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.517313957 CEST53603291.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518249989 CEST6330453192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST53610341.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518820047 CEST53614781.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.519073963 CEST6154153192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.519810915 CEST6387253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.525515079 CEST53633041.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.525914907 CEST53615411.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.526413918 CEST5985353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.527446032 CEST5533753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.527471066 CEST53638721.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.528162956 CEST4983053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.536226034 CEST53598531.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.536385059 CEST53553371.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.536992073 CEST53498301.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.537120104 CEST5376253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.537791014 CEST5002753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.538167000 CEST5403553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.548104048 CEST53537621.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.549137115 CEST5241453192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.549177885 CEST53500271.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.549187899 CEST53540351.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.549767017 CEST5003253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.550000906 CEST5508953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.556404114 CEST53524141.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.557090998 CEST5394053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.557271957 CEST53550891.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.557547092 CEST53500321.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.567538023 CEST53539401.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.129918098 CEST6238953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.131506920 CEST6415053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.140964985 CEST53623891.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.141010046 CEST53641501.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.144642115 CEST4964753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.148107052 CEST5586953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.155467033 CEST53558691.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.385247946 CEST6183753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.392239094 CEST53618371.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.395402908 CEST6438053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.403767109 CEST53643801.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.398869991 CEST6423753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.406972885 CEST53642371.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.408348083 CEST5754353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.416243076 CEST53575431.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.418572903 CEST5227253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.425748110 CEST53522721.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:56.378532887 CEST6146953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:56.647139072 CEST53574471.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.551116943 CEST6448653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.589857101 CEST53644861.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.592003107 CEST5853653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.614051104 CEST53585361.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.614967108 CEST6014453192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.665920973 CEST53601441.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:58.174762011 CEST53568621.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:58.474250078 CEST53620371.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.727082014 CEST6240753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.742767096 CEST53624071.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.745297909 CEST6319353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.755068064 CEST53631931.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.755819082 CEST6067053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.762248039 CEST5979653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.767883062 CEST53606701.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.774405003 CEST53597961.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.836424112 CEST6428953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.843396902 CEST53642891.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.844160080 CEST6282753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.850668907 CEST53628271.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.374684095 CEST5358353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.384124994 CEST53535831.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:21.240325928 CEST6240653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:21.248373985 CEST53624061.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:27.561981916 CEST53623981.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.696479082 CEST6491453192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.704006910 CEST53649141.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.018933058 CEST6167953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.033535957 CEST53616791.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.484302998 CEST5369353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.492794991 CEST53536931.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.493366003 CEST5779853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.500430107 CEST53577981.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.546998978 CEST6071553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.554657936 CEST53607151.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.555814028 CEST5276553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.563431978 CEST53527651.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.564047098 CEST6532653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.572448015 CEST53653261.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:42.647608042 CEST5342453192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:42.656371117 CEST53534241.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.478565931 CEST4929653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.481807947 CEST5053653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.491482973 CEST53505361.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.494226933 CEST6399853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.501574993 CEST53639981.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.950100899 CEST6082353192.168.2.161.1.1.1

                                                                                                                                                                                                                                                                    DNS Queries

                                                                                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.749181986 CEST192.168.2.161.1.1.10xfcf7Standard query (0)online.nashikproperty.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.749496937 CEST192.168.2.161.1.1.10x1256Standard query (0)online.nashikproperty.com65IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.326376915 CEST192.168.2.161.1.1.10x15fcStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.326591015 CEST192.168.2.161.1.1.10xaeeeStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.714713097 CEST192.168.2.161.1.1.10xc660Standard query (0)prod.classify-client.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.727231979 CEST192.168.2.161.1.1.10x94ceStandard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.713476896 CEST192.168.2.161.1.1.10xf7ddStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.733316898 CEST192.168.2.161.1.1.10x9f8bStandard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.745223045 CEST192.168.2.161.1.1.10xd8b3Standard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.169914961 CEST192.168.2.161.1.1.10x8a78Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.181976080 CEST192.168.2.161.1.1.10xa279Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.191328049 CEST192.168.2.161.1.1.10x299bStandard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.210370064 CEST192.168.2.161.1.1.10xa854Standard query (0)spocs.getpocket.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.218950987 CEST192.168.2.161.1.1.10x91c3Standard query (0)prod.ads.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.230236053 CEST192.168.2.161.1.1.10x63f9Standard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.244271994 CEST192.168.2.161.1.1.10x282Standard query (0)www.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.506650925 CEST192.168.2.161.1.1.10x3b7Standard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.509444952 CEST192.168.2.161.1.1.10x5c71Standard query (0)youtube-ui.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.510153055 CEST192.168.2.161.1.1.10xb5bdStandard query (0)www.wikipedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518249989 CEST192.168.2.161.1.1.10xf147Standard query (0)star-mini.c10r.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.519073963 CEST192.168.2.161.1.1.10xf194Standard query (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.519810915 CEST192.168.2.161.1.1.10x9501Standard query (0)dyna.wikimedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.526413918 CEST192.168.2.161.1.1.10xae8fStandard query (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.527446032 CEST192.168.2.161.1.1.10x31b6Standard query (0)www.reddit.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.528162956 CEST192.168.2.161.1.1.10xd70bStandard query (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.537120104 CEST192.168.2.161.1.1.10x67a6Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.537791014 CEST192.168.2.161.1.1.10x87e8Standard query (0)reddit.map.fastly.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.538167000 CEST192.168.2.161.1.1.10xffbbStandard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.549137115 CEST192.168.2.161.1.1.10x6cfbStandard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.549767017 CEST192.168.2.161.1.1.10x6810Standard query (0)reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.550000906 CEST192.168.2.161.1.1.10xa282Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.557090998 CEST192.168.2.161.1.1.10x903cStandard query (0)twitter.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.129918098 CEST192.168.2.161.1.1.10x8effStandard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.131506920 CEST192.168.2.161.1.1.10x6342Standard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.144642115 CEST192.168.2.161.1.1.10x36b8Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.148107052 CEST192.168.2.161.1.1.10x8824Standard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.385247946 CEST192.168.2.161.1.1.10x19f1Standard query (0)prod.content-signature-chains.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.395402908 CEST192.168.2.161.1.1.10x5f9eStandard query (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.398869991 CEST192.168.2.161.1.1.10xd563Standard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.408348083 CEST192.168.2.161.1.1.10xd3a8Standard query (0)prod.remote-settings.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.418572903 CEST192.168.2.161.1.1.10xa9f7Standard query (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:56.378532887 CEST192.168.2.161.1.1.10x68eaStandard query (0)shavar.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.551116943 CEST192.168.2.161.1.1.10x171cStandard query (0)online.nashikproperty.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.592003107 CEST192.168.2.161.1.1.10x960bStandard query (0)online.nashikproperty.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.614967108 CEST192.168.2.161.1.1.10x650bStandard query (0)online.nashikproperty.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.727082014 CEST192.168.2.161.1.1.10xe623Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.745297909 CEST192.168.2.161.1.1.10xc553Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.755819082 CEST192.168.2.161.1.1.10xd1a0Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.762248039 CEST192.168.2.161.1.1.10xa0acStandard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.836424112 CEST192.168.2.161.1.1.10x8317Standard query (0)telemetry-incoming.r53-2.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.844160080 CEST192.168.2.161.1.1.10xec65Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.374684095 CEST192.168.2.161.1.1.10x9175Standard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:21.240325928 CEST192.168.2.161.1.1.10xf80eStandard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.696479082 CEST192.168.2.161.1.1.10x6d6bStandard query (0)push.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.018933058 CEST192.168.2.161.1.1.10xa934Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.484302998 CEST192.168.2.161.1.1.10xe9c5Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.493366003 CEST192.168.2.161.1.1.10xfb14Standard query (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.546998978 CEST192.168.2.161.1.1.10x7cabStandard query (0)normandy.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.555814028 CEST192.168.2.161.1.1.10x6d8cStandard query (0)normandy-cdn.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.564047098 CEST192.168.2.161.1.1.10xa4cdStandard query (0)normandy-cdn.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:42.647608042 CEST192.168.2.161.1.1.10x505aStandard query (0)normandy-cdn.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.478565931 CEST192.168.2.161.1.1.10x298eStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.481807947 CEST192.168.2.161.1.1.10x9e1cStandard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.494226933 CEST192.168.2.161.1.1.10x9e19Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.950100899 CEST192.168.2.161.1.1.10x8c8aStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                    DNS Answers

