Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://fusiongsb.com/wofice/

Overview

General Information

Sample URL:https://fusiongsb.com/wofice/
Analysis ID:1431887
Infos:

Detection

Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 1060 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://fusiongsb.com/wofice/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 2088 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1948,i,15357515620688377585,3936290789121415712,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://fusiongsb.com/wofice/Avira URL Cloud: detection malicious, Label: phishing
Antivirus detection for URL or domain
Source: https://fusiongsb.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a12c3fa81e452bAvira URL Cloud: Label: phishing
Source: https://fusiongsb.com/favicon.icoAvira URL Cloud: Label: phishing
Source: https://fusiongsb.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a12c48f935677dAvira URL Cloud: Label: phishing
Source: https://fusiongsb.com/cdn-cgi/challenge-platform/scripts/jsd/main.jsAvira URL Cloud: Label: phishing
Source: https://fusiongsb.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.jsAvira URL Cloud: Label: phishing
Source: https://fusiongsb.com/wofice/HTTP Parser: No favicon
Source: https://fusiongsb.com/HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.16:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49725 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.33.215
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 40.68.123.157
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: global trafficHTTP traffic detected: GET /wofice/ HTTP/1.1Host: fusiongsb.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: fusiongsb.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM
Source: global trafficHTTP traffic detected: GET /wofice/ HTTP/1.1Host: fusiongsb.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://fusiongsb.com/wofice/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714077886; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714164286; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=7h5lT5W6w46NuL09W-toz22MxB8
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1Host: fusiongsb.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: fusiongsb.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://fusiongsb.com/wofice/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714077886; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714164286; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=7h5lT5W6w46NuL09W-toz22MxB8
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/jsd/r/87a12c48f935677d HTTP/1.1Host: fusiongsb.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714077886; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714164286; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=7h5lT5W6w46NuL09W-toz22MxB8; cf_clearance=cKyjhOSwB1Oh9Wij5W9H6ZKZC0rLbBFMuT_KV3fy44c-1714077887-1.0.1.1-tKwjmTEjJboA8Aa4QozstFcyHMxGWyd0jVpph4LWVTdhkRT5D1EZkKkEYVXHDhX3sus837YsK9hqd_lIiwh9Iw
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=TbF6LXouAHLCBFK&MD=daX7TMkC HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Ffusiongsb.com&oit=3&cp=21&pgcl=4&gs_rn=42&psi=8Q6rixY0x0GDfXHb&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Ffusiongsb.co&oit=3&cp=20&pgcl=4&gs_rn=42&psi=8Q6rixY0x0GDfXHb&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Ffusiongsb.com&oit=3&cp=21&pgcl=4&gs_rn=42&psi=8Q6rixY0x0GDfXHb&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: fusiongsb.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714077886; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714164286; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=7h5lT5W6w46NuL09W-toz22MxB8; cf_clearance=cKyjhOSwB1Oh9Wij5W9H6ZKZC0rLbBFMuT_KV3fy44c-1714077887-1.0.1.1-tKwjmTEjJboA8Aa4QozstFcyHMxGWyd0jVpph4LWVTdhkRT5D1EZkKkEYVXHDhX3sus837YsK9hqd_lIiwh9Iw
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=TbF6LXouAHLCBFK&MD=daX7TMkC HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficDNS traffic detected: DNS query: fusiongsb.com
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownHTTP traffic detected: POST /wofice/ HTTP/1.1Host: fusiongsb.comConnection: keep-aliveContent-Length: 22sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-TimeStamp-Expire: sec-ch-ua-mobile: ?0X-Requested-TimeStamp-Combination: X-Requested-Type-Combination: GETq9MD7iQpZPpiUrqXMIj8kCxLmA: 44282448Content-type: application/x-www-form-urlencodedX-Requested-Type: GETUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-Requested-with: XMLHttpRequestX-Requested-TimeStamp: sec-ch-ua-platform: "Windows"Accept: */*Origin: https://fusiongsb.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://fusiongsb.com/wofice/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM
Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableDate: Thu, 25 Apr 2024 20:44:45 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockSet-Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; path=/; expires=Fri, 26-Apr-24 20:44:39 GMT; Max-Age=86400;Set-Cookie: NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; path=/; expires=Fri, 26-Apr-24 20:44:39 GMT; Max-Age=86400;Set-Cookie: k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; path=/; expires=Fri, 26-Apr-24 20:44:39 GMT; Max-Age=86400;Set-Cookie: euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; path=/; expires=Fri, 26-Apr-24 20:44:39 GMT; Max-Age=86400;X-Frame-Options: SAMEORIGINCache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheExpires: 0CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kfZToPRVaKEJl0zDXxWDSplsBRZUf222z%2FAeDoJPj4tcffjdU20uRXvpsow1nccs0SqRmtNxS2fsSQ0E7kV0EnGPtSkk25XVHfEzo9cm6Ke7K0aJ2keTG9WkTDWxLwz"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87a12c3fa81e452b-ATLalt-svc: h3=":443"; ma=86400
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 20:44:47 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jFwYfN0p%2B5Nl7ku79uZnYu0DiukUulYj88WORr52fpkwzXFTCllxHDREthNBdwPyD9qOdkLzR1hQ%2F7zz33GmM3KZoe%2BVC6dZ4%2FuxOky7QINvBTijdwN7tNiVGZ7i2dfh"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87a12c48f935677d-ATLalt-svc: h3=":443"; ma=86400
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 20:44:47 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutablePragma: publicCF-Cache-Status: HITAge: 10074Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7r3F0kwKrN5PEZ3NpEgewOq0xMOzCtTG5GgywkGDZjrqwiN%2FsuUVUKh%2F7a3KS7CidQHVPzTjaDMJBPbxN8q4QlAlfZUq4%2BJo995VMrAI2PKCWF%2FTdw1bw05%2BmPv5ojeT"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87a12c4fcc104507-ATLalt-svc: h3=":443"; ma=86400
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 20:45:03 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pp6byGTHhVzXSakiTqh8yNNPny84P8%2FbbCHvZD90A0ooHhOfqOQxCldi0i8821tCmjyddBUNxh3pO2cT5Q3xC29Hs42SkEOXu90ffclBy%2BEJ9B6j9BskDwfSYVf67V%2Fm"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87a12cb1a86c8bbb-ATLalt-svc: h3=":443"; ma=86400
Source: chromecache_63.1.drString found in binary or memory: https://fusiongsb.co
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49697
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49696
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49696 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49697 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49688 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownHTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.16:49717 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.16:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.68.123.157:443 -> 192.168.2.16:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.86:443 -> 192.168.2.16:49725 version: TLS 1.2
Source: classification engineClassification label: mal56.win@14/18@10/5
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://fusiongsb.com/wofice/
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1948,i,15357515620688377585,3936290789121415712,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1948,i,15357515620688377585,3936290789121415712,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://fusiongsb.com/wofice/100%Avira URL Cloudphishing

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://fusiongsb.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a12c3fa81e452b100%Avira URL Cloudphishing
https://fusiongsb.com/favicon.ico100%Avira URL Cloudphishing
https://fusiongsb.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a12c48f935677d100%Avira URL Cloudphishing
about:blank0%Avira URL Cloudsafe
https://fusiongsb.co0%Avira URL Cloudsafe
https://fusiongsb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js100%Avira URL Cloudphishing
https://fusiongsb.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js100%Avira URL Cloudphishing

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
a.nel.cloudflare.com
35.190.80.1
truefalse
    		high
    www.google.com
    		142.251.15.104
    		truefalse
      		high
      fusiongsb.com
      		104.21.20.41
      		truefalse
        		unknown

        Contacted URLs

        NameMaliciousAntivirus DetectionReputation
        https://fusiongsb.com/cdn-cgi/challenge-platform/scripts/jsd/main.jsfalse
        • Avira URL Cloud: phishing
        		unknown
        https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Ffusiongsb.com&oit=3&cp=21&pgcl=4&gs_rn=42&psi=8Q6rixY0x0GDfXHb&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwfalse
          		high
          https://a.nel.cloudflare.com/report/v4?s=gxb8ugBcyVBfTIxqQdidDPm%2Fq6Cd9t0wJWgmsIzXEKUepCM9fplXU3kygQJE2gXLcPZ6vQh%2BH%2FGl%2FWQ9jVrQWaCQL3KrsGEdW4QMDwaEcd%2B4veFYiC3oKQcp%2F1uqF5C1false
            		high
            https://a.nel.cloudflare.com/report/v4?s=Pp6byGTHhVzXSakiTqh8yNNPny84P8%2FbbCHvZD90A0ooHhOfqOQxCldi0i8821tCmjyddBUNxh3pO2cT5Q3xC29Hs42SkEOXu90ffclBy%2BEJ9B6j9BskDwfSYVf67V%2Fmfalse
              		high
              https://fusiongsb.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.jsfalse
              • Avira URL Cloud: phishing
              		unknown
              https://fusiongsb.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a12c48f935677dfalse
              • Avira URL Cloud: phishing
              		unknown
              https://fusiongsb.com/false
                		unknown
                https://fusiongsb.com/favicon.icofalse
                • Avira URL Cloud: phishing
                		unknown
                https://fusiongsb.com/wofice/true
                  		unknown
                  https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Ffusiongsb.co&oit=3&cp=20&pgcl=4&gs_rn=42&psi=8Q6rixY0x0GDfXHb&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwfalse
                    		high
                    https://a.nel.cloudflare.com/report/v4?s=2kfZToPRVaKEJl0zDXxWDSplsBRZUf222z%2FAeDoJPj4tcffjdU20uRXvpsow1nccs0SqRmtNxS2fsSQ0E7kV0EnGPtSkk25XVHfEzo9cm6Ke7K0aJ2keTG9WkTDWxLwzfalse
                      		high
                      about:blankfalse
                      • Avira URL Cloud: safe
                      		low
                      https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwfalse
                        		high
                        https://fusiongsb.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a12c3fa81e452bfalse
                        • Avira URL Cloud: phishing
                        		unknown

                        URLs from Memory and Binaries

                        NameSourceMaliciousAntivirus DetectionReputation
                        https://fusiongsb.cochromecache_63.1.drfalse
                        • Avira URL Cloud: safe
                        		unknown

                        World Map of Contacted IPs

                        • No. of IPs < 25%
                        • 25% < No. of IPs < 50%
                        • 50% < No. of IPs < 75%
                        • 75% < No. of IPs

                        Public IPs

                        IPDomainCountryFlagASNASN NameMalicious
                        239.255.255.250
                        		unknownReserved
                        		unknownunknownfalse
                        35.190.80.1
                        		a.nel.cloudflare.comUnited States
                        		15169GOOGLEUSfalse
                        104.21.20.41
                        		fusiongsb.comUnited States
                        		13335CLOUDFLARENETUSfalse
                        142.251.15.104
                        		www.google.comUnited States
                        		15169GOOGLEUSfalse

                        Private

                        IP
                        192.168.2.16

                        General Information

                        Joe Sandbox version:40.0.0 Tourmaline
                        Analysis ID:1431887
                        Start date and time:2024-04-25 22:44:18 +02:00
                        Joe Sandbox product:CloudBasic
                        Overall analysis duration:0h 3m 34s
                        Hypervisor based Inspection enabled:false
                        Report type:full
                        Cookbook file name:defaultwindowsinteractivecookbook.jbs
                        Sample URL:https://fusiongsb.com/wofice/
                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                        Number of analysed new started processes analysed:14
                        Number of new started drivers analysed:0
                        Number of existing processes analysed:0
                        Number of existing drivers analysed:0
                        Number of injected processes analysed:0
                        Technologies:
                        • HCA enabled
                        • EGA enabled
                        • AMSI enabled
                        Analysis Mode:default
                        Analysis stop reason:Timeout
                        Detection:MAL
                        Classification:mal56.win@14/18@10/5
                        EGA Information:Failed
                        HCA Information:
                        • Successful, ratio: 100%
                        • Number of executed functions: 0
                        • Number of non-executed functions: 0

                        Warnings

                        • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, MoUsoCoreWorker.exe, conhost.exe, svchost.exe
                        • Excluded IPs from analysis (whitelisted): 74.125.136.94, 74.125.136.100, 74.125.136.101, 74.125.136.138, 74.125.136.139, 74.125.136.113, 74.125.136.102, 108.177.122.84, 34.104.35.123, 199.232.214.172, 142.250.105.94, 64.233.176.100, 64.233.176.139, 64.233.176.113, 64.233.176.101, 64.233.176.138, 64.233.176.102
                        • Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, clients2.google.com, accounts.google.com, edgedl.me.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
                        • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                        • Not all processes where analyzed, report is missing behavior information
                        • VT rate limit hit for: https://fusiongsb.com/wofice/

                        Simulations

                        Behavior and APIs

                        No simulations

                        Joe Sandbox View / Context

                        IPs

                        No context

                        Domains

                        No context

                        ASNs

                        No context

                        JA3 Fingerprints

                        No context

                        Dropped Files

                        No context

                        Created / dropped Files

                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:44:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2673
                        Entropy (8bit):3.988455932011251
                        Encrypted:false
                        SSDEEP:48:8csdisTvLbH8idAKZdA1FehwiZUklqehLy+3:8Wsvuky
                        MD5:46E8915D93A01AEF18E34793C0FC1986
                        SHA1:809BD633A398141342C54313C39D2D6E9BC981B7
                        SHA-256:910BE6DAAE72B146CF7B173F0337D536E4CC5009729EEC89ECF635C6C7AB7FE5
                        SHA-512:35BCD28D92A984AD88B8C8A07E1D439FACE3B3BFC22E0B96A97A5E222F590FD938929D6121CA4FA7B7F7C411E36FEC88ED74A362FE9937ED68D84FB9B5C36872
                        Malicious:false
                        Reputation:low
                        Preview:L..................F.@.. ...$+.,....p..hQ...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............S9X.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:44:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2675
                        Entropy (8bit):4.005847668416709
                        Encrypted:false
                        SSDEEP:48:8MsdisTvLbH8idAKZdA1seh/iZUkAQkqehUy+2:8msvI9QBy
                        MD5:C00FD9D4047C67B72DF5C8EB3AA723C2
                        SHA1:75C313D20C5C430C0BC038068FE2A5C370101E71
                        SHA-256:39B23C9A9F18009E64492E60CDA70E50260A7A43F51D8EE992DF324547662B9B
                        SHA-512:20817797C89FCE68D9F003EE8BF40D730D74CD20DB1428481A3BA588C35088A9B08B09574F49F28C5C9D58CB0983B6E858403EED790EC95D9D0B5B9FFE1C052F
                        Malicious:false
                        Reputation:low
                        Preview:L..................F.@.. ...$+.,....RQ.hQ...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............S9X.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2689
                        Entropy (8bit):4.012027337705602
                        Encrypted:false
                        SSDEEP:48:8ddisTvLAH8idAKZdA14meh7sFiZUkmgqeh7sSy+BX:8ysvFnoy
                        MD5:914E88C417EFB9AA428B3C470109B2BB
                        SHA1:4BAF9537856C844E6E94F02822E65AF59B63CB6D
                        SHA-256:C8AA62AC92C994DB7C94E8A2605F1BF947C65492B67A43E1E7C7981EE95D4287
                        SHA-512:3EC033BCF313C126F2D47CC2B51956EADF652270EEAEA6E045D765B60EA52BFD38F0F7F7E7401DA0445CB8F4C463D4CF2957E5513A8F20EBC911405AD87FB419
                        Malicious:false
                        Reputation:low
                        Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............S9X.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:44:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2677
                        Entropy (8bit):4.002512291903326
                        Encrypted:false
                        SSDEEP:48:8t7sdisTvLbH8idAKZdA1TehDiZUkwqehAy+R:8tjsvjKy
                        MD5:E2A04B8C8C350F52108160B9964DED9C
                        SHA1:5240CF970438AAE53804AB606BDB20685225DE3D
                        SHA-256:F350F938A762008AF0C37509337C50456DB4F8A702E2255582F7B6A6E74A1823
                        SHA-512:24F66E60171ACAFD92BD0F1B6F0BD6C39010B102F2B1E362C01DD7D910BC53F2E218B99BB3668CCE51956BA676E24FF38F4041DC3AA033B084B7A3B047569F92
                        Malicious:false
                        Reputation:low
                        Preview:L..................F.@.. ...$+.,.....6.hQ...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............S9X.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:44:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2677
                        Entropy (8bit):3.9924826852448723
                        Encrypted:false
                        SSDEEP:48:8tsdisTvLbH8idAKZdA1dehBiZUk1W1qehWy+C:8dsvT92y
                        MD5:0828DA4F722916477C930F356AB4478F
                        SHA1:AE452A7941B9427FE72E79552180E50366D5AC24
                        SHA-256:8C1936DB449F0FA5FAEA1CB34EB109AE64A4C98A2F57DB1040D990F0515B047F
                        SHA-512:7311647CE500827F54313C77F0CDA0F0479BCA472362D7D1FD06769B4C29BC1ACB0897DDF23647A3B5FC9FD943D7ACCB78E9F8B26D92C30B3968C403B18DF9B2
                        Malicious:false
                        Reputation:low
                        Preview:L..................F.@.. ...$+.,.......hQ...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............S9X.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:44:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2679
                        Entropy (8bit):4.002220502939939
                        Encrypted:false
                        SSDEEP:48:8OsdisTvLbH8idAKZdA1duTeehOuTbbiZUk5OjqehOuTboy+yT+:8osv3TfTbxWOvTboy7T
                        MD5:E55D897DF14D95ED679FDD2E92AF350F
                        SHA1:F0C92120A90B2912F1B658D7668A174B828B7610
                        SHA-256:A5298320774D7490B7464DC9CB7A4AE70070A739F39697306DB506F8082DC236
                        SHA-512:E70965C4FC6822850A47773151F4CD25A17F2D8C5315F558B0AC064410CD2B6947B51F615B3680AF1F1F7FAD394BCFC5D9A688E57946A77619D1369F9BE6FE8D
                        Malicious:false
                        Reputation:low
                        Preview:L..................F.@.. ...$+.,.....K.hQ...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............S9X.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                        Chrome Cache Entry: 60

