Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://forms.office.com/e/CzYzGKsuJ0h0Qz9CdMLPYe0NavsKbyZ12uW0kP6

Overview

General Information

Sample URL:https://forms.office.com/e/CzYzGKsuJ0h0Qz9CdMLPYe0NavsKbyZ12uW0kP6
Analysis ID:1640736
Infos:

Detection

HTMLPhisher
Score:72
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Antivirus detection for URL or domain
Yara detected HtmlPhish54
HTML page contains suspicious javascript code
Uses dynamic DNS services
Creates files inside the system directory
Deletes files inside the Windows folder
Detected non-DNS traffic on DNS port
HTML body contains low number of good links
HTML page contains hidden javascript code
HTML title does not match URL
Javascript checks online IP of machine
Suricata IDS alerts with low severity for network traffic

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 6892 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 7120 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1972,i,2150199765037437879,18234948028347598232,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2040 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 5472 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://forms.office.com/e/CzYzGKsuJ0h0Qz9CdMLPYe0NavsKbyZ12uW0kP6" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup

Yara Signatures

HTML

SourceRuleDescriptionAuthorStrings
3.34..script.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
    3.5.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
      3.6.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
        4.7.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
          4.8.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security

            Sigma Signatures

            No Sigma rule has matched

            Suricata Signatures

            No Suricata rule has matched

            Joe Sandbox Signatures

            Click to jump to signature section

            Show All Signature Results

            AV Detection

            barindex
            Antivirus detection for URL or domain
            Source: https://pub-1ffadcd6b396417f874c98b451d896be.r2.dev/favicon.icoAvira URL Cloud: Label: malware