                                                                                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:26:59.769193888 CEST1.1.1.1192.168.2.160xfcf7No error (0)online.nashikproperty.com45.61.137.230A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.334542036 CEST1.1.1.1192.168.2.160xaeeeNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:03.344667912 CEST1.1.1.1192.168.2.160x15fcNo error (0)www.google.com142.250.185.164A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.709230900 CEST1.1.1.1192.168.2.160xcde3No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:48.726262093 CEST1.1.1.1192.168.2.160xc660No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.721553087 CEST1.1.1.1192.168.2.160xf7ddNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.721553087 CEST1.1.1.1192.168.2.160xf7ddNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.744029999 CEST1.1.1.1192.168.2.160x9f8bNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.757441044 CEST1.1.1.1192.168.2.160xd8b3No error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.178149939 CEST1.1.1.1192.168.2.160x8a78No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.190125942 CEST1.1.1.1192.168.2.160xa279No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.217259884 CEST1.1.1.1192.168.2.160xa854No error (0)spocs.getpocket.comprod.ads.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.217259884 CEST1.1.1.1192.168.2.160xa854No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.229495049 CEST1.1.1.1192.168.2.160x91c3No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com142.250.184.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com172.217.16.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com216.58.212.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com142.250.186.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com142.250.181.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com142.250.185.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com142.250.74.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com216.58.206.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.508382082 CEST1.1.1.1192.168.2.160x282No error (0)youtube-ui.l.google.com142.250.184.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.509388924 CEST1.1.1.1192.168.2.160xc7b3No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.509388924 CEST1.1.1.1192.168.2.160xc7b3No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.517313957 CEST1.1.1.1192.168.2.160x3b7No error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.517313957 CEST1.1.1.1192.168.2.160x3b7No error (0)star-mini.c10r.facebook.com157.240.0.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com216.58.212.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com142.250.185.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com172.217.16.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com172.217.16.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com142.250.185.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com142.250.186.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com142.250.74.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518476009 CEST1.1.1.1192.168.2.160x5c71No error (0)youtube-ui.l.google.com172.217.18.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518820047 CEST1.1.1.1192.168.2.160xb5bdNo error (0)www.wikipedia.orgdyna.wikimedia.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.518820047 CEST1.1.1.1192.168.2.160xb5bdNo error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.525515079 CEST1.1.1.1192.168.2.160xf147No error (0)star-mini.c10r.facebook.com157.240.253.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.525914907 CEST1.1.1.1192.168.2.160xf194No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.525914907 CEST1.1.1.1192.168.2.160xf194No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.525914907 CEST1.1.1.1192.168.2.160xf194No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.525914907 CEST1.1.1.1192.168.2.160xf194No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.527471066 CEST1.1.1.1192.168.2.160x9501No error (0)dyna.wikimedia.org185.15.59.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.536226034 CEST1.1.1.1192.168.2.160xae8fNo error (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.536385059 CEST1.1.1.1192.168.2.160x31b6No error (0)www.reddit.comreddit.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.536385059 CEST1.1.1.1192.168.2.160x31b6No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.536385059 CEST1.1.1.1192.168.2.160x31b6No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.536385059 CEST1.1.1.1192.168.2.160x31b6No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.536385059 CEST1.1.1.1192.168.2.160x31b6No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.536992073 CEST1.1.1.1192.168.2.160xd70bNo error (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.548104048 CEST1.1.1.1192.168.2.160x67a6No error (0)twitter.com104.244.42.65A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.549177885 CEST1.1.1.1192.168.2.160x87e8No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.549177885 CEST1.1.1.1192.168.2.160x87e8No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.549177885 CEST1.1.1.1192.168.2.160x87e8No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.549177885 CEST1.1.1.1192.168.2.160x87e8No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.549187899 CEST1.1.1.1192.168.2.160xffbbNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.556404114 CEST1.1.1.1192.168.2.160x6cfbNo error (0)twitter.com104.244.42.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.140964985 CEST1.1.1.1192.168.2.160x8effNo error (0)example.org93.184.215.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.141010046 CEST1.1.1.1192.168.2.160x6342No error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.141010046 CEST1.1.1.1192.168.2.160x6342No error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.154170990 CEST1.1.1.1192.168.2.160x36b8No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.154170990 CEST1.1.1.1192.168.2.160x36b8No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.155467033 CEST1.1.1.1192.168.2.160x8824No error (0)content-signature-2.cdn.mozilla.netcontent-signature-chains.prod.autograph.services.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.155467033 CEST1.1.1.1192.168.2.160x8824No error (0)content-signature-chains.prod.autograph.services.mozaws.netprod.content-signature-chains.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.155467033 CEST1.1.1.1192.168.2.160x8824No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.392239094 CEST1.1.1.1192.168.2.160x19f1No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.403767109 CEST1.1.1.1192.168.2.160x5f9eNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.406972885 CEST1.1.1.1192.168.2.160xd563No error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.406972885 CEST1.1.1.1192.168.2.160xd563No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.416243076 CEST1.1.1.1192.168.2.160xd3a8No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:56.386117935 CEST1.1.1.1192.168.2.160x68eaNo error (0)shavar.services.mozilla.comshavar.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.589857101 CEST1.1.1.1192.168.2.160x171cNo error (0)online.nashikproperty.com45.61.137.230A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.614051104 CEST1.1.1.1192.168.2.160x960bNo error (0)online.nashikproperty.com45.61.137.230A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.742767096 CEST1.1.1.1192.168.2.160xe623No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.755068064 CEST1.1.1.1192.168.2.160xc553No error (0)push.services.mozilla.com34.107.243.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.760689974 CEST1.1.1.1192.168.2.160x634fNo error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.760689974 CEST1.1.1.1192.168.2.160x634fNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.835100889 CEST1.1.1.1192.168.2.160xe44fNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.843396902 CEST1.1.1.1192.168.2.160x8317No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.180068970 CEST1.1.1.1192.168.2.160x4e11No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:20.517699957 CEST1.1.1.1192.168.2.160xaee8No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:20.517699957 CEST1.1.1.1192.168.2.160xaee8No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.033535957 CEST1.1.1.1192.168.2.160xa934No error (0)services.addons.mozilla.org52.222.236.23A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.033535957 CEST1.1.1.1192.168.2.160xa934No error (0)services.addons.mozilla.org52.222.236.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.033535957 CEST1.1.1.1192.168.2.160xa934No error (0)services.addons.mozilla.org52.222.236.48A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.033535957 CEST1.1.1.1192.168.2.160xa934No error (0)services.addons.mozilla.org52.222.236.80A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.492794991 CEST1.1.1.1192.168.2.160xe9c5No error (0)services.addons.mozilla.org52.222.236.80A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.492794991 CEST1.1.1.1192.168.2.160xe9c5No error (0)services.addons.mozilla.org52.222.236.23A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.492794991 CEST1.1.1.1192.168.2.160xe9c5No error (0)services.addons.mozilla.org52.222.236.48A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.492794991 CEST1.1.1.1192.168.2.160xe9c5No error (0)services.addons.mozilla.org52.222.236.120A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.554657936 CEST1.1.1.1192.168.2.160x7cabNo error (0)normandy.cdn.mozilla.netnormandy-cdn.services.mozilla.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.554657936 CEST1.1.1.1192.168.2.160x7cabNo error (0)normandy-cdn.services.mozilla.com35.201.103.21A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.563431978 CEST1.1.1.1192.168.2.160x6d8cNo error (0)normandy-cdn.services.mozilla.com35.201.103.21A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:42.656371117 CEST1.1.1.1192.168.2.160x505aNo error (0)normandy-cdn.services.mozilla.com35.201.103.21A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.486785889 CEST1.1.1.1192.168.2.160x298eNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.486785889 CEST1.1.1.1192.168.2.160x298eNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.491482973 CEST1.1.1.1192.168.2.160x9e1cNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.962449074 CEST1.1.1.1192.168.2.160x8c8aNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.962449074 CEST1.1.1.1192.168.2.160x8c8aNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.066251040 CEST1.1.1.1192.168.2.160xa9ebNo error (0)a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.coma17.rackcdn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.066251040 CEST1.1.1.1192.168.2.160xa9ebNo error (0)a17.rackcdn.coma17.rackcdn.com.mdc.edgesuite.netCNAME (Canonical name)IN (0x0001)false