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:HTML document, ASCII text, with no line terminators
                        Category:downloaded
                        Size (bytes):257
                        Entropy (8bit):4.6486758631726115
                        Encrypted:false
                        SSDEEP:6:qzxUkObRHX96vetlSwzRx3G0CezoJTEHcLgabVvjsKtgsg93wzR1D:kxReRHkvetQwzRxGez7fCJjsKtgizR1D
                        MD5:6147CA10712E483B5EE714D29C21E439
                        SHA1:7BFFD4014EFE0ACE62D03599877153159E2A01B6
                        SHA-256:E5128B5E331CAD19DF2F67041FFC85BF716D6E6106DEA098C37524593FB268E9
                        SHA-512:B3381EFE8B9D07D1F27174E70813AF2E8FBFCAC00E0F5D197121F20E81DE7B2B271264CB07B332A82118F636917CA30A4CDD568BF97B83B29DFCBACC58F8C928
                        Malicious:false
                        Reputation:low
                        URL:https://fusiongsb.com/favicon.ico
                        Preview:<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>

                        Chrome Cache Entry: 61

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (7806), with no line terminators
                        Category:downloaded
                        Size (bytes):7806
                        Entropy (8bit):5.763222232878961
                        Encrypted:false
                        SSDEEP:192:s5+WlOLDzuhXoAavetHIljjiNWQxe+xNQ8lIE:s5+LDMXoAavetHCjYe+xtIE
                        MD5:D9567C8F5CC8EEAB5259354864BF098B
                        SHA1:057AB44078DA78270A782B225DE9EC9CA3B002D4
                        SHA-256:DDD13D858EA884CF67D2B4BE83F56861FC66010182410D7A5D2AAD41E5A4FA6F
                        SHA-512:D76532963096E95AE46A68B12A666B61C0FCEF3C827A315E4B1E698FBB71B760E2BD886A134E39BE49D91956A681CD99430E3037650E8479ABF8DD5570A74826
                        Malicious:false
                        Reputation:low
                        URL:https://fusiongsb.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
                        Preview:window._cf_chl_opt={cFPWv:'b'};~function(V,g,h,m,n,x,y,A){V=b,function(c,e,U,f,C){for(U=b,f=c();!![];)try{if(C=-parseInt(U(255))/1+parseInt(U(296))/2+-parseInt(U(229))/3+parseInt(U(231))/4+parseInt(U(304))/5*(parseInt(U(256))/6)+parseInt(U(225))/7*(-parseInt(U(252))/8)+parseInt(U(227))/9,e===C)break;else f.push(f.shift())}catch(D){f.push(f.shift())}}(a,775521),g=this||self,h=g[V(270)],m={},m[V(208)]='o',m[V(290)]='s',m[V(232)]='u',m[V(259)]='z',m[V(212)]='n',m[V(223)]='I',n=m,g[V(220)]=function(C,D,E,F,a4,H,I,J,K,L,M){if(a4=V,null===D||D===void 0)return F;for(H=v(D),C[a4(236)][a4(205)]&&(H=H[a4(273)](C[a4(236)][a4(205)](D))),H=C[a4(282)][a4(291)]&&C[a4(297)]?C[a4(282)][a4(291)](new C[(a4(297))](H)):function(N,a5,O){for(a5=a4,N[a5(302)](),O=0;O<N[a5(286)];N[O+1]===N[O]?N[a5(234)](O+1,1):O+=1);return N}(H),I='nAsAaAb'.split('A'),I=I[a4(253)][a4(209)](I),J=0;J<H[a4(286)];K=H[J],L=s(C,D,K),I(L)?(M=L==='s'&&!C[a4(238)](D[K]),a4(214)===E+K?G(E+K,L):M||G(E+K,D[K])):G(E+K,L),J++);return F;func

                        Chrome Cache Entry: 62

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text, with very long lines (801)
                        Category:downloaded
                        Size (bytes):806
                        Entropy (8bit):5.1359390841555985
                        Encrypted:false
                        SSDEEP:24:pSUK6uBX1BHslgT9lCuABuoB7HHHHHHHYqmffffffo:lhuBX1KlgZ01BuSEqmffffffo
                        MD5:729446535A506EADEA460EA40F122AEC
                        SHA1:69180CB61C5D6ADF2D9C838E6D20FB40534CCD8C
                        SHA-256:4A097A2D485F49B9E156A77C5E7347F2B6D87533FE003742F1E2D39013571D3A
                        SHA-512:0D975EF77B4141EF82057B5232170BD20A25CF73EECF712BA2698661A3E9C87468861B2DD77AC43222085B228B2CA6AA48D8427BB22ECE307FE9916CDD0CCBDC
                        Malicious:false
                        Reputation:low
                        URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                        Preview:)]}'.["",["stellar blade game review","modern horizons 3 commander decks leaks","la dodgers vs nationals predictions","dom foxtrot closing","military horses loose in london","nintendo garry mod","cumberland valley school board meeting","frank csorba death"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                        Chrome Cache Entry: 63

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:ASCII text
                        Category:downloaded
                        Size (bytes):140
                        Entropy (8bit):4.711760963818336
                        Encrypted:false
                        SSDEEP:3:Vw2JCAyKpHJHwwBHsLpHbGWjLwWkzXFETH1u4:Vw2MEpHN5BHsLRGAwWeXFEL13
                        MD5:DE43189DA0E43B0C42D33F36CC320890
                        SHA1:3A7B39511661492E12F73462A32BC473692837CB
                        SHA-256:3F06A545F3EE6B4351B91A4F49159B74E6E997FE2C890CBEDD09BC61737E249B
                        SHA-512:B68A8B6681109ADD43093C9D2E4CE6C0A85AE0E81C07823FB1557BAED39D40E577DA40CC007476FE921644136EB35197A32E8B5EBA3DEE5CECCBF17FAE3B200E
                        Malicious:false
                        Reputation:low
                        URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Ffusiongsb.co&oit=3&cp=20&pgcl=4&gs_rn=42&psi=8Q6rixY0x0GDfXHb&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                        Preview:)]}'.["https://fusiongsb.co",[],[],[],{"google:clientdata":{"bpc":false,"tlw":true},"google:suggesttype":[],"google:verbatimrelevance":851}]

                        Chrome Cache Entry: 64

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:HTML document, ASCII text, with no line terminators
                        Category:downloaded
                        Size (bytes):257
                        Entropy (8bit):4.6486758631726115
                        Encrypted:false
                        SSDEEP:6:qzxUkObRHX96vetlSwzRx3G0CezoJTEHcLgabVvjsKtgsg93wzR1D:kxReRHkvetQwzRxGez7fCJjsKtgizR1D
                        MD5:6147CA10712E483B5EE714D29C21E439
                        SHA1:7BFFD4014EFE0ACE62D03599877153159E2A01B6
                        SHA-256:E5128B5E331CAD19DF2F67041FFC85BF716D6E6106DEA098C37524593FB268E9
                        SHA-512:B3381EFE8B9D07D1F27174E70813AF2E8FBFCAC00E0F5D197121F20E81DE7B2B271264CB07B332A82118F636917CA30A4CDD568BF97B83B29DFCBACC58F8C928
                        Malicious:false
                        Reputation:low
                        URL:https://fusiongsb.com/
                        Preview:<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>

                        Chrome Cache Entry: 65

                        Download File
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:HTML document, ASCII text, with very long lines (1375), with no line terminators
                        Category:downloaded
                        Size (bytes):1375
                        Entropy (8bit):5.2749966168744615
                        Encrypted:false
                        SSDEEP:24:kTeRH8eVxvrCJjsuRpRGBc3uDAJSa7egRWgzQunfvJVu3iPCMgsygDKGRWKMSoI0:8eFj/e5dIVqS/gwyPX7VqrsyEKGwKKI0
                        MD5:FCD876ACDD27CE02E0673768D9EAA118
                        SHA1:EEC78782158C82F055AF2CF699B5A2BD8A8C2ED9
                        SHA-256:BD94F3F28FFE9C8F627C3BE8FADE71154DFC6C15505D9B11A13067368ABBB840
                        SHA-512:9C9B56222E6275D19F440024A9B1DD0925DF34007910C07654B2C480DE50270B780C59888C867218781C42B450EB1ADE595AB904051D957594AB1764B7F5DBED
                        Malicious:false
                        Reputation:low
                        URL:https://fusiongsb.com/wofice/
                        Preview:<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><script>(function(){if (!document.body) return;var js = "window['__CF$cv$params']={r:'87a12c48f935677d',t:'MTcxNDA3Nzg4Ny4zNzUwMDA='};_cpo=document.createElement('script');_cpo.nonce='',_cpo.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js',document.getElementsByTagName('head')[0].appendChild(_cpo);";var _0xh = document.createElement('iframe');_0xh.height = 1;_0xh.width = 1;_0xh.style.position = 'absolute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style.border = 'none';_0xh.style.visibility = 'hidden';document.body.appendChild(_0xh);function handler() {var _0xi = _0xh.contentDocument || _0xh.contentWindow.document;if (_0xi) {var _0xj = _0xi.createElement('script');_0xj.innerHTML = js;_0xi.getElementsByTagName('head')[0].appendChild(_0xj);}}i