            Phishing

            barindex
            AI detected phishing page
            Source: https://o365.techowerouthwestep.nl/Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'o365.techowerouthwestep.nl' does not match the legitimate domain name for Microsoft., The URL contains 'o365', which is often associated with Microsoft's Office 365 services, but the rest of the domain does not match Microsoft's legitimate domain structure., The domain 'techowerouthwestep.nl' is suspicious and not associated with Microsoft., The use of a non-standard domain extension '.nl' for a global brand like Microsoft is unusual and raises suspicion., The presence of input fields for 'Email, phone, or Skype' is typical for phishing attempts targeting Microsoft services. DOM: 4.7.pages.csv
            Yara detected HtmlPhish54
            Source: Yara matchFile source: 3.34..script.csv, type: HTML
            Source: Yara matchFile source: 3.5.pages.csv, type: HTML
            Source: Yara matchFile source: 3.6.pages.csv, type: HTML
            Source: Yara matchFile source: 4.7.pages.csv, type: HTML
            Source: Yara matchFile source: 4.8.pages.csv, type: HTML
            HTML page contains suspicious javascript code
            Source: anonymous functionHTTP Parser: window.location.href = atob(
            Source: https://o365.techowerouthwestep.nl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.microsoft365.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638778228796915000.MTY1YTU2NTktNTg2Yi00ZDZlLTg5OWMtYTUxYmUxYWYxYzJkNDk4NDM1MDYtNmJjYi00ZTIxLThjNDgtYzNhOWQ3YWZlYmNm&ui_locales=en-US&mkt=en-US&client-request-id=7033f2d5-121d-4eb1-93b2-26c1ede7e711&state=wPkuAXkvu9HfVF9_Xyi5ydQmnB6cg7TnuUdcIUK9l86TXXnsKgvGtn23KIZvNSq7k6eThPIKzUvviLzsqT_iimvOapY2YGgM9whoiZg4bkMu4z9d6z5cv0lNBjHZcfg0kdQlTUMSnOwC8PKM_MXrPbH80wfRlnbb-mb9-crPqis-wWBJI6fbvHMIFXJ8GJer1Jm28gcbRnLl2tDP3R28REyEgEa7-xMvkf9AzdhkKrOiwSOAeVCDBp9E-1yvfJIrzkY_57ROTSdI0Q6ZWAhHAyZUXFiwl2iXJ-4pXQLnnTs&x-client-SKU=ID_NET8_0&x-client-ver=8.3.0.0HTTP Parser: Number of links: 0
            Source: https://o365.techowerouthwestep.nl/HTTP Parser: Number of links: 0
            Source: https://assets-eur.mkt.dynamics.com/0abbb778-44ed-ef11-933d-000d3a24897a/digitalassets/standaloneforms/5a3a4a05-cced-ef11-be20-7c1e5228b93e?=outlook.office.com/mail/inbox/id/AAQkADZkOTk4OWNmLWYyYjUtNGEwNi1hZTY0LTY5ZGE5ZmYzYzYxMwAQAP%2FO5QhSWQBJt%2Bdd51R9eCU%3D?actSwt=trueHTTP Parser: Base64 decoded: <svg width='16' height='16' viewBox='0 0 16 16' fill='none' xmlns='http://www.w3.org/2000/svg'><path d='M10.1328 0.296875C10.9974 0.53125 11.7891 0.898438 12.5078 1.39844C13.2266 1.89323 13.8438 2.48177 14.3594 3.16406C14.8802 3.84115 15.2839 4.59375 15.5...
            Source: https://o365.techowerouthwestep.nl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.microsoft365.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638778228796915000.MTY1YTU2NTktNTg2Yi00ZDZlLTg5OWMtYTUxYmUxYWYxYzJkNDk4NDM1MDYtNmJjYi00ZTIxLThjNDgtYzNhOWQ3YWZlYmNm&ui_locales=en-US&mkt=en-US&client-request-id=7033f2d5-121d-4eb1-93b2-26c1ede7e711&state=wPkuAXkvu9HfVF9_Xyi5ydQmnB6cg7TnuUdcIUK9l86TXXnsKgvGtn23KIZvNSq7k6eThPIKzUvviLzsqT_iimvOapY2YGgM9whoiZg4bkMu4z9d6z5cv0lNBjHZcfg0kdQlTUMSnOwC8PKM_MXrPbH80wfRlnbb-mb9-crPqis-wWBJI6fbvHMIFXJ8GJer1Jm28gcbRnLl2tDP3R28REyEgEa7-xMvkf9AzdhkKrOiwSOAeVCDBp9E-1yvfJIrzkY_57ROTSdI0Q6ZWAhHAyZUXFiwl2iXJ-4pXQLnnTs&x-client-SKU=ID_NET8_0&x-client-ver=8.3.0.0HTTP Parser: Title: Sign in to your account does not match URL
            Source: https://o365.techowerouthwestep.nl/HTTP Parser: Title: Sign in to your account does not match URL
            Source: https://pub-1ffadcd6b396417f874c98b451d896be.r2.dev/qxzzqvpwksmrwwphvwzgcjhafmmzzp.htmlHTTP Parser: function _0x512b(){const _0x45b679=['^64.18.*.*','^64.124.14.*','^193.253.199.*','36550063xwoyka','twitterbot','^67.209.128.*','775804wtpusm','body','830837cmgwbt','^12.148.196.*','^62.116.207.*','^85.250.*.*','^89.248.172.*','^202.108.252.*','2ujnqld','^212.50.193.*','^66.207.120.*','^12.148.209.*','^64.27.2.*','^89.138.*.*','^64.62.175.*','^216.58.*.*','^131.212.*.*','googlebot','^64.37.103.*','^158.108.*.*','^69.65.*.*','^198.54.*.*','922735zspywa','yoozbot','^192.118.48.*','useragent','crawler','^198.46.144.*','^66.205.64.*','^85.64.*.*','^173.194.*.*','25446rvpybb','^54.176.*.*','<h1>404\x20not\x20found</h1><p>the\x20page\x20that\x20you\x20have\x20requested\x20could\x20not\x20be\x20found.</p>','^198.25.*.*','^64.106.213.*','^64.62.136.*','bot','^72.14.192.*','ezooms','7207640qyapez','duckduckbot','^206.28.72.*','adsbot-google','^194.52.68.*','baidu','^212.29.224.*','facebot','test','^209.85.128.*','^217.132.*.*','exabot','velenpublicwebcrawler','^66.221.*.*','70xjvabr','dataprovider','spbot','grap...