                                                                                                                                                                                                                                                                    HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                    • slscr.update.microsoft.com
                                                                                                                                                                                                                                                                    • www.google.com
                                                                                                                                                                                                                                                                    • login.live.com
                                                                                                                                                                                                                                                                    • www.bing.com
                                                                                                                                                                                                                                                                    • detectportal.firefox.com

                                                                                                                                                                                                                                                                    HTTP Packets

                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                    0192.168.2.164972834.107.221.82806972C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:50.764952898 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.503581047 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:49:48 GMT
                                                                                                                                                                                                                                                                    Age: 20283
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:51.505754948 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:49:48 GMT
                                                                                                                                                                                                                                                                    Age: 20283
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                    1192.168.2.164973534.107.221.82806972C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.383625984 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.619780064 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21277
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.326606989 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.424458981 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21279
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.566489935 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.664670944 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21279
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.265376091 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:57.360342026 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21281
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.700757027 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.803544044 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21288
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.274219036 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:09.371146917 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21293
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.280735016 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.375016928 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21295
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.621176004 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.716169119 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21296
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:16.060286045 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:16.174913883 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21300
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:17.941557884 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:18.288453102 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21302
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.289721966 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.486371994 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.581330061 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21314
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:40.582783937 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:50.593749046 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                    Data Ascii:


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                    2192.168.2.164973634.107.221.82806972C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.383837938 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:53.617533922 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66673
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.332847118 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:55.430032015 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66675
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:56.297723055 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:56.622083902 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66676
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:27:56.630877018 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66676
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.441653967 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:04.536361933 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66684
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.769073963 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:08.924942017 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66688
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.164835930 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.264919043 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66691
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:11.966181993 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:12.268029928 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66692
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.367091894 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:14.466773033 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66694
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:16.062980890 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:16.175429106 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66696
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:26.186722994 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.637370110 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:28.732904911 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66708
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.544833899 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:30.638664007 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66710
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:40.644723892 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:50.656773090 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                    Data Ascii:


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                    3192.168.2.164977234.107.221.8280
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.484939098 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.954231977 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21336
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                    4192.168.2.164977434.107.221.8280
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.490890026 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.947098970 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66732
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.964001894 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.064888954 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66733
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.499917984 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.597531080 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 90
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Thu, 03 Oct 2024 19:56:40 GMT
                                                                                                                                                                                                                                                                    Age: 66733
                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                    Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                    5192.168.2.164977834.107.221.8280
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:52.974415064 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                    6192.168.2.164978134.107.221.8280
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.073837042 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.542681932 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21337
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.600204945 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                    Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Oct 4, 2024 16:28:53.701638937 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                    Content-Length: 8
                                                                                                                                                                                                                                                                    Via: 1.1 google
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 08:33:16 GMT
                                                                                                                                                                                                                                                                    Age: 21337
                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                    Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                    Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                    Data Ascii: success