                        Static File Info

                        No static file info

                        Network Behavior

                        Network Port Distribution

                        TCP Packets

                        TimestampSource PortDest PortSource IPDest IP
                        Apr 25, 2024 22:44:44.944905043 CEST49696443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:44.944947004 CEST44349696104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:44.945017099 CEST49696443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:44.945250034 CEST49696443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:44.945266008 CEST44349696104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:44.945597887 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:44.945626020 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:44.945681095 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:44.945848942 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:44.945864916 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.190839052 CEST44349696104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.190862894 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.191123009 CEST49696443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.191143990 CEST44349696104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.191334963 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.191354036 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.192753077 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.192778111 CEST44349696104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.192826986 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.192883968 CEST49696443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.193907022 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.193977118 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.194051027 CEST49696443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.194118977 CEST44349696104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.194164038 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.194174051 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.247231960 CEST49696443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.247234106 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.247243881 CEST44349696104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.295217037 CEST49696443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.756697893 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.756864071 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.756939888 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.756953955 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.756982088 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.757035017 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.757041931 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.757122040 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.757190943 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.757201910 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.757210016 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.757266045 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.757273912 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.757380009 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.757431984 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.757438898 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.757499933 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.757607937 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.757616043 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.806231976 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.870460033 CEST49700443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:45.870493889 CEST4434970035.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:45.870605946 CEST49700443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:45.870913029 CEST49700443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:45.870927095 CEST4434970035.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:45.915535927 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.915640116 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.915652990 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.915719986 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.915736914 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.915781021 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.915941954 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.916029930 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.916114092 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.916153908 CEST49697443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.916165113 CEST44349697104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.927186012 CEST49696443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.927988052 CEST49701443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.928014040 CEST44349701104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.928116083 CEST49701443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.928303957 CEST49701443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:45.928323030 CEST44349701104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:45.968142033 CEST44349696104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.100605011 CEST4434970035.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.101032972 CEST49700443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.101047993 CEST4434970035.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.102118969 CEST4434970035.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.102233887 CEST49700443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.103236914 CEST49700443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.103302002 CEST4434970035.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.103457928 CEST49700443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.148118019 CEST4434970035.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.154357910 CEST49700443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.154369116 CEST4434970035.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.158389091 CEST44349701104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.158788919 CEST49701443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.158802986 CEST44349701104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.159159899 CEST44349701104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.159482002 CEST49701443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.159548044 CEST44349701104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.159604073 CEST49701443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.200129032 CEST44349701104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.202225924 CEST49700443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.202259064 CEST49701443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.342613935 CEST4434970035.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.342678070 CEST4434970035.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.342920065 CEST49700443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.343158007 CEST49700443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.343180895 CEST4434970035.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.343564034 CEST49702443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.343599081 CEST4434970235.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.343734026 CEST49702443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.343926907 CEST49702443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.343944073 CEST4434970235.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.430099010 CEST44349701104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.430169106 CEST44349701104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.430233002 CEST49701443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.430670023 CEST49701443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.430694103 CEST44349701104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.432466030 CEST49703443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.432507992 CEST44349703104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.432605982 CEST49703443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.432807922 CEST49703443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.432823896 CEST44349703104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.460619926 CEST44349696104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.460696936 CEST44349696104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.460792065 CEST49696443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.461338043 CEST49696443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.461354017 CEST44349696104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.466664076 CEST49704443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.466705084 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.466772079 CEST49704443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.467022896 CEST49704443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.467034101 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.569292068 CEST4434970235.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.569611073 CEST49702443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.569622993 CEST4434970235.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.569969893 CEST4434970235.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.570327997 CEST49702443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.570399046 CEST4434970235.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.570478916 CEST49702443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.612159967 CEST4434970235.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.617249012 CEST49702443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.665539980 CEST44349703104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.665827990 CEST49703443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.665838957 CEST44349703104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.666187048 CEST44349703104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.666491032 CEST49703443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.666549921 CEST44349703104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.666619062 CEST49703443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.696048975 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.696372986 CEST49704443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.696391106 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.696753025 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.697041988 CEST49704443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.697096109 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.697144032 CEST49704443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.708127975 CEST44349703104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.744124889 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.745250940 CEST49704443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.820441008 CEST4434970235.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.820523024 CEST4434970235.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.820614100 CEST49702443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.820813894 CEST49702443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:44:46.820832968 CEST4434970235.190.80.1192.168.2.16
                        Apr 25, 2024 22:44:46.964891911 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.965039968 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.965112925 CEST49704443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.965123892 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.965167999 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.965224028 CEST49704443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.965251923 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.965396881 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.965451956 CEST49704443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.965464115 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.965707064 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:46.965766907 CEST49704443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.967068911 CEST49704443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:46.967092991 CEST44349704104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.045874119 CEST49706443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.045918941 CEST44349706104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.045995951 CEST49706443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.046308994 CEST49706443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.046324015 CEST44349706104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.276796103 CEST44349706104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.277290106 CEST49706443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.277309895 CEST44349706104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.277666092 CEST44349706104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.278050900 CEST49706443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.278110027 CEST44349706104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.278193951 CEST49706443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.278264999 CEST49706443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.278286934 CEST44349706104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.278455019 CEST49706443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.324120045 CEST44349706104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.429836988 CEST44349703104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.429920912 CEST44349703104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.429974079 CEST44349703104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.430038929 CEST49703443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.430038929 CEST49703443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.430813074 CEST49703443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.430831909 CEST44349703104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.430869102 CEST49703443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.430891991 CEST49703443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.434856892 CEST49706443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.434962034 CEST44349706104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.435044050 CEST49706443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.524275064 CEST49707443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.524316072 CEST44349707104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.524410009 CEST49707443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.524636984 CEST49707443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.524651051 CEST44349707104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.531527042 CEST49708443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.531584978 CEST44349708104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.531655073 CEST49708443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.531905890 CEST49708443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.531919003 CEST44349708104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.752651930 CEST44349707104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.753381014 CEST49707443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.753408909 CEST44349707104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.754832983 CEST44349707104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.754916906 CEST49707443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.755311012 CEST49707443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.755472898 CEST49707443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.755486012 CEST44349707104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.755565882 CEST49707443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.755651951 CEST44349707104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.755707979 CEST49707443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.755716085 CEST44349707104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.760025978 CEST44349708104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.760221958 CEST49708443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.760236979 CEST44349708104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.760600090 CEST44349708104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.760876894 CEST49708443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.760931969 CEST44349708104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.760997057 CEST49708443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.797379971 CEST49707443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.808119059 CEST44349708104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.995878935 CEST44349707104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.995970011 CEST44349707104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:47.996047020 CEST49707443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.996519089 CEST49707443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:47.996531010 CEST44349707104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.030798912 CEST44349708104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.030934095 CEST44349708104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.030997038 CEST49708443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:48.031559944 CEST49708443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:48.031577110 CEST44349708104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.158207893 CEST49710443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:48.158261061 CEST44349710104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.158366919 CEST49710443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:48.158595085 CEST49710443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:48.158612013 CEST44349710104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.390561104 CEST44349710104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.390885115 CEST49710443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:48.390904903 CEST44349710104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.391971111 CEST44349710104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.392043114 CEST49710443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:48.392335892 CEST49710443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:48.392398119 CEST44349710104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.392492056 CEST49710443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:48.392499924 CEST44349710104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.446221113 CEST49710443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:48.660355091 CEST44349710104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.660425901 CEST44349710104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.660516024 CEST49710443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:48.661170006 CEST49710443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:44:48.661194086 CEST44349710104.21.20.41192.168.2.16
                        Apr 25, 2024 22:44:48.875530005 CEST49673443192.168.2.16204.79.197.203
                        Apr 25, 2024 22:44:49.177267075 CEST49673443192.168.2.16204.79.197.203
                        Apr 25, 2024 22:44:49.764836073 CEST49711443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:49.764894009 CEST44349711142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:49.764970064 CEST49711443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:49.765264988 CEST49711443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:49.765281916 CEST44349711142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:49.777410984 CEST49673443192.168.2.16204.79.197.203
                        Apr 25, 2024 22:44:49.993350029 CEST44349711142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:49.993643045 CEST49711443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:49.993658066 CEST44349711142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:49.994662046 CEST44349711142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:49.994733095 CEST49711443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:49.995717049 CEST49711443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:49.995776892 CEST44349711142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:50.049225092 CEST49711443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:50.049233913 CEST44349711142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:50.097364902 CEST49711443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:50.983351946 CEST49673443192.168.2.16204.79.197.203
                        Apr 25, 2024 22:44:52.181705952 CEST49688443192.168.2.1623.1.33.215
                        Apr 25, 2024 22:44:53.394376040 CEST49673443192.168.2.16204.79.197.203
                        Apr 25, 2024 22:44:55.209367037 CEST49717443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.209397078 CEST44349717184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.209547997 CEST49717443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.211656094 CEST49717443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.211671114 CEST44349717184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.447362900 CEST44349717184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.447458029 CEST49717443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.451237917 CEST49717443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.451245070 CEST44349717184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.451679945 CEST44349717184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.501329899 CEST49717443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.503274918 CEST49717443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.544142962 CEST44349717184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.631580114 CEST49711443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:55.660017967 CEST44349717184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.660214901 CEST44349717184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.660276890 CEST49717443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.660276890 CEST49717443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.660276890 CEST49717443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.660304070 CEST44349717184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.672123909 CEST44349711142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:55.697232962 CEST49718443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.697257996 CEST44349718184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.697357893 CEST49718443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.697654963 CEST49718443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.697669029 CEST44349718184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.783638954 CEST44349711142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:55.783690929 CEST44349711142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:55.783766985 CEST49711443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:55.783780098 CEST44349711142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:55.790473938 CEST44349711142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:55.790551901 CEST49711443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:55.790611982 CEST49711443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:55.790628910 CEST44349711142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:55.934257030 CEST44349718184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.934341908 CEST49718443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.935914993 CEST49718443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.935920954 CEST44349718184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.936280012 CEST44349718184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.937531948 CEST49718443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.962327957 CEST49717443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:55.962349892 CEST44349717184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:55.980122089 CEST44349718184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:56.151664019 CEST44349718184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:56.151855946 CEST44349718184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:56.151951075 CEST49718443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:56.152641058 CEST49718443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:56.152662992 CEST44349718184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:56.152669907 CEST49718443192.168.2.16184.31.62.93
                        Apr 25, 2024 22:44:56.152678013 CEST44349718184.31.62.93192.168.2.16
                        Apr 25, 2024 22:44:57.048615932 CEST49678443192.168.2.1620.189.173.10
                        Apr 25, 2024 22:44:57.350287914 CEST49678443192.168.2.1620.189.173.10
                        Apr 25, 2024 22:44:57.955326080 CEST49678443192.168.2.1620.189.173.10
                        Apr 25, 2024 22:44:58.194293022 CEST49673443192.168.2.16204.79.197.203
                        Apr 25, 2024 22:44:58.836625099 CEST49719443192.168.2.1640.68.123.157
                        Apr 25, 2024 22:44:58.836672068 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:44:58.836755991 CEST49719443192.168.2.1640.68.123.157
                        Apr 25, 2024 22:44:58.837685108 CEST49719443192.168.2.1640.68.123.157
                        Apr 25, 2024 22:44:58.837702036 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:44:59.167288065 CEST49678443192.168.2.1620.189.173.10
                        Apr 25, 2024 22:44:59.483489037 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:44:59.483563900 CEST49719443192.168.2.1640.68.123.157
                        Apr 25, 2024 22:44:59.485972881 CEST49719443192.168.2.1640.68.123.157
                        Apr 25, 2024 22:44:59.485984087 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:44:59.486243963 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:44:59.535259008 CEST49719443192.168.2.1640.68.123.157
                        Apr 25, 2024 22:44:59.539437056 CEST49719443192.168.2.1640.68.123.157
                        Apr 25, 2024 22:44:59.580125093 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:44:59.807913065 CEST49720443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:59.807960033 CEST44349720142.251.15.104192.168.2.16
                        Apr 25, 2024 22:44:59.808043957 CEST49720443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:59.808293104 CEST49720443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:44:59.808312893 CEST44349720142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.034590960 CEST44349720142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.034895897 CEST49720443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.034917116 CEST44349720142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.035394907 CEST44349720142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.035702944 CEST49720443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.035790920 CEST44349720142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.035835981 CEST49720443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.076157093 CEST44349720142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.076358080 CEST49720443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.110282898 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:45:00.110320091 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:45:00.110327959 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:45:00.110337019 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:45:00.110362053 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:45:00.110471010 CEST49719443192.168.2.1640.68.123.157
                        Apr 25, 2024 22:45:00.110492945 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:45:00.110512972 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:45:00.110598087 CEST49719443192.168.2.1640.68.123.157
                        Apr 25, 2024 22:45:00.123568058 CEST49719443192.168.2.1640.68.123.157
                        Apr 25, 2024 22:45:00.123590946 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:45:00.123606920 CEST49719443192.168.2.1640.68.123.157
                        Apr 25, 2024 22:45:00.123613119 CEST4434971940.68.123.157192.168.2.16
                        Apr 25, 2024 22:45:00.207469940 CEST49720443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.207617998 CEST44349720142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.207717896 CEST49720443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.209769011 CEST49721443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.209806919 CEST44349721142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.210251093 CEST49721443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.210251093 CEST49721443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.210282087 CEST44349721142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.444215059 CEST44349721142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.445820093 CEST49721443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.445831060 CEST44349721142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.446857929 CEST44349721142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.446989059 CEST49721443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.447287083 CEST49721443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.447345972 CEST44349721142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.447408915 CEST49721443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.492126942 CEST44349721142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.492396116 CEST49721443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.492408037 CEST44349721142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.539421082 CEST49721443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.726535082 CEST44349721142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.730603933 CEST44349721142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:00.730695963 CEST49721443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.731635094 CEST49721443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:00.731667042 CEST44349721142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:01.513657093 CEST4968080192.168.2.16192.229.211.108
                        Apr 25, 2024 22:45:01.576328039 CEST49678443192.168.2.1620.189.173.10
                        Apr 25, 2024 22:45:01.815470934 CEST4968080192.168.2.16192.229.211.108
                        Apr 25, 2024 22:45:02.420320988 CEST4968080192.168.2.16192.229.211.108
                        Apr 25, 2024 22:45:02.823694944 CEST49722443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:02.823730946 CEST44349722142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:02.823806047 CEST49722443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:02.824722052 CEST49722443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:02.824737072 CEST44349722142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:03.050045967 CEST44349722142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:03.050451994 CEST49722443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:03.050465107 CEST44349722142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:03.050786972 CEST44349722142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:03.051182032 CEST49722443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:03.051233053 CEST44349722142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:03.051358938 CEST49722443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:03.092124939 CEST44349722142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:03.177836895 CEST49722443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:03.177968025 CEST44349722142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:03.178042889 CEST49722443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:03.193486929 CEST49723443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:03.193531036 CEST44349723104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:03.193622112 CEST49723443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:03.194466114 CEST49724443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:03.194510937 CEST44349724104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:03.194596052 CEST49724443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:03.195015907 CEST49723443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:03.195029974 CEST44349723104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:03.195169926 CEST49724443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:03.195185900 CEST44349724104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:03.422379017 CEST44349723104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:03.422790051 CEST49723443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:03.422815084 CEST44349723104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:03.423248053 CEST44349723104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:03.423567057 CEST49723443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:03.423625946 CEST44349723104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:03.423784971 CEST49723443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:03.428141117 CEST44349724104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:03.428414106 CEST49724443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:03.428438902 CEST44349724104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:03.429132938 CEST44349724104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:03.429485083 CEST49724443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:03.429573059 CEST44349724104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:03.464114904 CEST44349723104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:03.473326921 CEST49724443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:03.633301973 CEST4968080192.168.2.16192.229.211.108
                        Apr 25, 2024 22:45:04.006983995 CEST44349723104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:04.007081985 CEST44349723104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:04.007776976 CEST49723443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:04.008572102 CEST49723443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:04.008586884 CEST44349723104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:06.044348955 CEST4968080192.168.2.16192.229.211.108
                        Apr 25, 2024 22:45:06.382311106 CEST49678443192.168.2.1620.189.173.10
                        Apr 25, 2024 22:45:07.796323061 CEST49673443192.168.2.16204.79.197.203
                        Apr 25, 2024 22:45:10.846321106 CEST4968080192.168.2.16192.229.211.108
                        Apr 25, 2024 22:45:15.989324093 CEST49678443192.168.2.1620.189.173.10
                        Apr 25, 2024 22:45:18.416941881 CEST44349724104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:18.417110920 CEST44349724104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:18.417205095 CEST49724443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:19.011230946 CEST49724443192.168.2.16104.21.20.41
                        Apr 25, 2024 22:45:19.011266947 CEST44349724104.21.20.41192.168.2.16
                        Apr 25, 2024 22:45:20.447350025 CEST4968080192.168.2.16192.229.211.108
                        Apr 25, 2024 22:45:36.699950933 CEST49725443192.168.2.1613.85.23.86
                        Apr 25, 2024 22:45:36.699999094 CEST4434972513.85.23.86192.168.2.16
                        Apr 25, 2024 22:45:36.700109005 CEST49725443192.168.2.1613.85.23.86
                        Apr 25, 2024 22:45:36.700520039 CEST49725443192.168.2.1613.85.23.86
                        Apr 25, 2024 22:45:36.700541019 CEST4434972513.85.23.86192.168.2.16
                        Apr 25, 2024 22:45:37.119201899 CEST4434972513.85.23.86192.168.2.16
                        Apr 25, 2024 22:45:37.119497061 CEST49725443192.168.2.1613.85.23.86
                        Apr 25, 2024 22:45:37.120868921 CEST49725443192.168.2.1613.85.23.86
                        Apr 25, 2024 22:45:37.120884895 CEST4434972513.85.23.86192.168.2.16
                        Apr 25, 2024 22:45:37.121746063 CEST4434972513.85.23.86192.168.2.16
                        Apr 25, 2024 22:45:37.123600960 CEST49725443192.168.2.1613.85.23.86
                        Apr 25, 2024 22:45:37.168122053 CEST4434972513.85.23.86192.168.2.16
                        Apr 25, 2024 22:45:37.510056973 CEST4434972513.85.23.86192.168.2.16
                        Apr 25, 2024 22:45:37.510088921 CEST4434972513.85.23.86192.168.2.16
                        Apr 25, 2024 22:45:37.510108948 CEST4434972513.85.23.86192.168.2.16
                        Apr 25, 2024 22:45:37.510308027 CEST49725443192.168.2.1613.85.23.86
                        Apr 25, 2024 22:45:37.510328054 CEST4434972513.85.23.86192.168.2.16
                        Apr 25, 2024 22:45:37.510421038 CEST49725443192.168.2.1613.85.23.86
                        Apr 25, 2024 22:45:37.513160944 CEST49725443192.168.2.1613.85.23.86
                        Apr 25, 2024 22:45:37.513183117 CEST4434972513.85.23.86192.168.2.16
                        Apr 25, 2024 22:45:37.513197899 CEST49725443192.168.2.1613.85.23.86
                        Apr 25, 2024 22:45:37.513204098 CEST4434972513.85.23.86192.168.2.16
                        Apr 25, 2024 22:45:45.761811972 CEST49727443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:45.761838913 CEST4434972735.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:45.761974096 CEST49727443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:45.762428999 CEST49727443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:45.762438059 CEST4434972735.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:45.872412920 CEST49728443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:45.872522116 CEST4434972835.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:45.872688055 CEST49728443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:45.872919083 CEST49728443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:45.872937918 CEST4434972835.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:45.991944075 CEST4434972735.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:45.992588043 CEST49727443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:45.992614985 CEST4434972735.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:45.993820906 CEST4434972735.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:45.994479895 CEST49727443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:45.994632959 CEST4434972735.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:45.994718075 CEST49727443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.040117979 CEST4434972735.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.047523975 CEST49727443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.100836039 CEST4434972835.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.101383924 CEST49728443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.101424932 CEST4434972835.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.103096962 CEST4434972835.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.103231907 CEST49728443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.103490114 CEST49728443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.103585958 CEST4434972835.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.103655100 CEST49728443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.148112059 CEST4434972835.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.158437967 CEST49728443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.158452988 CEST4434972835.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.206613064 CEST49728443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.241262913 CEST4434972735.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.241452932 CEST4434972735.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.241738081 CEST49727443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.241738081 CEST49727443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.241738081 CEST49727443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.242449999 CEST49729443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.242533922 CEST4434972935.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.242692947 CEST49729443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.242974043 CEST49729443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.243004084 CEST4434972935.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.353847980 CEST4434972835.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.353950024 CEST4434972835.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.354147911 CEST49728443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.354310989 CEST49728443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.354356050 CEST4434972835.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.354935884 CEST49730443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.354968071 CEST4434973035.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.355149984 CEST49730443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.355359077 CEST49730443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.355371952 CEST4434973035.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.473258972 CEST4434972935.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.473752975 CEST49729443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.473793030 CEST4434972935.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.474579096 CEST4434972935.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.474895954 CEST49729443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.474960089 CEST4434972935.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.475038052 CEST49729443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.475074053 CEST49729443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.475097895 CEST4434972935.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.583914995 CEST4434973035.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.584403038 CEST49730443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.584414005 CEST4434973035.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.584913969 CEST4434973035.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.585220098 CEST49730443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.585299015 CEST4434973035.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.585397005 CEST49730443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.632112980 CEST4434973035.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.720168114 CEST4434972935.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.720412016 CEST4434972935.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.720568895 CEST49729443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.720568895 CEST49729443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.720653057 CEST49729443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.832042933 CEST4434973035.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.832305908 CEST4434973035.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.832397938 CEST49730443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.832482100 CEST49730443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.832496881 CEST4434973035.190.80.1192.168.2.16
                        Apr 25, 2024 22:45:46.832511902 CEST49730443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:46.832547903 CEST49730443192.168.2.1635.190.80.1
                        Apr 25, 2024 22:45:49.707564116 CEST49731443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:49.707593918 CEST44349731142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:49.707684040 CEST49731443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:49.708010912 CEST49731443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:49.708024979 CEST44349731142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:49.933192968 CEST44349731142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:49.933638096 CEST49731443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:49.933660030 CEST44349731142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:49.935126066 CEST44349731142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:49.935257912 CEST49731443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:49.935663939 CEST49731443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:49.935735941 CEST44349731142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:49.978384018 CEST49731443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:49.978413105 CEST44349731142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:50.026390076 CEST49731443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:45:59.943151951 CEST44349731142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:59.943249941 CEST44349731142.251.15.104192.168.2.16
                        Apr 25, 2024 22:45:59.943361044 CEST49731443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:46:01.020529032 CEST49731443192.168.2.16142.251.15.104
                        Apr 25, 2024 22:46:01.020555973 CEST44349731142.251.15.104192.168.2.16