                                                                                                                                                                                                                                                                    HTTPS Proxied Packets

                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                    0192.168.2.16497074.245.163.56443
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    2024-10-04 14:27:04 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=rYohnPkDkrRVwL8&MD=OA4lgLhz HTTP/1.1
                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                    Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                    2024-10-04 14:27:04 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                    Expires: -1
                                                                                                                                                                                                                                                                    Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                    ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                                                                                                                                                                    MS-CorrelationId: 6077106b-fb22-4ae3-a325-64105682c8a0
                                                                                                                                                                                                                                                                    MS-RequestId: 984c0c3b-711b-4d45-b17e-545baf4dd628
                                                                                                                                                                                                                                                                    MS-CV: V7Vya78Xb0WbFWnp.0
                                                                                                                                                                                                                                                                    X-Microsoft-SLSClientCache: 2880
                                                                                                                                                                                                                                                                    Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 14:27:03 GMT
                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                    Content-Length: 24490
                                                                                                                                                                                                                                                                    2024-10-04 14:27:04 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                                                                                                                                                                    Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                                                                                                                                                                    2024-10-04 14:27:04 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                                                                                                                                                                    Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                    1192.168.2.1649713142.250.185.1644436296C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    2024-10-04 14:27:35 UTC683OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fonline.nashikproperty.&oit=3&cp=30&pgcl=4&gs_rn=42&psi=Ry3v2W9Io9_oTcQX&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                                                                                                                                                                                                                                                                    Host: www.google.com
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX
                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                    2024-10-04 14:27:35 UTC1266INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 14:27:35 GMT
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Expires: -1
                                                                                                                                                                                                                                                                    Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                    Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                    Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-4trupmqAtT-ikxmOq10cwA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                                                                                                                                                                                                                                                    Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                    Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                    Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                    Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                    Server: gws
                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                    Accept-Ranges: none
                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                    2024-10-04 14:27:35 UTC124INData Raw: 32 33 31 0d 0a 29 5d 7d 27 0a 5b 22 68 74 74 70 73 3a 2f 2f 6f 6e 6c 69 6e 65 2e 6e 61 73 68 69 6b 70 72 6f 70 65 72 74 79 2e 22 2c 5b 22 68 74 74 70 73 20 2f 2f 6f 6e 6c 69 6e 65 2e 6e 61 73 68 69 6b 70 72 6f 70 65 72 74 79 2e 63 6f 6d 22 2c 22 68 74 74 70 73 20 2f 2f 6f 6e 6c 69 6e 65 2e 6e 61 73 68 69 6b 70 72 6f 70 65 72 74 79 2e 63 6f 6d 20 6c 6f 67 69 6e 22 2c 22
                                                                                                                                                                                                                                                                    Data Ascii: 231)]}'["https://online.nashikproperty.",["https //online.nashikproperty.com","https //online.nashikproperty.com login","
                                                                                                                                                                                                                                                                    2024-10-04 14:27:35 UTC444INData Raw: 68 74 74 70 73 20 2f 2f 6f 6e 6c 69 6e 65 2e 6e 61 73 68 69 6b 70 72 6f 70 65 72 74 79 2e 6f 72 67 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a 66 61 6c 73 65 7d 2c 22 67 6f 6f 67 6c 65 3a 73 75 67 67 65 73 74 64 65 74 61 69 6c 22 3a 5b 7b 22 6d 70 22 3a 22 5c 75 32 30 32 36 20 22 2c 22 74 22 3a 22 2f 2f 6f 6e 6c 69 6e 65 2e 6e 61 73 68 69 6b 70 72 6f 70 65 72 74 79 2e 63 6f 6d 22 7d 2c 7b 22 6d 70 22 3a 22 5c 75 32 30 32 36 20 22 2c 22 74 22 3a 22 2f 2f 6f 6e 6c 69 6e 65 2e 6e 61 73 68 69 6b 70 72 6f 70 65 72 74 79 2e 63 6f 6d 20 6c 6f 67 69 6e 22 7d 2c 7b 22 6d 70 22 3a 22 5c 75 32 30 32 36 20 22 2c 22 74 22 3a 22 2f 2f 6f 6e 6c
                                                                                                                                                                                                                                                                    Data Ascii: https //online.nashikproperty.org"],["","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestdetail":[{"mp":"\u2026 ","t":"//online.nashikproperty.com"},{"mp":"\u2026 ","t":"//online.nashikproperty.com login"},{"mp":"\u2026 ","t":"//onl
                                                                                                                                                                                                                                                                    2024-10-04 14:27:35 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                    2192.168.2.1649714142.250.185.1644436296C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    2024-10-04 14:27:36 UTC684OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fonline.nashikproperty.c&oit=3&cp=31&pgcl=4&gs_rn=42&psi=Ry3v2W9Io9_oTcQX&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                                                                                                                                                                                                                                                                    Host: www.google.com
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX
                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                    2024-10-04 14:27:36 UTC1266INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 14:27:36 GMT
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Expires: -1
                                                                                                                                                                                                                                                                    Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                    Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                    Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-idaFxXS8sp88gvOSkUC3uQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                                                                                                                                                                                                                                                    Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                    Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                    Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                    Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                    Server: gws
                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                    Accept-Ranges: none
                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                    2024-10-04 14:27:36 UTC124INData Raw: 32 33 36 0d 0a 29 5d 7d 27 0a 5b 22 68 74 74 70 73 3a 2f 2f 6f 6e 6c 69 6e 65 2e 6e 61 73 68 69 6b 70 72 6f 70 65 72 74 79 2e 63 22 2c 5b 22 68 74 74 70 73 20 2f 2f 6f 6e 6c 69 6e 65 2e 6e 61 73 68 69 6b 70 72 6f 70 65 72 74 79 2e 63 6f 6d 22 2c 22 68 74 74 70 73 20 2f 2f 6f 6e 6c 69 6e 65 2e 6e 61 73 68 69 6b 70 72 6f 70 65 72 74 79 2e 63 6f 6d 20 6c 6f 67 69 6e 22 2c
                                                                                                                                                                                                                                                                    Data Ascii: 236)]}'["https://online.nashikproperty.c",["https //online.nashikproperty.com","https //online.nashikproperty.com login",
                                                                                                                                                                                                                                                                    2024-10-04 14:27:36 UTC449INData Raw: 22 68 74 74 70 73 20 2f 2f 6f 6e 6c 69 6e 65 2e 6e 61 73 68 69 6b 70 72 6f 70 65 72 74 79 2e 63 6f 2e 69 6e 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a 66 61 6c 73 65 7d 2c 22 67 6f 6f 67 6c 65 3a 73 75 67 67 65 73 74 64 65 74 61 69 6c 22 3a 5b 7b 22 6d 70 22 3a 22 5c 75 32 30 32 36 20 22 2c 22 74 22 3a 22 2f 2f 6f 6e 6c 69 6e 65 2e 6e 61 73 68 69 6b 70 72 6f 70 65 72 74 79 2e 63 6f 6d 22 7d 2c 7b 22 6d 70 22 3a 22 5c 75 32 30 32 36 20 22 2c 22 74 22 3a 22 2f 2f 6f 6e 6c 69 6e 65 2e 6e 61 73 68 69 6b 70 72 6f 70 65 72 74 79 2e 63 6f 6d 20 6c 6f 67 69 6e 22 7d 2c 7b 22 6d 70 22 3a 22 5c 75 32 30 32 36 20 22 2c 22 74 22 3a 22 2f 2f
                                                                                                                                                                                                                                                                    Data Ascii: "https //online.nashikproperty.co.in"],["","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:suggestdetail":[{"mp":"\u2026 ","t":"//online.nashikproperty.com"},{"mp":"\u2026 ","t":"//online.nashikproperty.com login"},{"mp":"\u2026 ","t":"//
                                                                                                                                                                                                                                                                    2024-10-04 14:27:36 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                    3192.168.2.1649715142.250.185.1644436296C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    2024-10-04 14:27:38 UTC686OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Fonline.nashikproperty.com&oit=3&cp=33&pgcl=4&gs_rn=42&psi=Ry3v2W9Io9_oTcQX&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                                                                                                                                                                                                                                                                    Host: www.google.com
                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                    X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX
                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                    2024-10-04 14:27:38 UTC1266INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 14:27:38 GMT
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Expires: -1
                                                                                                                                                                                                                                                                    Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                    Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                    Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-YsXgWDDnw-bC2KfCcnMK5Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                                                                                                                                                                                                                                                    Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                    Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                    Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                    Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                    Server: gws