                        UDP Packets

                        TimestampSource PortDest PortSource IPDest IP
                        Apr 25, 2024 22:44:44.796962976 CEST5303653192.168.2.161.1.1.1
                        Apr 25, 2024 22:44:44.797101021 CEST5887853192.168.2.161.1.1.1
                        Apr 25, 2024 22:44:44.905745983 CEST53528541.1.1.1192.168.2.16
                        Apr 25, 2024 22:44:44.928751945 CEST53588781.1.1.1192.168.2.16
                        Apr 25, 2024 22:44:44.944428921 CEST53530361.1.1.1192.168.2.16
                        Apr 25, 2024 22:44:44.960433960 CEST53552451.1.1.1192.168.2.16
                        Apr 25, 2024 22:44:45.576647043 CEST53499201.1.1.1192.168.2.16
                        Apr 25, 2024 22:44:45.759417057 CEST5459553192.168.2.161.1.1.1
                        Apr 25, 2024 22:44:45.759708881 CEST5679453192.168.2.161.1.1.1
                        Apr 25, 2024 22:44:45.869364977 CEST53545951.1.1.1192.168.2.16
                        Apr 25, 2024 22:44:45.869688034 CEST53567941.1.1.1192.168.2.16
                        Apr 25, 2024 22:44:47.999944925 CEST5013753192.168.2.161.1.1.1
                        Apr 25, 2024 22:44:48.000276089 CEST5388053192.168.2.161.1.1.1
                        Apr 25, 2024 22:44:48.128700972 CEST53501371.1.1.1192.168.2.16
                        Apr 25, 2024 22:44:48.157649994 CEST53538801.1.1.1192.168.2.16
                        Apr 25, 2024 22:44:49.652045012 CEST5816953192.168.2.161.1.1.1
                        Apr 25, 2024 22:44:49.652173042 CEST6407853192.168.2.161.1.1.1
                        Apr 25, 2024 22:44:49.762190104 CEST53581691.1.1.1192.168.2.16
                        Apr 25, 2024 22:44:49.762608051 CEST53640781.1.1.1192.168.2.16
                        Apr 25, 2024 22:45:02.612463951 CEST53616541.1.1.1192.168.2.16
                        Apr 25, 2024 22:45:21.326416016 CEST53636761.1.1.1192.168.2.16
                        Apr 25, 2024 22:45:43.776746988 CEST53550681.1.1.1192.168.2.16
                        Apr 25, 2024 22:45:44.914352894 CEST53627471.1.1.1192.168.2.16
                        Apr 25, 2024 22:45:45.761436939 CEST6249653192.168.2.161.1.1.1
                        Apr 25, 2024 22:45:45.761651993 CEST5631653192.168.2.161.1.1.1
                        Apr 25, 2024 22:45:45.871293068 CEST53624961.1.1.1192.168.2.16
                        Apr 25, 2024 22:45:45.871423006 CEST53563161.1.1.1192.168.2.16
                        Apr 25, 2024 22:45:53.213829994 CEST138138192.168.2.16192.168.2.255
                        Apr 25, 2024 22:46:12.771608114 CEST53526091.1.1.1192.168.2.16

                        DNS Queries

                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                        Apr 25, 2024 22:44:44.796962976 CEST192.168.2.161.1.1.10x62c7Standard query (0)fusiongsb.comA (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:44.797101021 CEST192.168.2.161.1.1.10xd5a0Standard query (0)fusiongsb.com65IN (0x0001)false
                        Apr 25, 2024 22:44:45.759417057 CEST192.168.2.161.1.1.10x6f9Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:45.759708881 CEST192.168.2.161.1.1.10x8d5eStandard query (0)a.nel.cloudflare.com65IN (0x0001)false
                        Apr 25, 2024 22:44:47.999944925 CEST192.168.2.161.1.1.10x8127Standard query (0)fusiongsb.comA (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:48.000276089 CEST192.168.2.161.1.1.10x5c22Standard query (0)fusiongsb.com65IN (0x0001)false
                        Apr 25, 2024 22:44:49.652045012 CEST192.168.2.161.1.1.10x22c2Standard query (0)www.google.comA (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:49.652173042 CEST192.168.2.161.1.1.10x61dcStandard query (0)www.google.com65IN (0x0001)false
                        Apr 25, 2024 22:45:45.761436939 CEST192.168.2.161.1.1.10x3284Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                        Apr 25, 2024 22:45:45.761651993 CEST192.168.2.161.1.1.10x6475Standard query (0)a.nel.cloudflare.com65IN (0x0001)false

                        DNS Answers

                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                        Apr 25, 2024 22:44:44.928751945 CEST1.1.1.1192.168.2.160xd5a0No error (0)fusiongsb.com65IN (0x0001)false
                        Apr 25, 2024 22:44:44.944428921 CEST1.1.1.1192.168.2.160x62c7No error (0)fusiongsb.com104.21.20.41A (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:44.944428921 CEST1.1.1.1192.168.2.160x62c7No error (0)fusiongsb.com172.67.191.82A (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:45.869364977 CEST1.1.1.1192.168.2.160x6f9No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:48.128700972 CEST1.1.1.1192.168.2.160x8127No error (0)fusiongsb.com104.21.20.41A (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:48.128700972 CEST1.1.1.1192.168.2.160x8127No error (0)fusiongsb.com172.67.191.82A (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:48.157649994 CEST1.1.1.1192.168.2.160x5c22No error (0)fusiongsb.com65IN (0x0001)false
                        Apr 25, 2024 22:44:49.762190104 CEST1.1.1.1192.168.2.160x22c2No error (0)www.google.com142.251.15.104A (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:49.762190104 CEST1.1.1.1192.168.2.160x22c2No error (0)www.google.com142.251.15.147A (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:49.762190104 CEST1.1.1.1192.168.2.160x22c2No error (0)www.google.com142.251.15.103A (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:49.762190104 CEST1.1.1.1192.168.2.160x22c2No error (0)www.google.com142.251.15.105A (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:49.762190104 CEST1.1.1.1192.168.2.160x22c2No error (0)www.google.com142.251.15.106A (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:49.762190104 CEST1.1.1.1192.168.2.160x22c2No error (0)www.google.com142.251.15.99A (IP address)IN (0x0001)false
                        Apr 25, 2024 22:44:49.762608051 CEST1.1.1.1192.168.2.160x61dcNo error (0)www.google.com65IN (0x0001)false
                        Apr 25, 2024 22:45:45.871293068 CEST1.1.1.1192.168.2.160x3284No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false

                        HTTP Request Dependency Graph

                        • fusiongsb.com
                        • https:
                        • a.nel.cloudflare.com
                        • www.google.com
                        • fs.microsoft.com
                        • slscr.update.microsoft.com

                        HTTPS Proxied Packets

                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        0192.168.2.1649697104.21.20.414432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:45 UTC663OUTGET /wofice/ HTTP/1.1
                        Host: fusiongsb.com
                        Connection: keep-alive
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        sec-ch-ua-mobile: ?0
                        sec-ch-ua-platform: "Windows"
                        Upgrade-Insecure-Requests: 1
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                        Sec-Fetch-Site: none
                        Sec-Fetch-Mode: navigate
                        Sec-Fetch-User: ?1
                        Sec-Fetch-Dest: document
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-04-25 20:44:45 UTC1355INHTTP/1.1 503 Service Unavailable
                        Date: Thu, 25 Apr 2024 20:44:45 GMT
                        Content-Type: text/html; charset=utf-8
                        Transfer-Encoding: chunked
                        Connection: close
                        X-Content-Type-Options: nosniff
                        X-Content-Type-Options: nosniff
                        X-XSS-Protection: 1; mode=block
                        X-XSS-Protection: 1; mode=block
                        Set-Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; path=/; expires=Fri, 26-Apr-24 20:44:39 GMT; Max-Age=86400;
                        Set-Cookie: NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; path=/; expires=Fri, 26-Apr-24 20:44:39 GMT; Max-Age=86400;
                        Set-Cookie: k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; path=/; expires=Fri, 26-Apr-24 20:44:39 GMT; Max-Age=86400;
                        Set-Cookie: euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; path=/; expires=Fri, 26-Apr-24 20:44:39 GMT; Max-Age=86400;
                        X-Frame-Options: SAMEORIGIN
                        Cache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                        Pragma: no-cache
                        Expires: 0
                        CF-Cache-Status: DYNAMIC
                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kfZToPRVaKEJl0zDXxWDSplsBRZUf222z%2FAeDoJPj4tcffjdU20uRXvpsow1nccs0SqRmtNxS2fsSQ0E7kV0EnGPtSkk25XVHfEzo9cm6Ke7K0aJ2keTG9WkTDWxLwz"}],"group":"cf-nel","max_age":604800}
                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                        Server: cloudflare
                        CF-RAY: 87a12c3fa81e452b-ATL
                        alt-svc: h3=":443"; ma=86400
                        2024-04-25 20:44:45 UTC14INData Raw: 31 32 39 33 0d 0a 3c 21 44 4f 43 54 59 50
                        Data Ascii: 1293<!DOCTYP
                        2024-04-25 20:44:45 UTC1369INData Raw: 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 2c 63 68 72 6f 6d 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d
                        Data Ascii: E html><html><head><meta charset="utf-8" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" /><meta name="viewport" content="width=device-width, initial-scale=1, maxim
                        2024-04-25 20:44:45 UTC1369INData Raw: 5c 78 36 35 5c 78 36 45 5c 78 37 34 5c 78 32 38 5c 78 32 32 5c 78 36 46 5c 78 36 45 5c 78 37 32 5c 78 36 35 5c 78 36 31 5c 78 36 34 5c 78 37 39 5c 78 37 33 5c 78 37 34 5c 78 36 31 5c 78 37 34 5c 78 36 35 5c 78 36 33 5c 78 36 38 5c 78 36 31 5c 78 36 45 5c 78 36 37 5c 78 36 35 5c 78 32 32 5c 78 32 43 5c 78 32 30 5c 78 36 32 5c 78 32 39 5c 78 37 44 5c 78 33 42 5c 78 30 41 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 36 32 5c 78 32 38 5c 78 36 36 5c 78 37 35 5c 78 36 45 5c 78 36 33 5c 78 37 34 5c 78 36 39 5c 78 36 46 5c 78 36 45 5c 78 32 38 5c 78 32 39 5c 78 37 42 5c 78 30 41 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32
                        Data Ascii: \x65\x6E\x74\x28\x22\x6F\x6E\x72\x65\x61\x64\x79\x73\x74\x61\x74\x65\x63\x68\x61\x6E\x67\x65\x22\x2C\x20\x62\x29\x7D\x3B\x0A\x20\x20\x20\x20\x20\x20\x20\x20\x62\x28\x66\x75\x6E\x63\x74\x69\x6F\x6E\x28\x29\x7B\x0A\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x2
                        2024-04-25 20:44:45 UTC1369INData Raw: 78 37 38 5c 78 37 30 5c 78 36 39 5c 78 37 32 5c 78 36 35 5c 78 37 33 5c 78 33 44 5c 78 32 37 5c 78 32 30 5c 78 32 42 5c 78 32 30 5c 78 32 37 5c 78 34 36 5c 78 37 32 5c 78 36 39 5c 78 32 43 5c 78 32 30 5c 78 33 32 5c 78 33 36 5c 78 32 44 5c 78 34 31 5c 78 37 30 5c 78 37 32 5c 78 32 44 5c 78 33 32 5c 78 33 34 5c 78 32 30 5c 78 33 32 5c 78 33 30 5c 78 33 41 5c 78 33 34 5c 78 33 34 5c 78 33 41 5c 78 33 34 5c 78 33 35 5c 78 32 30 5c 78 34 37 5c 78 34 44 5c 78 35 34 5c 78 32 37 5c 78 32 30 5c 78 32 42 5c 78 32 30 5c 78 32 37 5c 78 33 42 5c 78 32 30 5c 78 37 30 5c 78 36 31 5c 78 37 34 5c 78 36 38 5c 78 33 44 5c 78 32 46 5c 78 32 37 5c 78 33 42 5c 78 30 41 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30
                        Data Ascii: x78\x70\x69\x72\x65\x73\x3D\x27\x20\x2B\x20\x27\x46\x72\x69\x2C\x20\x32\x36\x2D\x41\x70\x72\x2D\x32\x34\x20\x32\x30\x3A\x34\x34\x3A\x34\x35\x20\x47\x4D\x54\x27\x20\x2B\x20\x27\x3B\x20\x70\x61\x74\x68\x3D\x2F\x27\x3B\x0A\x20\x20\x20\x20\x20\x20\x20\x20\x20
                        2024-04-25 20:44:45 UTC642INData Raw: 32 38 5c 78 32 31 5c 78 37 37 5c 78 36 39 5c 78 36 45 5c 78 36 34 5c 78 36 46 5c 78 37 37 5c 78 32 45 5c 78 36 35 5c 78 36 44 5c 78 36 39 5c 78 37 34 5c 78 32 39 5c 78 37 42 5c 78 32 46 5c 78 32 41 5c 78 36 33 5c 78 36 46 5c 78 37 35 5c 78 36 33 5c 78 36 38 5c 78 36 41 5c 78 37 33 5c 78 32 41 5c 78 32 46 5c 78 30 41 5c 78 36 39 5c 78 36 36 5c 78 32 38 5c 78 32 31 5c 78 37 37 5c 78 36 39 5c 78 36 45 5c 78 36 34 5c 78 36 46 5c 78 37 37 5c 78 32 45 5c 78 37 33 5c 78 37 30 5c 78 36 31 5c 78 37 37 5c 78 36 45 5c 78 32 39 5c 78 37 42 5c 78 32 46 5c 78 32 41 5c 78 37 32 5c 78 36 38 5c 78 36 39 5c 78 36 45 5c 78 36 46 5c 78 32 41 5c 78 32 46 5c 78 30 41 5c 78 36 39 5c 78 36 36 5c 78 32 38 5c 78 32 31 5c 78 37 37 5c 78 36 39 5c 78 36 45 5c 78 36 34 5c 78 36 46 5c
                        Data Ascii: 28\x21\x77\x69\x6E\x64\x6F\x77\x2E\x65\x6D\x69\x74\x29\x7B\x2F\x2A\x63\x6F\x75\x63\x68\x6A\x73\x2A\x2F\x0A\x69\x66\x28\x21\x77\x69\x6E\x64\x6F\x77\x2E\x73\x70\x61\x77\x6E\x29\x7B\x2F\x2A\x72\x68\x69\x6E\x6F\x2A\x2F\x0A\x69\x66\x28\x21\x77\x69\x6E\x64\x6F\
                        2024-04-25 20:44:45 UTC1369INData Raw: 32 31 37 38 0d 0a 36 44 5c 78 32 30 5c 78 36 32 5c 78 36 31 5c 78 37 33 5c 78 36 35 5c 78 36 34 5c 78 32 30 5c 78 36 31 5c 78 37 35 5c 78 37 34 5c 78 36 46 5c 78 36 44 5c 78 36 31 5c 78 37 34 5c 78 36 39 5c 78 36 46 5c 78 36 45 5c 78 32 30 5c 78 36 34 5c 78 37 32 5c 78 36 39 5c 78 37 36 5c 78 36 35 5c 78 37 32 5c 78 32 41 5c 78 32 46 5c 78 30 41 5c 78 36 39 5c 78 36 36 5c 78 32 38 5c 78 32 31 5c 78 37 37 5c 78 36 39 5c 78 36 45 5c 78 36 34 5c 78 36 46 5c 78 37 37 5c 78 32 45 5c 78 36 34 5c 78 36 46 5c 78 36 33 5c 78 37 35 5c 78 36 44 5c 78 36 35 5c 78 36 45 5c 78 37 34 5c 78 32 45 5c 78 36 34 5c 78 36 46 5c 78 36 33 5c 78 37 35 5c 78 36 44 5c 78 36 35 5c 78 36 45 5c 78 37 34 5c 78 34 35 5c 78 36 43 5c 78 36 35 5c 78 36 44 5c 78 36 35 5c 78 36 45 5c 78 37
                        Data Ascii: 21786D\x20\x62\x61\x73\x65\x64\x20\x61\x75\x74\x6F\x6D\x61\x74\x69\x6F\x6E\x20\x64\x72\x69\x76\x65\x72\x2A\x2F\x0A\x69\x66\x28\x21\x77\x69\x6E\x64\x6F\x77\x2E\x64\x6F\x63\x75\x6D\x65\x6E\x74\x2E\x64\x6F\x63\x75\x6D\x65\x6E\x74\x45\x6C\x65\x6D\x65\x6E\x7
                        2024-04-25 20:44:45 UTC1369INData Raw: 78 36 36 5c 78 35 44 5c 78 37 42 5c 78 33 33 5c 78 33 32 5c 78 37 44 5c 78 35 43 5c 78 37 33 5c 78 32 41 5c 78 33 44 5c 78 35 43 5c 78 37 33 5c 78 32 41 5c 78 32 38 5c 78 35 42 5c 78 35 45 5c 78 33 42 5c 78 35 44 5c 78 32 42 5c 78 32 39 5c 78 32 38 5c 78 33 46 5c 78 33 41 5c 78 32 45 5c 78 32 41 5c 78 32 39 5c 78 33 46 5c 78 32 34 5c 78 32 46 5c 78 32 39 5c 78 32 39 5c 78 37 42 5c 78 32 41 5c 78 32 46 5c 78 32 46 5c 78 32 41 5c 78 34 38 5c 78 37 34 5c 78 37 34 5c 78 37 30 5c 78 34 46 5c 78 36 45 5c 78 36 43 5c 78 37 39 5c 78 32 30 5c 78 34 33 5c 78 36 46 5c 78 36 46 5c 78 36 42 5c 78 36 39 5c 78 36 35 5c 78 32 30 5c 78 36 36 5c 78 36 43 5c 78 36 31 5c 78 36 37 5c 78 37 33 5c 78 32 30 5c 78 37 30 5c 78 37 32 5c 78 36 35 5c 78 37 36 5c 78 36 35 5c 78 36 45
                        Data Ascii: x66\x5D\x7B\x33\x32\x7D\x5C\x73\x2A\x3D\x5C\x73\x2A\x28\x5B\x5E\x3B\x5D\x2B\x29\x28\x3F\x3A\x2E\x2A\x29\x3F\x24\x2F\x29\x29\x7B\x2A\x2F\x2F\x2A\x48\x74\x74\x70\x4F\x6E\x6C\x79\x20\x43\x6F\x6F\x6B\x69\x65\x20\x66\x6C\x61\x67\x73\x20\x70\x72\x65\x76\x65\x6E
                        2024-04-25 20:44:45 UTC1369INData Raw: 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 37 38 5c 78 36 38 5c 78 37 34 5c 78 37 34 5c 78 37 30 5c 78 32 45 5c 78 36 46 5c 78 36 45 5c 78 37 32 5c 78 36 35 5c 78 36 31 5c 78 36 34 5c 78 37 39 5c 78 37 33 5c 78 37 34 5c 78 36 31 5c 78 37 34 5c 78 36 35 5c 78 36 33 5c 78 36 38 5c 78 36 31 5c 78 36 45 5c 78 36 37 5c 78 36 35 5c 78 32 30 5c 78 33 44 5c 78 32 30 5c 78 36 36 5c 78 37 35 5c 78 36 45 5c 78 36 33 5c 78 37 34 5c 78 36 39 5c 78 36 46 5c 78 36 45 5c 78 32 38 5c 78 32 39 5c 78 32 30 5c 78 37 42 5c 78 30 41 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c
                        Data Ascii: 20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x78\x68\x74\x74\x70\x2E\x6F\x6E\x72\x65\x61\x64\x79\x73\x74\x61\x74\x65\x63\x68\x61\x6E\x67\x65\x20\x3D\x20\x66\x75\x6E\x63\x74\x69\x6F\x6E\x28\x29\x20\x7B\x0A\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\
                        2024-04-25 20:44:45 UTC1369INData Raw: 30 5c 78 33 45 5c 78 32 30 5c 78 33 30 5c 78 32 39 5c 78 32 30 5c 78 37 42 5c 78 30 41 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 36 34 5c 78 36 46 5c 78 36 33 5c 78 37 35 5c 78
                        Data Ascii: 0\x3E\x20\x30\x29\x20\x7B\x0A\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x64\x6F\x63\x75\x
                        2024-04-25 20:44:45 UTC1369INData Raw: 5c 78 32 45 5c 78 37 32 5c 78 36 35 5c 78 36 43 5c 78 36 46 5c 78 36 31 5c 78 36 34 5c 78 32 38 5c 78 32 39 5c 78 33 42 5c 78 30 41 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 32 30 5c 78 37 44 5c 78 30 41 5c 78 32 30 5c 78 32 30 5c 78 37 44 5c 78 30 41 5c 78 37 44 5c 78 32 30 5c 78 36 35 5c 78 36 43 5c 78 37 33 5c 78 36 35 5c 78 32
                        Data Ascii: \x2E\x72\x65\x6C\x6F\x61\x64\x28\x29\x3B\x0A\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x7D\x0A\x20\x20\x7D\x0A\x7D\x20\x65\x6C\x73\x65\x2


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        1192.168.2.1649696104.21.20.414432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:45 UTC1105OUTPOST /wofice/ HTTP/1.1
                        Host: fusiongsb.com
                        Connection: keep-alive
                        Content-Length: 22
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        X-Requested-TimeStamp-Expire:
                        sec-ch-ua-mobile: ?0
                        X-Requested-TimeStamp-Combination:
                        X-Requested-Type-Combination: GET
                        q9MD7iQpZPpiUrqXMIj8kCxLmA: 44282448
                        Content-type: application/x-www-form-urlencoded
                        X-Requested-Type: GET
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        X-Requested-with: XMLHttpRequest
                        X-Requested-TimeStamp:
                        sec-ch-ua-platform: "Windows"
                        Accept: */*
                        Origin: https://fusiongsb.com
                        Sec-Fetch-Site: same-origin
                        Sec-Fetch-Mode: cors
                        Sec-Fetch-Dest: empty
                        Referer: https://fusiongsb.com/wofice/
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM
                        2024-04-25 20:44:45 UTC22OUTData Raw: 6e 61 6d 65 31 3d 48 65 6e 72 79 26 6e 61 6d 65 32 3d 46 6f 72 64
                        Data Ascii: name1=Henry&name2=Ford
                        2024-04-25 20:44:46 UTC1286INHTTP/1.1 204 No Content
                        Date: Thu, 25 Apr 2024 20:44:46 GMT
                        Connection: close
                        X-Content-Type-Options: nosniff
                        X-Content-Type-Options: nosniff
                        X-XSS-Protection: 1; mode=block
                        X-XSS-Protection: 1; mode=block
                        Set-Cookie: l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; path=/; expires=Fri, 26-Apr-24 20:44:46 GMT; Max-Age=86400;
                        Set-Cookie: U6_P53pZRqwS_7lDcGqq19s8S5M=1714077886; path=/; expires=Fri, 26-Apr-24 20:44:46 GMT; Max-Age=86400;
                        Set-Cookie: VqcVrnlssPQkLGgKtGOOBKlbFR4=1714164286; path=/; expires=Fri, 26-Apr-24 20:44:46 GMT; Max-Age=86400;
                        Set-Cookie: 4Y1UXwmRc0_V9rR4m_cpiFcBABk=7h5lT5W6w46NuL09W-toz22MxB8; path=/; expires=Fri, 26-Apr-24 20:44:46 GMT; Max-Age=86400;
                        X-Frame-Options: SAMEORIGIN
                        Cache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                        Pragma: no-cache
                        Expires: 0
                        CF-Cache-Status: DYNAMIC
                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J4nhhyK9OIgR%2F1XEcQ65cczB0S6%2Fp4W2NdsWSqgjLz%2BLqbh13cT2xjNl9CYR9yVvrtYDBn56kP4R3C9wLJ8Wg9V7TH488fAW%2FOorakIJ5I92TCe1%2F2SgagetkzEnCR8M"}],"group":"cf-nel","max_age":604800}
                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                        Server: cloudflare
                        CF-RAY: 87a12c436a994531-ATL
                        alt-svc: h3=":443"; ma=86400


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        2192.168.2.164970035.190.80.14432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:46 UTC524OUTOPTIONS /report/v4?s=2kfZToPRVaKEJl0zDXxWDSplsBRZUf222z%2FAeDoJPj4tcffjdU20uRXvpsow1nccs0SqRmtNxS2fsSQ0E7kV0EnGPtSkk25XVHfEzo9cm6Ke7K0aJ2keTG9WkTDWxLwz HTTP/1.1
                        Host: a.nel.cloudflare.com
                        Connection: keep-alive
                        Origin: https://fusiongsb.com
                        Access-Control-Request-Method: POST
                        Access-Control-Request-Headers: content-type
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-04-25 20:44:46 UTC336INHTTP/1.1 200 OK
                        Content-Length: 0
                        access-control-max-age: 86400
                        access-control-allow-methods: OPTIONS, POST
                        access-control-allow-origin: *
                        access-control-allow-headers: content-type, content-length
                        date: Thu, 25 Apr 2024 20:44:46 GMT
                        Via: 1.1 google
                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                        Connection: close


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        3192.168.2.1649701104.21.20.414432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:46 UTC783OUTGET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
                        Host: fusiongsb.com
                        Connection: keep-alive
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        sec-ch-ua-mobile: ?0
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        sec-ch-ua-platform: "Windows"
                        Accept: */*
                        Sec-Fetch-Site: same-origin
                        Sec-Fetch-Mode: no-cors
                        Sec-Fetch-Dest: script
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM
                        2024-04-25 20:44:46 UTC640INHTTP/1.1 302 Found
                        Date: Thu, 25 Apr 2024 20:44:46 GMT
                        Content-Length: 0
                        Connection: close
                        access-control-allow-origin: *
                        location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
                        cache-control: max-age=300, public
                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aVbm1HLo7eDv2UnFJTiUtJl72SAbeuAQV6qkd6qqi6JCsWRfEaluWHG82k%2BWmyLIBAwnfgQDG3PUAk%2Fe1RkRH%2BZhqWXSCXPkUdBzrL5uf4NtKGBpYmcApMLAdij2YvcR"}],"group":"cf-nel","max_age":604800}
                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                        Server: cloudflare
                        CF-RAY: 87a12c45cc42add5-ATL
                        alt-svc: h3=":443"; ma=86400


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        4192.168.2.164970235.190.80.14432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:46 UTC468OUTPOST /report/v4?s=2kfZToPRVaKEJl0zDXxWDSplsBRZUf222z%2FAeDoJPj4tcffjdU20uRXvpsow1nccs0SqRmtNxS2fsSQ0E7kV0EnGPtSkk25XVHfEzo9cm6Ke7K0aJ2keTG9WkTDWxLwz HTTP/1.1
                        Host: a.nel.cloudflare.com
                        Connection: keep-alive
                        Content-Length: 389
                        Content-Type: application/reports+json
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-04-25 20:44:46 UTC389OUTData Raw: 5b 7b 22 61 67 65 22 3a 31 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 38 39 35 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 32 30 2e 34 31 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 35 30 33 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 66 75 73 69 6f 6e 67 73 62 2e 63 6f 6d 2f 77 6f 66
                        Data Ascii: [{"age":1,"body":{"elapsed_time":895,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"104.21.20.41","status_code":503,"type":"http.error"},"type":"network-error","url":"https://fusiongsb.com/wof
                        2024-04-25 20:44:46 UTC168INHTTP/1.1 200 OK
                        Content-Length: 0
                        date: Thu, 25 Apr 2024 20:44:46 GMT
                        Via: 1.1 google
                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                        Connection: close


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        5192.168.2.1649703104.21.20.414432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:46 UTC1086OUTGET /wofice/ HTTP/1.1
                        Host: fusiongsb.com
                        Connection: keep-alive
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        sec-ch-ua-mobile: ?0
                        sec-ch-ua-platform: "Windows"
                        Upgrade-Insecure-Requests: 1
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                        Sec-Fetch-Site: same-origin
                        Sec-Fetch-Mode: navigate
                        Sec-Fetch-Dest: document
                        Referer: https://fusiongsb.com/wofice/
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714077886; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714164286; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=7h5lT5W6w46NuL09W-toz22MxB8
                        2024-04-25 20:44:47 UTC717INHTTP/1.1 404 Not Found
                        Date: Thu, 25 Apr 2024 20:44:47 GMT
                        Content-Type: text/html
                        Transfer-Encoding: chunked
                        Connection: close
                        Vary: Accept-Encoding
                        X-Content-Type-Options: nosniff
                        X-Content-Type-Options: nosniff
                        X-XSS-Protection: 1; mode=block
                        X-XSS-Protection: 1; mode=block
                        CF-Cache-Status: DYNAMIC
                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jFwYfN0p%2B5Nl7ku79uZnYu0DiukUulYj88WORr52fpkwzXFTCllxHDREthNBdwPyD9qOdkLzR1hQ%2F7zz33GmM3KZoe%2BVC6dZ4%2FuxOky7QINvBTijdwN7tNiVGZ7i2dfh"}],"group":"cf-nel","max_age":604800}
                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                        Server: cloudflare
                        CF-RAY: 87a12c48f935677d-ATL
                        alt-svc: h3=":443"; ma=86400
                        2024-04-25 20:44:47 UTC652INData Raw: 35 35 66 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 3c 73 63 72 69 70 74
                        Data Ascii: 55f<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><script
                        2024-04-25 20:44:47 UTC730INData Raw: 61 62 73 6f 6c 75 74 65 27 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 74 6f 70 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 6c 65 66 74 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 20 3d 20 27 6e 6f 6e 65 27 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 76 69 73 69 62 69 6c 69 74 79 20 3d 20 27 68 69 64 64 65 6e 27 3b 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 5f 30 78 68 29 3b 66 75 6e 63 74 69 6f 6e 20 68 61 6e 64 6c 65 72 28 29 20 7b 76 61 72 20 5f 30 78 69 20 3d 20 5f 30 78 68 2e 63 6f 6e 74 65 6e 74 44 6f 63 75 6d 65 6e 74 20 7c 7c 20 5f 30 78 68 2e 63 6f 6e 74 65 6e 74 57 69 6e 64 6f 77 2e 64 6f 63 75 6d 65 6e 74 3b 69 66 20 28 5f 30 78 69 29 20 7b 76 61 72 20 5f 30 78 6a 20 3d 20 5f 30 78 69 2e 63 72 65 61
                        Data Ascii: absolute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style.border = 'none';_0xh.style.visibility = 'hidden';document.body.appendChild(_0xh);function handler() {var _0xi = _0xh.contentDocument || _0xh.contentWindow.document;if (_0xi) {var _0xj = _0xi.crea
                        2024-04-25 20:44:47 UTC5INData Raw: 30 0d 0a 0d 0a
                        Data Ascii: 0