                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                    Accept-Ranges: none
                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                    2024-10-04 14:27:38 UTC124INData Raw: 39 39 0d 0a 29 5d 7d 27 0a 5b 22 68 74 74 70 73 3a 2f 2f 6f 6e 6c 69 6e 65 2e 6e 61 73 68 69 6b 70 72 6f 70 65 72 74 79 2e 63 6f 6d 22 2c 5b 5d 2c 5b 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a 74 72 75 65 7d 2c 22 67 6f 6f 67 6c 65 3a 73 75 67 67 65 73 74 74 79 70 65 22 3a 5b 5d
                                                                                                                                                                                                                                                                    Data Ascii: 99)]}'["https://online.nashikproperty.com",[],[],[],{"google:clientdata":{"bpc":false,"tlw":true},"google:suggesttype":[]
                                                                                                                                                                                                                                                                    2024-10-04 14:27:38 UTC35INData Raw: 2c 22 67 6f 6f 67 6c 65 3a 76 65 72 62 61 74 69 6d 72 65 6c 65 76 61 6e 63 65 22 3a 38 35 31 7d 5d 0d 0a
                                                                                                                                                                                                                                                                    Data Ascii: ,"google:verbatimrelevance":851}]
                                                                                                                                                                                                                                                                    2024-10-04 14:27:38 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                    4192.168.2.164971720.109.210.53443
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    2024-10-04 14:27:41 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=rYohnPkDkrRVwL8&MD=OA4lgLhz HTTP/1.1
                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                    Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                    2024-10-04 14:27:41 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                    Expires: -1
                                                                                                                                                                                                                                                                    Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                    ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                                                                                                                                                                                                                                    MS-CorrelationId: b41d43cb-8ca0-4b75-9ce5-01d8aa56b09d
                                                                                                                                                                                                                                                                    MS-RequestId: 59910f97-858f-466b-bc4f-43eb14b13465
                                                                                                                                                                                                                                                                    MS-CV: 9SFqmk71tEKD5+TX.0
                                                                                                                                                                                                                                                                    X-Microsoft-SLSClientCache: 1440
                                                                                                                                                                                                                                                                    Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 14:27:41 GMT
                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                    Content-Length: 30005
                                                                                                                                                                                                                                                                    2024-10-04 14:27:41 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                                                                                                                                                                                                                                    Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                                                                                                                                                                                                                                    2024-10-04 14:27:41 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                                                                                                                                                                                                                                    Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                    5192.168.2.164971820.190.160.17443
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    2024-10-04 14:27:45 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                    Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                    Content-Length: 3592
                                                                                                                                                                                                                                                                    Host: login.live.com
                                                                                                                                                                                                                                                                    2024-10-04 14:27:45 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                    Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                    2024-10-04 14:27:45 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                    Expires: Fri, 04 Oct 2024 14:26:45 GMT
                                                                                                                                                                                                                                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                    x-ms-route-info: C538_BAY
                                                                                                                                                                                                                                                                    x-ms-request-id: fa78bdce-766e-4479-9512-bd30226b6ba7
                                                                                                                                                                                                                                                                    PPServer: PPV: 30 H: PH1PEPF0001B72E V: 0
                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 14:27:44 GMT
                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                    Content-Length: 11389
                                                                                                                                                                                                                                                                    2024-10-04 14:27:45 UTC11389INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                    6192.168.2.164971920.190.160.17443
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    2024-10-04 14:27:46 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                    Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                    Content-Length: 3592
                                                                                                                                                                                                                                                                    Host: login.live.com
                                                                                                                                                                                                                                                                    2024-10-04 14:27:46 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                    Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                    2024-10-04 14:27:47 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                    Expires: Fri, 04 Oct 2024 14:26:46 GMT
                                                                                                                                                                                                                                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                    x-ms-route-info: C538_SN1
                                                                                                                                                                                                                                                                    x-ms-request-id: bccaac4f-57ad-43fd-9d9f-d822574c29c0
                                                                                                                                                                                                                                                                    PPServer: PPV: 30 H: SN1PEPF0002F1A6 V: 0
                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 14:27:46 GMT
                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                    Content-Length: 11389
                                                                                                                                                                                                                                                                    2024-10-04 14:27:47 UTC11389INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                    7192.168.2.164972020.190.160.17443
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    2024-10-04 14:27:48 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                    Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                    Content-Length: 4775
                                                                                                                                                                                                                                                                    Host: login.live.com
                                                                                                                                                                                                                                                                    2024-10-04 14:27:48 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                    Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                    2024-10-04 14:27:48 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                    Expires: Fri, 04 Oct 2024 14:26:48 GMT
                                                                                                                                                                                                                                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                    x-ms-route-info: C538_BAY
                                                                                                                                                                                                                                                                    x-ms-request-id: 58cd5a35-6e8e-4b5c-afb9-6b88ebf2c3f6
                                                                                                                                                                                                                                                                    PPServer: PPV: 30 H: PH1PEPF00011F16 V: 0
                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 14:27:47 GMT
                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                    Content-Length: 11409
                                                                                                                                                                                                                                                                    2024-10-04 14:27:48 UTC11409INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                    8192.168.2.164972520.190.160.17443
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    2024-10-04 14:27:49 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                    Content-Type: application/soap+xml
                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                                                                                                                                                    Content-Length: 4828
                                                                                                                                                                                                                                                                    Host: login.live.com
                                                                                                                                                                                                                                                                    2024-10-04 14:27:49 UTC4828OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                                                                                                                                                    Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                                                                                                                                                    2024-10-04 14:27:49 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                    Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                                                                                                                                                    Expires: Fri, 04 Oct 2024 14:26:49 GMT
                                                                                                                                                                                                                                                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                                                                                                                                                    Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                    x-ms-route-info: C538_BAY
                                                                                                                                                                                                                                                                    x-ms-request-id: a934ba4f-c717-49ac-bb12-08317bc208bd
                                                                                                                                                                                                                                                                    PPServer: PPV: 30 H: PH1PEPF00011EDC V: 0
                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 14:27:48 GMT
                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                    Content-Length: 11177
                                                                                                                                                                                                                                                                    2024-10-04 14:27:49 UTC11177INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                                                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                    9192.168.2.16497272.23.209.141443
                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                    2024-10-04 14:27:50 UTC2691OUTGET /client/config?cc=CH&setlang=en-CH HTTP/1.1
                                                                                                                                                                                                                                                                    X-Search-CortanaAvailableCapabilities: None
                                                                                                                                                                                                                                                                    X-Search-SafeSearch: Moderate
                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                    X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                                                                                                                                                                                    X-UserAgeClass: Unknown
                                                                                                                                                                                                                                                                    X-BM-Market: CH
                                                                                                                                                                                                                                                                    X-BM-DateFormat: dd/MM/yyyy
                                                                                                                                                                                                                                                                    X-Device-OSSKU: 48
                                                                                                                                                                                                                                                                    X-BM-DTZ: -240
                                                                                                                                                                                                                                                                    X-DeviceID: 01000A4109009A83
                                                                                                                                                                                                                                                                    X-BM-WindowsFlights: FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124117A5,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E,FX:12CDE644,FX:12D1574C,FX:12D281C4,FX:12E8312D,FX:12E85C75
                                                                                                                                                                                                                                                                    X-Search-TimeZone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard Time
                                                                                                                                                                                                                                                                    X-BM-Theme: 000000;0078d7
                                                                                                                                                                                                                                                                    X-Search-RPSToken: t%3DEwDoAkR8BAAUcvamItSE/vUHpyZRp3BeyOJPQDsAAbtR7UFEaozBIEJX6VrbRbCGnNmyCQwp9yKJHH7qSyI92pw2z0hnEDCGOhnCN9kvTVmV0QU4oAU8f1mXUwwFsgU0bbomXnstfeAOIeD7glo0dtDh6K6RqrcHkGtnWay9eLNjtnuNhQGdhLi/OJCkpavaiJ27FLmBkTsF44wfBuzSWXPAYe0DJgpj/YMFq0euOtRmZ%2BF4FUr7gcDHKaRwHMlYvTGwy4DSGmgoBu3nhl7ElykaLrN5cb%2BzU79Kr9uoN7cJLfCX6ecSeLjQe%2BCR8bsT/NOvMy%2BB6FkXmLem%2B8M6mpYOXwF5pT0zgISElPMK9qNPTgfmlrguZ%2BPtx3b5FJAQZgAAEPGraoIT2Tmu5kB97hv9vzuwAUChfxkiIzc4rTQ7JonfRy6hw/x910NOoHVQMDTF7DthJsngyeRfjvyVfWS35DEYQLwSkN4X1PNXFUHg3IpQuhJfM5TCzTey7ZV4ewJgA3FbDYUtrmcVfCwjwipEgbJKJOHbp/00Iy5Coj35yamXV6jJqK98523w2lZSpIPAWISWPfJhv5uMoCPMWGrqRJWoqisNT9E%2BqYPRtMnwDPkKqKfgJ58P44DfvfRPIZQFO4LgrYZE78/wf3hIqeSzjUcHKeh%2BnXwJPH2n5jeMaCgYP5UU1/Bb62r7oF96lKnArZfOaqwzWbWEhEeZESDamqh3GaihDnfaEHlT9sa6ZwJgOqAgVDHmB0tGOxe7H0%2B71TdB9pMGGK/ztLLRzbNondozpRvkbQZMngZvQzFCRmCKcVGX/Ki2kz1UzkpZD%2BZiwQS%2B7fsLIDGij9TuzF%2B3JM7VfCp1au1UhXRfGn1QlvDVeScfwGKU7V%2BSQiezAWNDt0OHZydWCXOxiqCKSQY8j1Eg/Gi/cmnvnLhGVsB6fGesPRY9qzIuwrSl297yb8wbgq7gTRaq047 [TRUNCATED]
                                                                                                                                                                                                                                                                    X-Agent-DeviceId: 01000A4109009A83
                                                                                                                                                                                                                                                                    X-BM-CBT: 1728052063
                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                    X-Device-isOptin: false
                                                                                                                                                                                                                                                                    Accept-language: en-GB, en, en-US
                                                                                                                                                                                                                                                                    X-Device-Touch: false
                                                                                                                                                                                                                                                                    X-Device-ClientSession: 2518293977DE49719FE37D8556719A11
                                                                                                                                                                                                                                                                    X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                                                                                                                                                                                    Host: www.bing.com
                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                    Cookie: SRCHUID=V=2&GUID=E0DD87A720F84B6F91D233EB006F66A1&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20240207; SRCHHPGUSR=SRCHLANG=de&HV=1707317784&IPMH=3a628620&IPMID=1707317755885; MUID=5047E5942BB2460EA35B53CCF78DDB3D; MUIDB=5047E5942BB2460EA35B53CCF78DDB3D
                                                                                                                                                                                                                                                                    2024-10-04 14:27:50 UTC1320INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                    Content-Length: 2215
                                                                                                                                                                                                                                                                    Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                    Cache-Control: private
                                                                                                                                                                                                                                                                    X-EventID: 66fffb667f6644418ce74231adf1b171
                                                                                                                                                                                                                                                                    X-AS-SetSessionMarket: de-ch
                                                                                                                                                                                                                                                                    UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                    P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                                                                                                                                                                                                                                    Date: Fri, 04 Oct 2024 14:27:50 GMT
                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                    Set-Cookie: _EDGE_S=SID=11DC213A4BD96F2A33CE34344A566EC7&mkt=de-ch; domain=.bing.com; path=/; HttpOnly
                                                                                                                                                                                                                                                                    Set-Cookie: SRCHHPGUSR=SRCHLANG=en&HV=1707317784&IPMH=3a628620&IPMID=1707317755885; domain=.bing.com; expires=Wed, 29-Oct-2025 14:27:50 GMT; path=/; secure; SameSite=None
                                                                                                                                                                                                                                                                    Set-Cookie: ANON=A=6167974D1A7C78361D9CC53BFFFFFFFF; domain=.bing.com; expires=Wed, 29-Oct-2025 14:27:50 GMT; path=/; secure; SameSite=None
                                                                                                                                                                                                                                                                    Set-Cookie: WLS=C=0000000000000000&N=; domain=.bing.com; path=/; secure; SameSite=None
                                                                                                                                                                                                                                                                    Set-Cookie: _SS=SID=11DC213A4BD96F2A33CE34344A566EC7; domain=.bing.com; path=/; secure; SameSite=None
                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                    X-CDN-TraceID: 0.30d01702.1728052070.1a021f62
                                                                                                                                                                                                                                                                    2024-10-04 14:27:50 UTC2215INData Raw: 7b 22 76 65 72 73 69 6f 6e 22 3a 31 2c 22 63 6f 6e 66 69 67 22 3a 7b 22 46 65 61 74 75 72 65 43 6f 6e 66 69 67 22 3a 7b 22 53 65 61 72 63 68 42 6f 78 49 62 65 61 6d 50 6f 69 6e 74 65 72 4f 6e 48 6f 76 65 72 22 3a 7b 22 76 61 6c 75 65 22 3a 74 72 75 65 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 53 68 6f 77 53 65 61 72 63 68 47 6c 79 70 68 4c 65 66 74 4f 66 53 65 61 72 63 68 42 6f 78 22 3a 7b 22 76 61 6c 75 65 22 3a 74 72 75 65 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 53 65 61 72 63 68 42 6f 78 55 73 65 53 65 61 72 63 68 49 63 6f 6e 41 74 52 65 73 74 22 3a 7b 22 76 61 6c 75 65 22 3a 66 61 6c 73 65 2c 22 66 65 61 74 75 72 65 22 3a 22 22 7d 2c 22 53 65 61 72 63 68 42 75 74 74 6f 6e 55 73 65 53 65 61 72 63 68 49 63 6f 6e 22 3a 7b 22 76 61 6c 75 65
                                                                                                                                                                                                                                                                    Data Ascii: {"version":1,"config":{"FeatureConfig":{"SearchBoxIbeamPointerOnHover":{"value":true,"feature":""},"ShowSearchGlyphLeftOfSearchBox":{"value":true,"feature":""},"SearchBoxUseSearchIconAtRest":{"value":false,"feature":""},"SearchButtonUseSearchIcon":{"value