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        6192.168.2.1649704104.21.20.414432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:46 UTC800OUTGET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
                        Host: fusiongsb.com
                        Connection: keep-alive
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        sec-ch-ua-mobile: ?0
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        sec-ch-ua-platform: "Windows"
                        Accept: */*
                        Sec-Fetch-Site: same-origin
                        Sec-Fetch-Mode: no-cors
                        Sec-Fetch-Dest: script
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM
                        2024-04-25 20:44:46 UTC653INHTTP/1.1 200 OK
                        Date: Thu, 25 Apr 2024 20:44:46 GMT
                        Content-Type: application/javascript; charset=UTF-8
                        Transfer-Encoding: chunked
                        Connection: close
                        vary: accept-encoding
                        x-content-type-options: nosniff
                        cache-control: max-age=14400, public
                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2BlnQKkvu%2Fgak2oX8%2BueYQBUVQg1OfbyuPolD5XBt%2BASRStZsNzeywvYlm9jDacNGDfqwDMfgpJhJYUlMqBwZzXEjNW9pyHuTbwTZTOlc9R7%2F7ShyW50FaNr2XnLUxk1"}],"group":"cf-nel","max_age":604800}
                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                        Server: cloudflare
                        CF-RAY: 87a12c492b315083-ATL
                        alt-svc: h3=":443"; ma=86400
                        2024-04-25 20:44:46 UTC716INData Raw: 31 65 37 65 0d 0a 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 3d 7b 63 46 50 57 76 3a 27 62 27 7d 3b 7e 66 75 6e 63 74 69 6f 6e 28 56 2c 67 2c 68 2c 6d 2c 6e 2c 78 2c 79 2c 41 29 7b 56 3d 62 2c 66 75 6e 63 74 69 6f 6e 28 63 2c 65 2c 55 2c 66 2c 43 29 7b 66 6f 72 28 55 3d 62 2c 66 3d 63 28 29 3b 21 21 5b 5d 3b 29 74 72 79 7b 69 66 28 43 3d 2d 70 61 72 73 65 49 6e 74 28 55 28 32 35 35 29 29 2f 31 2b 70 61 72 73 65 49 6e 74 28 55 28 32 39 36 29 29 2f 32 2b 2d 70 61 72 73 65 49 6e 74 28 55 28 32 32 39 29 29 2f 33 2b 70 61 72 73 65 49 6e 74 28 55 28 32 33 31 29 29 2f 34 2b 70 61 72 73 65 49 6e 74 28 55 28 33 30 34 29 29 2f 35 2a 28 70 61 72 73 65 49 6e 74 28 55 28 32 35 36 29 29 2f 36 29 2b 70 61 72 73 65 49 6e 74 28 55 28 32 32 35 29 29 2f 37 2a 28
                        Data Ascii: 1e7ewindow._cf_chl_opt={cFPWv:'b'};~function(V,g,h,m,n,x,y,A){V=b,function(c,e,U,f,C){for(U=b,f=c();!![];)try{if(C=-parseInt(U(255))/1+parseInt(U(296))/2+-parseInt(U(229))/3+parseInt(U(231))/4+parseInt(U(304))/5*(parseInt(U(256))/6)+parseInt(U(225))/7*(
                        2024-04-25 20:44:46 UTC1369INData Raw: 6e 63 74 69 6f 6e 28 4e 2c 61 35 2c 4f 29 7b 66 6f 72 28 61 35 3d 61 34 2c 4e 5b 61 35 28 33 30 32 29 5d 28 29 2c 4f 3d 30 3b 4f 3c 4e 5b 61 35 28 32 38 36 29 5d 3b 4e 5b 4f 2b 31 5d 3d 3d 3d 4e 5b 4f 5d 3f 4e 5b 61 35 28 32 33 34 29 5d 28 4f 2b 31 2c 31 29 3a 4f 2b 3d 31 29 3b 72 65 74 75 72 6e 20 4e 7d 28 48 29 2c 49 3d 27 6e 41 73 41 61 41 62 27 2e 73 70 6c 69 74 28 27 41 27 29 2c 49 3d 49 5b 61 34 28 32 35 33 29 5d 5b 61 34 28 32 30 39 29 5d 28 49 29 2c 4a 3d 30 3b 4a 3c 48 5b 61 34 28 32 38 36 29 5d 3b 4b 3d 48 5b 4a 5d 2c 4c 3d 73 28 43 2c 44 2c 4b 29 2c 49 28 4c 29 3f 28 4d 3d 4c 3d 3d 3d 27 73 27 26 26 21 43 5b 61 34 28 32 33 38 29 5d 28 44 5b 4b 5d 29 2c 61 34 28 32 31 34 29 3d 3d 3d 45 2b 4b 3f 47 28 45 2b 4b 2c 4c 29 3a 4d 7c 7c 47 28 45 2b 4b
                        Data Ascii: nction(N,a5,O){for(a5=a4,N[a5(302)](),O=0;O<N[a5(286)];N[O+1]===N[O]?N[a5(234)](O+1,1):O+=1);return N}(H),I='nAsAaAb'.split('A'),I=I[a4(253)][a4(209)](I),J=0;J<H[a4(286)];K=H[J],L=s(C,D,K),I(L)?(M=L==='s'&&!C[a4(238)](D[K]),a4(214)===E+K?G(E+K,L):M||G(E+K
                        2024-04-25 20:44:46 UTC1369INData Raw: 3d 4f 3c 3c 31 2e 36 32 7c 54 2c 50 3d 3d 45 2d 31 3f 28 50 3d 30 2c 4e 5b 61 61 28 32 31 30 29 5d 28 46 28 4f 29 29 2c 4f 3d 30 29 3a 50 2b 2b 2c 54 3d 30 2c 47 2b 2b 29 3b 66 6f 72 28 54 3d 4a 5b 61 61 28 32 31 39 29 5d 28 30 29 2c 47 3d 30 3b 31 36 3e 47 3b 4f 3d 54 26 31 2e 37 33 7c 4f 3c 3c 31 2c 50 3d 3d 45 2d 31 3f 28 50 3d 30 2c 4e 5b 61 61 28 32 31 30 29 5d 28 46 28 4f 29 29 2c 4f 3d 30 29 3a 50 2b 2b 2c 54 3e 3e 3d 31 2c 47 2b 2b 29 3b 7d 4b 2d 2d 2c 30 3d 3d 4b 26 26 28 4b 3d 4d 61 74 68 5b 61 61 28 32 35 37 29 5d 28 32 2c 4d 29 2c 4d 2b 2b 29 2c 64 65 6c 65 74 65 20 49 5b 4a 5d 7d 65 6c 73 65 20 66 6f 72 28 54 3d 48 5b 4a 5d 2c 47 3d 30 3b 47 3c 4d 3b 4f 3d 31 26 54 7c 4f 3c 3c 31 2e 33 37 2c 45 2d 31 3d 3d 50 3f 28 50 3d 30 2c 4e 5b 61 61 28
                        Data Ascii: =O<<1.62|T,P==E-1?(P=0,N[aa(210)](F(O)),O=0):P++,T=0,G++);for(T=J[aa(219)](0),G=0;16>G;O=T&1.73|O<<1,P==E-1?(P=0,N[aa(210)](F(O)),O=0):P++,T>>=1,G++);}K--,0==K&&(K=Math[aa(257)](2,M),M++),delete I[J]}else for(T=H[J],G=0;G<M;O=1&T|O<<1.37,E-1==P?(P=0,N[aa(
                        2024-04-25 20:44:46 UTC1369INData Raw: 2c 51 7c 3d 28 30 3c 53 3f 31 3a 30 29 2a 4d 2c 4d 3c 3c 3d 31 29 3b 73 77 69 74 63 68 28 51 29 7b 63 61 73 65 20 30 3a 66 6f 72 28 51 3d 30 2c 52 3d 4d 61 74 68 5b 61 64 28 32 35 37 29 5d 28 32 2c 38 29 2c 4d 3d 31 3b 52 21 3d 4d 3b 53 3d 4e 26 4f 2c 4f 3e 3e 3d 31 2c 4f 3d 3d 30 26 26 28 4f 3d 45 2c 4e 3d 46 28 50 2b 2b 29 29 2c 51 7c 3d 28 30 3c 53 3f 31 3a 30 29 2a 4d 2c 4d 3c 3c 3d 31 29 3b 54 3d 65 28 51 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 31 3a 66 6f 72 28 51 3d 30 2c 52 3d 4d 61 74 68 5b 61 64 28 32 35 37 29 5d 28 32 2c 31 36 29 2c 4d 3d 31 3b 4d 21 3d 52 3b 53 3d 4e 26 4f 2c 4f 3e 3e 3d 31 2c 30 3d 3d 4f 26 26 28 4f 3d 45 2c 4e 3d 46 28 50 2b 2b 29 29 2c 51 7c 3d 28 30 3c 53 3f 31 3a 30 29 2a 4d 2c 4d 3c 3c 3d 31 29 3b 54 3d 65 28 51 29 3b 62
                        Data Ascii: ,Q|=(0<S?1:0)*M,M<<=1);switch(Q){case 0:for(Q=0,R=Math[ad(257)](2,8),M=1;R!=M;S=N&O,O>>=1,O==0&&(O=E,N=F(P++)),Q|=(0<S?1:0)*M,M<<=1);T=e(Q);break;case 1:for(Q=0,R=Math[ad(257)](2,16),M=1;M!=R;S=N&O,O>>=1,0==O&&(O=E,N=F(P++)),Q|=(0<S?1:0)*M,M<<=1);T=e(Q);b
                        2024-04-25 20:44:46 UTC1369INData Raw: 78 27 7d 63 61 74 63 68 28 47 29 7b 72 65 74 75 72 6e 27 69 27 7d 72 65 74 75 72 6e 20 65 5b 61 31 28 32 38 32 29 5d 5b 61 31 28 32 36 36 29 5d 28 43 5b 44 5d 29 3f 27 61 27 3a 43 5b 44 5d 3d 3d 3d 65 5b 61 31 28 32 38 32 29 5d 3f 27 70 35 27 3a 43 5b 44 5d 3d 3d 3d 21 30 3f 27 54 27 3a 43 5b 44 5d 3d 3d 3d 21 31 3f 27 46 27 3a 28 45 3d 74 79 70 65 6f 66 20 43 5b 44 5d 2c 61 31 28 33 30 31 29 3d 3d 45 3f 6f 28 65 2c 43 5b 44 5d 29 3f 27 4e 27 3a 27 66 27 3a 6e 5b 45 5d 7c 7c 27 3f 27 29 7d 66 75 6e 63 74 69 6f 6e 20 61 28 61 68 29 7b 72 65 74 75 72 6e 20 61 68 3d 27 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 31 37 32 31 37 36 4c 4e 45 6d 68 6c 2c 75 6e 64 65 66 69 6e 65 64 2c 73 65 74 52 65 71 75 65 73 74 48 65 61 64 65 72 2c 73 70 6c 69 63 65 2c 63 61
                        Data Ascii: x'}catch(G){return'i'}return e[a1(282)][a1(266)](C[D])?'a':C[D]===e[a1(282)]?'p5':C[D]===!0?'T':C[D]===!1?'F':(E=typeof C[D],a1(301)==E?o(e,C[D])?'N':'f':n[E]||'?')}function a(ah){return ah='hasOwnProperty,172176LNEmhl,undefined,setRequestHeader,splice,ca
                        2024-04-25 20:44:46 UTC1369INData Raw: 64 2e 63 6f 6f 6b 69 65 2c 2f 6a 73 64 2f 72 2f 2c 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 73 6f 6e 2c 43 6f 6e 74 65 6e 74 2d 74 79 70 65 2c 66 6c 6f 6f 72 2c 63 68 61 72 43 6f 64 65 41 74 2c 48 6d 46 6d 45 71 31 2c 63 6f 6e 74 65 6e 74 44 6f 63 75 6d 65 6e 74 2c 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 2c 62 69 67 69 6e 74 2c 6d 73 67 2c 37 71 59 6c 6f 62 41 2c 63 68 61 72 41 74 2c 32 32 34 33 34 33 39 30 72 4b 65 68 4e 64 2c 6e 6f 77 2c 31 39 37 33 32 33 38 43 57 73 67 73 56 27 2e 73 70 6c 69 74 28 27 2c 27 29 2c 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 68 7d 2c 61 28 29 7d 66 75 6e 63 74 69 6f 6e 20 6c 28 66 2c 43 2c 5a 2c 44 2c 45 2c 46 2c 47 2c 48 2c 49 2c 4a 29 7b 69 66 28 5a 3d 56 2c 21 69 28 2e 30 31 29 29 72 65 74 75 72 6e 21
                        Data Ascii: d.cookie,/jsd/r/,application/json,Content-type,floor,charCodeAt,HmFmEq1,contentDocument,createElement,bigint,msg,7qYlobA,charAt,22434390rKehNd,now,1973238CWsgsV'.split(','),a=function(){return ah},a()}function l(f,C,Z,D,E,F,G,H,I,J){if(Z=V,!i(.01))return!
                        2024-04-25 20:44:46 UTC253INData Raw: 66 3d 66 2d 32 30 34 2c 68 3d 65 5b 66 5d 2c 68 7d 2c 62 28 63 2c 64 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 63 2c 61 32 2c 65 29 7b 66 6f 72 28 61 32 3d 56 2c 65 3d 5b 5d 3b 6e 75 6c 6c 21 3d 3d 63 3b 65 3d 65 5b 61 32 28 32 37 33 29 5d 28 4f 62 6a 65 63 74 5b 61 32 28 32 34 39 29 5d 28 63 29 29 2c 63 3d 4f 62 6a 65 63 74 5b 61 32 28 32 34 34 29 5d 28 63 29 29 3b 72 65 74 75 72 6e 20 65 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 63 2c 65 2c 61 30 29 7b 72 65 74 75 72 6e 20 61 30 3d 56 2c 65 20 69 6e 73 74 61 6e 63 65 6f 66 20 63 5b 61 30 28 32 37 32 29 5d 26 26 30 3c 63 5b 61 30 28 32 37 32 29 5d 5b 61 30 28 32 34 36 29 5d 5b 61 30 28 33 30 33 29 5d 5b 61 30 28 32 33 35 29 5d 28 65 29 5b 61 30 28 32 34 38 29 5d 28 61 30 28 32 37 38 29 29 7d 7d 28 29 0d 0a
                        Data Ascii: f=f-204,h=e[f],h},b(c,d)}function v(c,a2,e){for(a2=V,e=[];null!==c;e=e[a2(273)](Object[a2(249)](c)),c=Object[a2(244)](c));return e}function o(c,e,a0){return a0=V,e instanceof c[a0(272)]&&0<c[a0(272)][a0(246)][a0(303)][a0(235)](e)[a0(248)](a0(278))}}()
                        2024-04-25 20:44:46 UTC5INData Raw: 30 0d 0a 0d 0a
                        Data Ascii: 0


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        7192.168.2.1649706104.21.20.414432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:47 UTC1010OUTPOST /cdn-cgi/challenge-platform/h/b/jsd/r/87a12c3fa81e452b HTTP/1.1
                        Host: fusiongsb.com
                        Connection: keep-alive
                        Content-Length: 15779
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        sec-ch-ua-platform: "Windows"
                        sec-ch-ua-mobile: ?0
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Content-Type: application/json
                        Accept: */*
                        Origin: https://fusiongsb.com
                        Sec-Fetch-Site: same-origin
                        Sec-Fetch-Mode: cors
                        Sec-Fetch-Dest: empty
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714077886; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714164286; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=7h5lT5W6w46NuL09W-toz22MxB8
                        2024-04-25 20:44:47 UTC15779OUTData Raw: 7b 22 77 70 22 3a 22 4d 47 4f 33 61 68 76 42 61 6a 4f 61 77 24 32 76 63 76 67 48 5a 33 68 49 48 6d 41 48 4b 52 4b 46 46 68 42 76 34 70 48 37 7a 49 36 7a 43 4f 48 57 37 51 74 32 7a 6a 76 44 48 77 63 4f 79 69 47 47 48 6d 35 46 48 58 48 46 49 46 4f 76 48 6f 46 76 6b 32 56 33 35 6a 47 71 39 55 33 37 7a 53 47 41 6d 31 44 67 24 79 62 33 6b 53 61 2d 41 2b 76 31 70 37 35 4b 48 61 4f 4f 50 4b 57 68 71 69 48 75 79 69 43 73 71 48 73 33 24 57 48 68 2d 4f 48 4b 33 68 68 33 53 77 33 4b 48 76 7a 48 5a 6a 66 48 76 2b 71 48 30 6c 42 6d 79 47 51 76 6d 35 69 4f 48 68 6c 71 48 68 32 74 5a 48 74 68 48 76 71 6f 43 6e 4f 55 44 41 49 68 79 68 76 73 6b 41 47 70 61 53 4e 38 73 37 48 52 33 68 4b 4a 72 47 48 42 66 47 7a 24 43 37 4c 6f 79 48 74 38 73 35 53 52 6d 33 48 6e 35 52 43 4b
                        Data Ascii: {"wp":"MGO3ahvBajOaw$2vcvgHZ3hIHmAHKRKFFhBv4pH7zI6zCOHW7Qt2zjvDHwcOyiGGHm5FHXHFIFOvHoFvk2V35jGq9U37zSGAm1Dg$yb3kSa-A+v1p75KHaOOPKWhqiHuyiCsqHs3$WHh-OHK3hh3Sw3KHvzHZjfHv+qH0lBmyGQvm5iOHhlqHh2tZHthHvqoCnOUDAIhyhvskAGpaSN8s7HR3hKJrGHBfGz$C7LoyHt8s5SRm3Hn5RCK


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        8192.168.2.1649707104.21.20.414432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:47 UTC1010OUTPOST /cdn-cgi/challenge-platform/h/b/jsd/r/87a12c48f935677d HTTP/1.1
                        Host: fusiongsb.com
                        Connection: keep-alive
                        Content-Length: 15779
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        sec-ch-ua-platform: "Windows"
                        sec-ch-ua-mobile: ?0
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Content-Type: application/json
                        Accept: */*
                        Origin: https://fusiongsb.com
                        Sec-Fetch-Site: same-origin
                        Sec-Fetch-Mode: cors
                        Sec-Fetch-Dest: empty
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714077886; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714164286; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=7h5lT5W6w46NuL09W-toz22MxB8
                        2024-04-25 20:44:47 UTC15779OUTData Raw: 7b 22 77 70 22 3a 22 4d 47 4f 33 61 68 76 42 61 6a 4f 61 77 24 32 76 63 76 67 48 5a 33 68 49 48 6d 41 48 4b 52 4b 46 46 68 42 76 34 70 48 37 7a 49 36 7a 43 4f 48 57 37 51 74 32 7a 6a 76 44 48 77 63 4f 79 69 47 47 48 6d 35 46 48 58 48 46 49 46 4f 76 48 6f 46 76 6b 32 56 33 35 6a 47 71 39 55 33 37 7a 53 47 41 6d 31 44 67 24 79 62 33 6b 53 61 2d 41 2b 76 31 70 37 35 4b 48 61 4f 4f 50 4b 57 68 71 69 48 75 79 69 43 73 71 48 73 33 24 57 48 68 2d 4f 48 4b 33 68 68 33 53 77 33 4b 48 76 7a 48 5a 6a 66 48 76 2b 71 48 30 6c 42 6d 79 47 51 76 6d 35 69 4f 48 68 6c 71 48 68 32 74 5a 48 74 68 48 76 71 6f 43 6e 4f 55 44 41 49 68 79 68 76 73 6b 41 47 70 61 53 4e 38 73 37 48 52 33 68 4b 4a 72 47 48 42 66 47 7a 24 43 37 4c 6f 79 48 74 38 73 35 53 52 6d 33 48 6e 35 52 43 4b
                        Data Ascii: {"wp":"MGO3ahvBajOaw$2vcvgHZ3hIHmAHKRKFFhBv4pH7zI6zCOHW7Qt2zjvDHwcOyiGGHm5FHXHFIFOvHoFvk2V35jGq9U37zSGAm1Dg$yb3kSa-A+v1p75KHaOOPKWhqiHuyiCsqHs3$WHh-OHK3hh3Sw3KHvzHZjfHv+qH0lBmyGQvm5iOHhlqHh2tZHthHvqoCnOUDAIhyhvskAGpaSN8s7HR3hKJrGHBfGz$C7LoyHt8s5SRm3Hn5RCK
                        2024-04-25 20:44:47 UTC815INHTTP/1.1 200 OK
                        Date: Thu, 25 Apr 2024 20:44:47 GMT
                        Content-Type: text/plain; charset=UTF-8
                        Content-Length: 0
                        Connection: close
                        Set-Cookie: cf_clearance=cKyjhOSwB1Oh9Wij5W9H6ZKZC0rLbBFMuT_KV3fy44c-1714077887-1.0.1.1-tKwjmTEjJboA8Aa4QozstFcyHMxGWyd0jVpph4LWVTdhkRT5D1EZkKkEYVXHDhX3sus837YsK9hqd_lIiwh9Iw; path=/; expires=Fri, 25-Apr-25 20:44:47 GMT; domain=.fusiongsb.com; HttpOnly; Secure; SameSite=None
                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wY9RSBGqDDcMYld2E9c8xtffqMt0Drgj3oJjrXyWzzKbE1z4L0rlx8nn7%2Bw3She3D9LiCg%2BMzGwFZj0YYJm3ygVRYZIv2F7jyuTDF9XpciOo2IGxrJjiaY6OB%2Fkv%2FV7%2F"}],"group":"cf-nel","max_age":604800}
                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                        Server: cloudflare
                        CF-RAY: 87a12c4ede25b0d0-ATL
                        alt-svc: h3=":443"; ma=86400


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        9192.168.2.1649708104.21.20.414432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:47 UTC985OUTGET /favicon.ico HTTP/1.1
                        Host: fusiongsb.com
                        Connection: keep-alive
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        sec-ch-ua-mobile: ?0
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        sec-ch-ua-platform: "Windows"
                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                        Sec-Fetch-Site: same-origin
                        Sec-Fetch-Mode: no-cors
                        Sec-Fetch-Dest: image
                        Referer: https://fusiongsb.com/wofice/
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714077886; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714164286; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=7h5lT5W6w46NuL09W-toz22MxB8
                        2024-04-25 20:44:48 UTC856INHTTP/1.1 404 Not Found
                        Date: Thu, 25 Apr 2024 20:44:47 GMT
                        Content-Type: text/html
                        Transfer-Encoding: chunked
                        Connection: close
                        Vary: Accept-Encoding
                        X-Content-Type-Options: nosniff
                        X-Content-Type-Options: nosniff
                        X-XSS-Protection: 1; mode=block
                        X-XSS-Protection: 1; mode=block
                        Cache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
                        Pragma: public
                        CF-Cache-Status: HIT
                        Age: 10074
                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7r3F0kwKrN5PEZ3NpEgewOq0xMOzCtTG5GgywkGDZjrqwiN%2FsuUVUKh%2F7a3KS7CidQHVPzTjaDMJBPbxN8q4QlAlfZUq4%2BJo995VMrAI2PKCWF%2FTdw1bw05%2BmPv5ojeT"}],"group":"cf-nel","max_age":604800}
                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                        Server: cloudflare
                        CF-RAY: 87a12c4fcc104507-ATL
                        alt-svc: h3=":443"; ma=86400
                        2024-04-25 20:44:48 UTC264INData Raw: 31 30 31 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 3c 2f 62 6f 64 79 3e
                        Data Ascii: 101<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p></body>
                        2024-04-25 20:44:48 UTC5INData Raw: 30 0d 0a 0d 0a
                        Data Ascii: 0


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        10192.168.2.1649710104.21.20.414432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:48 UTC950OUTGET /cdn-cgi/challenge-platform/h/b/jsd/r/87a12c48f935677d HTTP/1.1
                        Host: fusiongsb.com
                        Connection: keep-alive
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept: */*
                        Sec-Fetch-Site: none
                        Sec-Fetch-Mode: cors
                        Sec-Fetch-Dest: empty
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714077886; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714164286; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=7h5lT5W6w46NuL09W-toz22MxB8; cf_clearance=cKyjhOSwB1Oh9Wij5W9H6ZKZC0rLbBFMuT_KV3fy44c-1714077887-1.0.1.1-tKwjmTEjJboA8Aa4QozstFcyHMxGWyd0jVpph4LWVTdhkRT5D1EZkKkEYVXHDhX3sus837YsK9hqd_lIiwh9Iw
                        2024-04-25 20:44:48 UTC702INHTTP/1.1 400 Bad Request
                        Date: Thu, 25 Apr 2024 20:44:48 GMT
                        Content-Type: application/json
                        Content-Length: 7
                        Connection: close
                        cf-chl-out: clbWQUsp9O8NfraUeNCRxw==$MB3xjHIahyjFbnhR3zuqCA==
                        cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxb8ugBcyVBfTIxqQdidDPm%2Fq6Cd9t0wJWgmsIzXEKUepCM9fplXU3kygQJE2gXLcPZ6vQh%2BH%2FGl%2FWQ9jVrQWaCQL3KrsGEdW4QMDwaEcd%2B4veFYiC3oKQcp%2F1uqF5C1"}],"group":"cf-nel","max_age":604800}
                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                        Server: cloudflare
                        CF-RAY: 87a12c53bfaf8832-ATL
                        alt-svc: h3=":443"; ma=86400
                        2024-04-25 20:44:48 UTC7INData Raw: 69 6e 76 61 6c 69 64
                        Data Ascii: invalid


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        11192.168.2.1649717184.31.62.93443
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:55 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                        Connection: Keep-Alive
                        Accept: */*
                        Accept-Encoding: identity
                        User-Agent: Microsoft BITS/7.8
                        Host: fs.microsoft.com
                        2024-04-25 20:44:55 UTC467INHTTP/1.1 200 OK
                        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                        Content-Type: application/octet-stream
                        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                        Server: ECAcc (chd/0790)
                        X-CID: 11
                        X-Ms-ApiVersion: Distribute 1.2
                        X-Ms-Region: prod-eus-z1
                        Cache-Control: public, max-age=123520
                        Date: Thu, 25 Apr 2024 20:44:55 GMT
                        Connection: close
                        X-CID: 2


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        12192.168.2.1649711142.251.15.1044432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:55 UTC613OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                        Host: www.google.com
                        Connection: keep-alive
                        X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX
                        Sec-Fetch-Site: none
                        Sec-Fetch-Mode: no-cors
                        Sec-Fetch-Dest: empty
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-04-25 20:44:55 UTC1703INHTTP/1.1 200 OK
                        Date: Thu, 25 Apr 2024 20:44:55 GMT
                        Pragma: no-cache
                        Expires: -1
                        Cache-Control: no-cache, must-revalidate
                        Content-Type: text/javascript; charset=UTF-8
                        Strict-Transport-Security: max-age=31536000
                        Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-HOBWH3w70H2ZHns7RSFyBA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                        Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                        Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                        Accept-CH: Sec-CH-UA-Platform
                        Accept-CH: Sec-CH-UA-Platform-Version
                        Accept-CH: Sec-CH-UA-Full-Version
                        Accept-CH: Sec-CH-UA-Arch
                        Accept-CH: Sec-CH-UA-Model
                        Accept-CH: Sec-CH-UA-Bitness
                        Accept-CH: Sec-CH-UA-Full-Version-List
                        Accept-CH: Sec-CH-UA-WoW64
                        Permissions-Policy: unload=()
                        Origin-Trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=
                        Origin-Trial: AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
                        Content-Disposition: attachment; filename="f.txt"
                        Server: gws
                        X-XSS-Protection: 0
                        X-Frame-Options: SAMEORIGIN
                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                        Accept-Ranges: none
                        Vary: Accept-Encoding
                        Connection: close
                        Transfer-Encoding: chunked
                        2024-04-25 20:44:55 UTC813INData Raw: 33 32 36 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 73 74 65 6c 6c 61 72 20 62 6c 61 64 65 20 67 61 6d 65 20 72 65 76 69 65 77 22 2c 22 6d 6f 64 65 72 6e 20 68 6f 72 69 7a 6f 6e 73 20 33 20 63 6f 6d 6d 61 6e 64 65 72 20 64 65 63 6b 73 20 6c 65 61 6b 73 22 2c 22 6c 61 20 64 6f 64 67 65 72 73 20 76 73 20 6e 61 74 69 6f 6e 61 6c 73 20 70 72 65 64 69 63 74 69 6f 6e 73 22 2c 22 64 6f 6d 20 66 6f 78 74 72 6f 74 20 63 6c 6f 73 69 6e 67 22 2c 22 6d 69 6c 69 74 61 72 79 20 68 6f 72 73 65 73 20 6c 6f 6f 73 65 20 69 6e 20 6c 6f 6e 64 6f 6e 22 2c 22 6e 69 6e 74 65 6e 64 6f 20 67 61 72 72 79 20 6d 6f 64 22 2c 22 63 75 6d 62 65 72 6c 61 6e 64 20 76 61 6c 6c 65 79 20 73 63 68 6f 6f 6c 20 62 6f 61 72 64 20 6d 65 65 74 69 6e 67 22 2c 22 66 72 61 6e 6b 20 63 73 6f 72 62 61 20
                        Data Ascii: 326)]}'["",["stellar blade game review","modern horizons 3 commander decks leaks","la dodgers vs nationals predictions","dom foxtrot closing","military horses loose in london","nintendo garry mod","cumberland valley school board meeting","frank csorba
                        2024-04-25 20:44:55 UTC5INData Raw: 30 0d 0a 0d 0a
                        Data Ascii: 0