                                                                                                                                                                                                                                                                    Statistics

                                                                                                                                                                                                                                                                    CPU Usage

                                                                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                                                                    Memory Usage

                                                                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                                                                    High Level Behavior Distribution

                                                                                                                                                                                                                                                                    Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                    Behavior

                                                                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                                                                    System Behavior

                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                    Target ID:0
                                                                                                                                                                                                                                                                    Start time:10:26:56
                                                                                                                                                                                                                                                                    Start date:04/10/2024
                                                                                                                                                                                                                                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                                                                                                                                                                                                                                                    Imagebase:0x7ff7f9810000
                                                                                                                                                                                                                                                                    File size:3'242'272 bytes
                                                                                                                                                                                                                                                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                    Target ID:1
                                                                                                                                                                                                                                                                    Start time:10:26:57
                                                                                                                                                                                                                                                                    Start date:04/10/2024
                                                                                                                                                                                                                                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1944,i,17965116177562204563,11030053410015879069,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                                                    Imagebase:0x7ff7f9810000
                                                                                                                                                                                                                                                                    File size:3'242'272 bytes
                                                                                                                                                                                                                                                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                    Target ID:2
                                                                                                                                                                                                                                                                    Start time:10:26:58
                                                                                                                                                                                                                                                                    Start date:04/10/2024
                                                                                                                                                                                                                                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://online.nashikproperty.com/?zn1YPM=Ppj"
                                                                                                                                                                                                                                                                    Imagebase:0x7ff7f9810000
                                                                                                                                                                                                                                                                    File size:3'242'272 bytes
                                                                                                                                                                                                                                                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                    Target ID:11
                                                                                                                                                                                                                                                                    Start time:10:27:45
                                                                                                                                                                                                                                                                    Start date:04/10/2024
                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe"
                                                                                                                                                                                                                                                                    Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                    Target ID:12
                                                                                                                                                                                                                                                                    Start time:10:27:45
                                                                                                                                                                                                                                                                    Start date:04/10/2024
                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe"
                                                                                                                                                                                                                                                                    Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                    Target ID:13
                                                                                                                                                                                                                                                                    Start time:10:27:46
                                                                                                                                                                                                                                                                    Start date:04/10/2024
                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2288 -parentBuildID 20230927232528 -prefsHandle 2232 -prefMapHandle 2224 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {68759cd2-86d7-430c-bb58-ab48e34e1765} 6972 "\\.\pipe\gecko-crash-server-pipe.6972" 218ff86d910 socket
                                                                                                                                                                                                                                                                    Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                    Target ID:14
                                                                                                                                                                                                                                                                    Start time:10:27:48
                                                                                                                                                                                                                                                                    Start date:04/10/2024
                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4028 -parentBuildID 20230927232528 -prefsHandle 4020 -prefMapHandle 768 -prefsLen 25481 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {56561f6d-b6e1-445b-8d70-cce5381dc73d} 6972 "\\.\pipe\gecko-crash-server-pipe.6972" 21891a17810 rdd
                                                                                                                                                                                                                                                                    Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                    Target ID:15
                                                                                                                                                                                                                                                                    Start time:10:28:08
                                                                                                                                                                                                                                                                    Start date:04/10/2024
                                                                                                                                                                                                                                                                    Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5224 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5220 -prefMapHandle 5208 -prefsLen 33172 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3054c5d8-abdb-4a6f-917c-54892363bd7b} 6972 "\\.\pipe\gecko-crash-server-pipe.6972" 2188f638b10 utility
                                                                                                                                                                                                                                                                    Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                    File size:676'768 bytes
                                                                                                                                                                                                                                                                    MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                    Disassembly

                                                                                                                                                                                                                                                                    Reset < >

                                                                                                                                                                                                                                                                      Execution Graph

                                                                                                                                                                                                                                                                      Execution Coverage:0.3%
                                                                                                                                                                                                                                                                      Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                      Signature Coverage:100%
                                                                                                                                                                                                                                                                      Total number of Nodes:6
                                                                                                                                                                                                                                                                      Total number of Limit Nodes:0
                                                                                                                                                                                                                                                                      execution_graph 5006 1a9cde27f77 5007 1a9cde27f87 NtQuerySystemInformation 5006->5007 5008 1a9cde27f24 5007->5008 5009 1a9cde43b32 5010 1a9cde43b89 NtQuerySystemInformation 5009->5010 5011 1a9cde41f04 5009->5011 5010->5011