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        13192.168.2.1649718184.31.62.93443
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:55 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                        Connection: Keep-Alive
                        Accept: */*
                        Accept-Encoding: identity
                        If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                        Range: bytes=0-2147483646
                        User-Agent: Microsoft BITS/7.8
                        Host: fs.microsoft.com
                        2024-04-25 20:44:56 UTC515INHTTP/1.1 200 OK
                        ApiVersion: Distribute 1.1
                        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                        Content-Type: application/octet-stream
                        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                        Server: ECAcc (chd/0758)
                        X-CID: 11
                        X-Ms-ApiVersion: Distribute 1.2
                        X-Ms-Region: prod-eus-z1
                        Cache-Control: public, max-age=123519
                        Date: Thu, 25 Apr 2024 20:44:56 GMT
                        Content-Length: 55
                        Connection: close
                        X-CID: 2
                        2024-04-25 20:44:56 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                        Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        14192.168.2.164971940.68.123.157443
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:44:59 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=TbF6LXouAHLCBFK&MD=daX7TMkC HTTP/1.1
                        Connection: Keep-Alive
                        Accept: */*
                        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                        Host: slscr.update.microsoft.com
                        2024-04-25 20:45:00 UTC560INHTTP/1.1 200 OK
                        Cache-Control: no-cache
                        Pragma: no-cache
                        Content-Type: application/octet-stream
                        Expires: -1
                        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                        ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                        MS-CorrelationId: bb461ea3-e7ae-4f35-81a7-d76852b52298
                        MS-RequestId: c9f0ee3a-3d81-4644-88c8-88917be0f0e3
                        MS-CV: JqqRFPh/XUeaqt+y.0
                        X-Microsoft-SLSClientCache: 2880
                        Content-Disposition: attachment; filename=environment.cab
                        X-Content-Type-Options: nosniff
                        Date: Thu, 25 Apr 2024 20:44:58 GMT
                        Connection: close
                        Content-Length: 24490
                        2024-04-25 20:45:00 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                        Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                        2024-04-25 20:45:00 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                        Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        15192.168.2.1649720142.251.15.1044432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:45:00 UTC674OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Ffusiongsb.com&oit=3&cp=21&pgcl=4&gs_rn=42&psi=8Q6rixY0x0GDfXHb&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                        Host: www.google.com
                        Connection: keep-alive
                        X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX
                        Sec-Fetch-Site: none
                        Sec-Fetch-Mode: no-cors
                        Sec-Fetch-Dest: empty
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        16192.168.2.1649721142.251.15.1044432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:45:00 UTC673OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Ffusiongsb.co&oit=3&cp=20&pgcl=4&gs_rn=42&psi=8Q6rixY0x0GDfXHb&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                        Host: www.google.com
                        Connection: keep-alive
                        X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX
                        Sec-Fetch-Site: none
                        Sec-Fetch-Mode: no-cors
                        Sec-Fetch-Dest: empty
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-04-25 20:45:00 UTC1703INHTTP/1.1 200 OK
                        Date: Thu, 25 Apr 2024 20:45:00 GMT
                        Pragma: no-cache
                        Expires: -1
                        Cache-Control: no-cache, must-revalidate
                        Content-Type: text/javascript; charset=UTF-8
                        Strict-Transport-Security: max-age=31536000
                        Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-tOqWAXrOMTjNkhqcRM2ePQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                        Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                        Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                        Accept-CH: Sec-CH-UA-Platform
                        Accept-CH: Sec-CH-UA-Platform-Version
                        Accept-CH: Sec-CH-UA-Full-Version
                        Accept-CH: Sec-CH-UA-Arch
                        Accept-CH: Sec-CH-UA-Model
                        Accept-CH: Sec-CH-UA-Bitness
                        Accept-CH: Sec-CH-UA-Full-Version-List
                        Accept-CH: Sec-CH-UA-WoW64
                        Permissions-Policy: unload=()
                        Origin-Trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=
                        Origin-Trial: AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
                        Content-Disposition: attachment; filename="f.txt"
                        Server: gws
                        X-XSS-Protection: 0
                        X-Frame-Options: SAMEORIGIN
                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                        Accept-Ranges: none
                        Vary: Accept-Encoding
                        Connection: close
                        Transfer-Encoding: chunked
                        2024-04-25 20:45:00 UTC146INData Raw: 38 63 0d 0a 29 5d 7d 27 0a 5b 22 68 74 74 70 73 3a 2f 2f 66 75 73 69 6f 6e 67 73 62 2e 63 6f 22 2c 5b 5d 2c 5b 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a 74 72 75 65 7d 2c 22 67 6f 6f 67 6c 65 3a 73 75 67 67 65 73 74 74 79 70 65 22 3a 5b 5d 2c 22 67 6f 6f 67 6c 65 3a 76 65 72 62 61 74 69 6d 72 65 6c 65 76 61 6e 63 65 22 3a 38 35 31 7d 5d 0d 0a
                        Data Ascii: 8c)]}'["https://fusiongsb.co",[],[],[],{"google:clientdata":{"bpc":false,"tlw":true},"google:suggesttype":[],"google:verbatimrelevance":851}]
                        2024-04-25 20:45:00 UTC5INData Raw: 30 0d 0a 0d 0a
                        Data Ascii: 0


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        17192.168.2.1649722142.251.15.1044432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:45:03 UTC674OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=https%3A%2F%2Ffusiongsb.com&oit=3&cp=21&pgcl=4&gs_rn=42&psi=8Q6rixY0x0GDfXHb&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                        Host: www.google.com
                        Connection: keep-alive
                        X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUX
                        Sec-Fetch-Site: none
                        Sec-Fetch-Mode: no-cors
                        Sec-Fetch-Dest: empty
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        18192.168.2.1649723104.21.20.414432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:45:03 UTC1216OUTGET / HTTP/1.1
                        Host: fusiongsb.com
                        Connection: keep-alive
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        sec-ch-ua-mobile: ?0
                        sec-ch-ua-platform: "Windows"
                        Upgrade-Insecure-Requests: 1
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                        Sec-Fetch-Site: none
                        Sec-Fetch-Mode: navigate
                        Sec-Fetch-User: ?1
                        Sec-Fetch-Dest: document
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        Cookie: M4DpoMLXMbMTNtB1JzIy_IR_NqM=RbyjNRrRYgYX2QSOYRlESb54hc4; NDMql3gjyXB_7Bu5Ix8RhOzP_IE=1714077879; k_3C2lm6E--OP1gJ-40plhaavPQ=1714164279; euuUf8kM6l0ldxatVJ7r7_w0hkk=J4eMEG_1A4GiID26phf9bYN_sQs; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714077886; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714164286; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=7h5lT5W6w46NuL09W-toz22MxB8; cf_clearance=cKyjhOSwB1Oh9Wij5W9H6ZKZC0rLbBFMuT_KV3fy44c-1714077887-1.0.1.1-tKwjmTEjJboA8Aa4QozstFcyHMxGWyd0jVpph4LWVTdhkRT5D1EZkKkEYVXHDhX3sus837YsK9hqd_lIiwh9Iw
                        2024-04-25 20:45:04 UTC715INHTTP/1.1 404 Not Found
                        Date: Thu, 25 Apr 2024 20:45:03 GMT
                        Content-Type: text/html
                        Transfer-Encoding: chunked
                        Connection: close
                        Vary: Accept-Encoding
                        X-Content-Type-Options: nosniff
                        X-Content-Type-Options: nosniff
                        X-XSS-Protection: 1; mode=block
                        X-XSS-Protection: 1; mode=block
                        CF-Cache-Status: DYNAMIC
                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pp6byGTHhVzXSakiTqh8yNNPny84P8%2FbbCHvZD90A0ooHhOfqOQxCldi0i8821tCmjyddBUNxh3pO2cT5Q3xC29Hs42SkEOXu90ffclBy%2BEJ9B6j9BskDwfSYVf67V%2Fm"}],"group":"cf-nel","max_age":604800}
                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                        Server: cloudflare
                        CF-RAY: 87a12cb1a86c8bbb-ATL
                        alt-svc: h3=":443"; ma=86400
                        2024-04-25 20:45:04 UTC264INData Raw: 31 30 31 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 3c 2f 62 6f 64 79 3e
                        Data Ascii: 101<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p></body>
                        2024-04-25 20:45:04 UTC5INData Raw: 30 0d 0a 0d 0a
                        Data Ascii: 0


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        19192.168.2.164972513.85.23.86443
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:45:37 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=TbF6LXouAHLCBFK&MD=daX7TMkC HTTP/1.1
                        Connection: Keep-Alive
                        Accept: */*
                        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                        Host: slscr.update.microsoft.com
                        2024-04-25 20:45:37 UTC560INHTTP/1.1 200 OK
                        Cache-Control: no-cache
                        Pragma: no-cache
                        Content-Type: application/octet-stream
                        Expires: -1
                        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                        ETag: "Mx1RoJH/qEwpWfKllx7sbsl28AuERz5IYdcsvtTJcgM=_2160"
                        MS-CorrelationId: ec1c9eb1-4175-4e9c-83c5-f7bbe61416cf
                        MS-RequestId: 1967e906-16c2-4705-aab7-566213370f27
                        MS-CV: Q55FXMC7lUW7UwAH.0
                        X-Microsoft-SLSClientCache: 2160
                        Content-Disposition: attachment; filename=environment.cab
                        X-Content-Type-Options: nosniff
                        Date: Thu, 25 Apr 2024 20:45:36 GMT
                        Connection: close
                        Content-Length: 25457
                        2024-04-25 20:45:37 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 51 22 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 db 8e 00 00 14 00 00 00 00 00 10 00 51 22 00 00 20 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 f3 43 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 0d 92 6f db e5 21 f3 43 43 4b ed 5a 09 38 55 5b df 3f 93 99 90 29 99 e7 29 ec 73 cc 4a 66 32 cf 84 32 64 c8 31 c7 11 52 38 87 90 42 66 09 99 87 32 0f 19 0a 09 51 a6 a8 08 29 53 86 4a 52 84 50 df 46 83 ba dd 7b df fb 7e ef 7d ee 7d bf ef 9e e7 d9 67 ef 35 ee b5 fe eb 3f ff b6 96 81 a2 0a 04 fc 31 40 21 5b 3f a5 ed 1b 04 0e 85 42 a0 10 04 64 12 6c a5 de aa a1 d8 ea f3 58 01 f2 f5 67 0b 5e 9b bd e8 a0 90 1d bf 40 88 9d eb 49 b4 87 9b ab 8b 9d 2b 46 c8 c7 c5 19 92
                        Data Ascii: MSCFQ"DQ" AdCenvironment.cabo!CCKZ8U[?))sJf22d1R8Bf2Q)SJRPF{~}}g5?1@![?BdlXg^@I+F
                        2024-04-25 20:45:37 UTC9633INData Raw: 21 6f b3 eb a6 cc f5 31 be cf 05 e2 a9 fe fa 57 6d 19 30 b3 c2 c5 66 c9 6a df f5 e7 f0 78 bd c7 a8 9e 25 e3 f9 bc ed 6b 54 57 08 2b 51 82 44 12 fb b9 53 8c cc f4 60 12 8a 76 cc 40 40 41 9b dc 5c 17 ff 5c f9 5e 17 35 98 24 56 4b 74 ef 42 10 c8 af bf 7f c6 7f f2 37 7d 5a 3f 1c f2 99 79 4a 91 52 00 af 38 0f 17 f5 2f 79 81 65 d9 a9 b5 6b e4 c7 ce f6 ca 7a 00 6f 4b 30 44 24 22 3c cf ed 03 a5 96 8f 59 29 bc b6 fd 04 e1 70 9f 32 4a 27 fd 55 af 2f fe b6 e5 8e 33 bb 62 5f 9a db 57 40 e9 f1 ce 99 66 90 8c ff 6a 62 7f dd c5 4a 0b 91 26 e2 39 ec 19 4a 71 63 9d 7b 21 6d c3 9c a3 a2 3c fa 7f 7d 96 6a 90 78 a6 6d d2 e1 9c f9 1d fc 38 d8 94 f4 c6 a5 0a 96 86 a4 bd 9e 1a ae 04 42 83 b8 b5 80 9b 22 38 20 b5 25 e5 64 ec f7 f4 bf 7e 63 59 25 0f 7a 2e 39 57 76 a2 71 aa 06 8a
                        Data Ascii: !o1Wm0fjx%kTW+QDS`v@@A\\^5$VKtB7}Z?yJR8/yekzoK0D$"<Y)p2J'U/3b_W@fjbJ&9Jqc{!m<}jxm8B"8 %d~cY%z.9Wvq


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        20192.168.2.164972735.190.80.14432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:45:45 UTC528OUTOPTIONS /report/v4?s=Pp6byGTHhVzXSakiTqh8yNNPny84P8%2FbbCHvZD90A0ooHhOfqOQxCldi0i8821tCmjyddBUNxh3pO2cT5Q3xC29Hs42SkEOXu90ffclBy%2BEJ9B6j9BskDwfSYVf67V%2Fm HTTP/1.1
                        Host: a.nel.cloudflare.com
                        Connection: keep-alive
                        Origin: https://fusiongsb.com
                        Access-Control-Request-Method: POST
                        Access-Control-Request-Headers: content-type
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-04-25 20:45:46 UTC336INHTTP/1.1 200 OK
                        Content-Length: 0
                        access-control-max-age: 86400
                        access-control-allow-methods: POST, OPTIONS
                        access-control-allow-origin: *
                        access-control-allow-headers: content-type, content-length
                        date: Thu, 25 Apr 2024 20:45:46 GMT
                        Via: 1.1 google
                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                        Connection: close


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        21192.168.2.164972835.190.80.14432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:45:46 UTC534OUTOPTIONS /report/v4?s=gxb8ugBcyVBfTIxqQdidDPm%2Fq6Cd9t0wJWgmsIzXEKUepCM9fplXU3kygQJE2gXLcPZ6vQh%2BH%2FGl%2FWQ9jVrQWaCQL3KrsGEdW4QMDwaEcd%2B4veFYiC3oKQcp%2F1uqF5C1 HTTP/1.1
                        Host: a.nel.cloudflare.com
                        Connection: keep-alive
                        Origin: https://fusiongsb.com
                        Access-Control-Request-Method: POST
                        Access-Control-Request-Headers: content-type
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-04-25 20:45:46 UTC336INHTTP/1.1 200 OK
                        Content-Length: 0
                        access-control-max-age: 86400
                        access-control-allow-methods: OPTIONS, POST
                        access-control-allow-origin: *
                        access-control-allow-headers: content-type, content-length
                        date: Thu, 25 Apr 2024 20:45:46 GMT
                        Via: 1.1 google
                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                        Connection: close


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        22192.168.2.164972935.190.80.14432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:45:46 UTC473OUTPOST /report/v4?s=Pp6byGTHhVzXSakiTqh8yNNPny84P8%2FbbCHvZD90A0ooHhOfqOQxCldi0i8821tCmjyddBUNxh3pO2cT5Q3xC29Hs42SkEOXu90ffclBy%2BEJ9B6j9BskDwfSYVf67V%2Fm HTTP/1.1
                        Host: a.nel.cloudflare.com
                        Connection: keep-alive
                        Content-Length: 1668
                        Content-Type: application/reports+json
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-04-25 20:45:46 UTC1668OUTData Raw: 5b 7b 22 61 67 65 22 3a 35 37 37 33 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 34 39 39 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 66 75 73 69 6f 6e 67 73 62 2e 63 6f 6d 2f 77 6f 66 69 63 65 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 32 30 2e 34 31 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22
                        Data Ascii: [{"age":57730,"body":{"elapsed_time":499,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://fusiongsb.com/wofice/","sampling_fraction":1.0,"server_ip":"104.21.20.41","status_code":404,"type":"http.error"},"type":"network-error"
                        2024-04-25 20:45:46 UTC168INHTTP/1.1 200 OK
                        Content-Length: 0
                        date: Thu, 25 Apr 2024 20:45:46 GMT
                        Via: 1.1 google
                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                        Connection: close


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        23192.168.2.164973035.190.80.14432088C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-04-25 20:45:46 UTC478OUTPOST /report/v4?s=gxb8ugBcyVBfTIxqQdidDPm%2Fq6Cd9t0wJWgmsIzXEKUepCM9fplXU3kygQJE2gXLcPZ6vQh%2BH%2FGl%2FWQ9jVrQWaCQL3KrsGEdW4QMDwaEcd%2B4veFYiC3oKQcp%2F1uqF5C1 HTTP/1.1
                        Host: a.nel.cloudflare.com
                        Connection: keep-alive
                        Content-Length: 439
                        Content-Type: application/reports+json
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-04-25 20:45:46 UTC439OUTData Raw: 5b 7b 22 61 67 65 22 3a 35 37 31 30 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 36 36 31 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 32 30 2e 34 31 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 30 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 66 75 73 69 6f 6e 67 73 62 2e 63 6f 6d
                        Data Ascii: [{"age":57100,"body":{"elapsed_time":661,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"104.21.20.41","status_code":400,"type":"http.error"},"type":"network-error","url":"https://fusiongsb.com
                        2024-04-25 20:45:46 UTC168INHTTP/1.1 200 OK
                        Content-Length: 0
                        date: Thu, 25 Apr 2024 20:45:46 GMT
                        Via: 1.1 google
                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                        Connection: close


                        Statistics

                        CPU Usage

                        Click to jump to process

                        Memory Usage

                        Click to jump to process

                        Behavior

                        Click to jump to process

                        System Behavior

                        General

                        Target ID:0
                        Start time:22:44:43
                        Start date:25/04/2024
                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                        Wow64 process (32bit):false
                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://fusiongsb.com/wofice/
                        Imagebase:0x7ff7f9810000
                        File size:3'242'272 bytes
                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:low
                        Has exited:false

                        General

                        Target ID:1
                        Start time:22:44:44
                        Start date:25/04/2024
                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                        Wow64 process (32bit):false
                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1948,i,15357515620688377585,3936290789121415712,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                        Imagebase:0x7ff7f9810000
                        File size:3'242'272 bytes
                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:low
                        Has exited:false

                        Disassembly

                        No disassembly