                                                                                                                                                                                                                                                                      Callgraph

                                                                                                                                                                                                                                                                      Executed Functions

                                                                                                                                                                                                                                                                      Function 000001A9CDE43B32 Relevance: 26.1, APIs: 1, Strings: 10, Instructions: 6826nativeCOMMON
                                                                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                                                                      APIs
                                                                                                                                                                                                                                                                      Strings
                                                                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                                                                      • Source File: 0000000E.00000002.2385833282.000001A9CDE41000.00000020.00000001.00020000.00000000.sdmp, Offset: 000001A9CDE41000, based on PE: false
                                                                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                      • Snapshot File: hcaresult_14_2_1a9cde41000_firefox.jbxd
                                                                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                                                                      • API ID: InformationQuerySystem
                                                                                                                                                                                                                                                                      • String ID: #$#$#$4$>$>$>$A$z$z
                                                                                                                                                                                                                                                                      • API String ID: 3562636166-3072146587
                                                                                                                                                                                                                                                                      • Opcode ID: a7beeb6ed6d4bd1c13836e24e4a4bf8602c8d7752103ee20adf8d6ea9f6b849f
                                                                                                                                                                                                                                                                      • Instruction ID: fb1b3994d053c0c23400fc8fa34a2027f61819a798fb26954afd635893ec9c53
                                                                                                                                                                                                                                                                      • Opcode Fuzzy Hash: a7beeb6ed6d4bd1c13836e24e4a4bf8602c8d7752103ee20adf8d6ea9f6b849f
                                                                                                                                                                                                                                                                      • Instruction Fuzzy Hash: B8A3F531718E498BDB2DDF68DC856E973E5FB89310F14422ED84AC7245DE34EA468BC2
                                                                                                                                                                                                                                                                      Function 000001A9CDE27F77 Relevance: 8.4, APIs: 1, Instructions: 6852nativeCOMMON
                                                                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                                                                      APIs
                                                                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                                                                      • Source File: 0000000E.00000002.2384437706.000001A9CDE24000.00000020.00000001.00020000.00000000.sdmp, Offset: 000001A9CDE24000, based on PE: false
                                                                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                      • Snapshot File: hcaresult_14_2_1a9cde24000_firefox.jbxd
                                                                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                                                                      • API ID: InformationQuerySystem
                                                                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                                                                      • API String ID: 3562636166-0
                                                                                                                                                                                                                                                                      • Opcode ID: a3d4a310f25344abd1978f5247c9d082b9ccbb3eaa73dfa71153365510a96fee
                                                                                                                                                                                                                                                                      • Instruction ID: b9ce77b26e006ee29535d142ebbb84a8387ee6519e22ecaacbe9c4fe7f60447a
                                                                                                                                                                                                                                                                      • Opcode Fuzzy Hash: a3d4a310f25344abd1978f5247c9d082b9ccbb3eaa73dfa71153365510a96fee
                                                                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 08A3D431714E498BDB2DDF28DC856E973E5FB56310F04422ED94BC7256DF30EA868A82
                                                                                                                                                                                                                                                                      Function 000001A9CDE43B72 Relevance: 4.6, Strings: 3, Instructions: 887COMMON
                                                                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                                                                      Strings
                                                                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                                                                      • Source File: 0000000E.00000002.2385833282.000001A9CDE41000.00000020.00000001.00020000.00000000.sdmp, Offset: 000001A9CDE41000, based on PE: false
                                                                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                      • Snapshot File: hcaresult_14_2_1a9cde41000_firefox.jbxd
                                                                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                                                                      • String ID: #$4$z
                                                                                                                                                                                                                                                                      • API String ID: 0-222932584
                                                                                                                                                                                                                                                                      • Opcode ID: 3f12bc94a441b99678d1f37fd838eb33403ab1c1100704a4327215b314ffab7c
                                                                                                                                                                                                                                                                      • Instruction ID: 6e85c0c8baacf9463e6165d7ab0942e7c3d8581c8b974aaa38db32962e650e56
                                                                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 3f12bc94a441b99678d1f37fd838eb33403ab1c1100704a4327215b314ffab7c
                                                                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5252A131614E4D8BEB2AEF28DC856E973E5FF95311F04422AD84AC3255DF34EA468BC1
                                                                                                                                                                                                                                                                      Function 000001A9CDE2F329 Relevance: .1, Instructions: 93COMMON
                                                                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                                                                      control_flow_graph 2852 1a9cde2f329-1a9cde2f383 2853 1a9cde2f387-1a9cde2f389 2852->2853 2854 1a9cde2f38b-1a9cde2f3c2 2853->2854 2855 1a9cde2f3df-1a9cde2f411 2853->2855 2854->2855
                                                                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                                                                      • Source File: 0000000E.00000002.2384437706.000001A9CDE2E000.00000020.00000001.00020000.00000000.sdmp, Offset: 000001A9CDE2E000, based on PE: false
                                                                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                      • Snapshot File: hcaresult_14_2_1a9cde2e000_firefox.jbxd
                                                                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                                                                      • Opcode ID: e2ec9eb8584a6023471032247c17e1c9d7ae2cd16015b85041b7c1b707a9d463
                                                                                                                                                                                                                                                                      • Instruction ID: c702344297093ae09d554893665187e1e1e58c14ba3717acaf066f0a51cbb0fc
                                                                                                                                                                                                                                                                      • Opcode Fuzzy Hash: e2ec9eb8584a6023471032247c17e1c9d7ae2cd16015b85041b7c1b707a9d463
                                                                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2C21843160CB4C4FD745EF28C845B96BBE1FBA9310F1546AFE09AC7291DB34D9458782

                                                                                                                                                                                                                                                                      Non-executed Functions

                                                                                                                                                                                                                                                                      Function 000001A9CDE4425C Relevance: .4, Instructions: 417COMMON
                                                                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                                                                      • Source File: 0000000E.00000002.2385833282.000001A9CDE41000.00000020.00000001.00020000.00000000.sdmp, Offset: 000001A9CDE41000, based on PE: false
                                                                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                      • Snapshot File: hcaresult_14_2_1a9cde41000_firefox.jbxd
                                                                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                                                                      • Opcode ID: 2fa4645b680d34bee22a3500d205d04f87224c646c510b3238a6d81739ab6236
                                                                                                                                                                                                                                                                      • Instruction ID: 84974ef6cf88e9420619e88a4ed9241c44a361315176f28fcd699cd690782170
                                                                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2fa4645b680d34bee22a3500d205d04f87224c646c510b3238a6d81739ab6236
                                                                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 02B1E431B5C2900B871CC96D586707AF7D7E7CA60AB24E23EE9CBC7289DD3444539AC6