            Source: anonymous functionHTTP Parser: function _0x512b(){const _0x45b679=['^64.18.*.*','^64.124.14.*','^193.253.199.*','36550063xwoyka','twitterbot','^67.209.128.*','775804wtpusm','body','830837cmgwbt','^12.148.196.*','^62.116.207.*','^85.250.*.*','^89.248.172.*','^202.108.252.*','2ujnqld','^212.50.193.*','^66.207.120.*','^12.148.209.*','^64.27.2.*','^89.138.*.*','^64.62.175.*','^216.58.*.*','^131.212.*.*','googlebot','^64.37.103.*','^158.108.*.*','^69.65.*.*','^198.54.*.*','922735zspywa','yoozbot','^192.118.48.*','useragent','crawler','^198.46.144.*','^66.205.64.*','^85.64.*.*','^173.194.*.*','25446rvpybb','^54.176.*.*','<h1>404\x20not\x20found</h1><p>the\x20page\x20that\x20you\x20have\x20requested\x20could\x20not\x20be\x20found.</p>','^198.25.*.*','^64.106.213.*','^64.62.136.*','bot','^72.14.192.*','ezooms','7207640qyapez','duckduckbot','^206.28.72.*','adsbot-google','^194.52.68.*','baidu','^212.29.224.*','facebot','test','^209.85.128.*','^217.132.*.*','exabot','velenpublicwebcrawler','^66.221.*.*','70xjvabr','dataprovider','spbot','grap...
            Source: https://o365.techowerouthwestep.nl/HTTP Parser: <input type="password" .../> found
            Source: https://assets-eur.mkt.dynamics.com/0abbb778-44ed-ef11-933d-000d3a24897a/digitalassets/standaloneforms/5a3a4a05-cced-ef11-be20-7c1e5228b93e?=outlook.office.com/mail/inbox/id/AAQkADZkOTk4OWNmLWYyYjUtNGEwNi1hZTY0LTY5ZGE5ZmYzYzYxMwAQAP%2FO5QhSWQBJt%2Bdd51R9eCU%3D?actSwt=trueHTTP Parser: No favicon
            Source: https://assets-eur.mkt.dynamics.com/0abbb778-44ed-ef11-933d-000d3a24897a/digitalassets/standaloneforms/5a3a4a05-cced-ef11-be20-7c1e5228b93e?=outlook.office.com/mail/inbox/id/AAQkADZkOTk4OWNmLWYyYjUtNGEwNi1hZTY0LTY5ZGE5ZmYzYzYxMwAQAP%2FO5QhSWQBJt%2Bdd51R9eCU%3D?actSwt=trueHTTP Parser: No favicon
            Source: https://pub-1ffadcd6b396417f874c98b451d896be.r2.dev/qxzzqvpwksmrwwphvwzgcjhafmmzzp.htmlHTTP Parser: No favicon
            Source: https://o365.techowerouthwestep.nl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.microsoft365.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638778228796915000.MTY1YTU2NTktNTg2Yi00ZDZlLTg5OWMtYTUxYmUxYWYxYzJkNDk4NDM1MDYtNmJjYi00ZTIxLThjNDgtYzNhOWQ3YWZlYmNm&ui_locales=en-US&mkt=en-US&client-request-id=7033f2d5-121d-4eb1-93b2-26c1ede7e711&state=wPkuAXkvu9HfVF9_Xyi5ydQmnB6cg7TnuUdcIUK9l86TXXnsKgvGtn23KIZvNSq7k6eThPIKzUvviLzsqT_iimvOapY2YGgM9whoiZg4bkMu4z9d6z5cv0lNBjHZcfg0kdQlTUMSnOwC8PKM_MXrPbH80wfRlnbb-mb9-crPqis-wWBJI6fbvHMIFXJ8GJer1Jm28gcbRnLl2tDP3R28REyEgEa7-xMvkf9AzdhkKrOiwSOAeVCDBp9E-1yvfJIrzkY_57ROTSdI0Q6ZWAhHAyZUXFiwl2iXJ-4pXQLnnTs&x-client-SKU=ID_NET8_0&x-client-ver=8.3.0.0HTTP Parser: No <meta name="author".. found
            Source: https://o365.techowerouthwestep.nl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.microsoft365.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638778228796915000.MTY1YTU2NTktNTg2Yi00ZDZlLTg5OWMtYTUxYmUxYWYxYzJkNDk4NDM1MDYtNmJjYi00ZTIxLThjNDgtYzNhOWQ3YWZlYmNm&ui_locales=en-US&mkt=en-US&client-request-id=7033f2d5-121d-4eb1-93b2-26c1ede7e711&state=wPkuAXkvu9HfVF9_Xyi5ydQmnB6cg7TnuUdcIUK9l86TXXnsKgvGtn23KIZvNSq7k6eThPIKzUvviLzsqT_iimvOapY2YGgM9whoiZg4bkMu4z9d6z5cv0lNBjHZcfg0kdQlTUMSnOwC8PKM_MXrPbH80wfRlnbb-mb9-crPqis-wWBJI6fbvHMIFXJ8GJer1Jm28gcbRnLl2tDP3R28REyEgEa7-xMvkf9AzdhkKrOiwSOAeVCDBp9E-1yvfJIrzkY_57ROTSdI0Q6ZWAhHAyZUXFiwl2iXJ-4pXQLnnTs&x-client-SKU=ID_NET8_0&x-client-ver=8.3.0.0HTTP Parser: No <meta name="author".. found
            Source: https://o365.techowerouthwestep.nl/HTTP Parser: No <meta name="author".. found
            Source: https://o365.techowerouthwestep.nl/HTTP Parser: No <meta name="author".. found
            Source: https://o365.techowerouthwestep.nl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.microsoft365.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638778228796915000.MTY1YTU2NTktNTg2Yi00ZDZlLTg5OWMtYTUxYmUxYWYxYzJkNDk4NDM1MDYtNmJjYi00ZTIxLThjNDgtYzNhOWQ3YWZlYmNm&ui_locales=en-US&mkt=en-US&client-request-id=7033f2d5-121d-4eb1-93b2-26c1ede7e711&state=wPkuAXkvu9HfVF9_Xyi5ydQmnB6cg7TnuUdcIUK9l86TXXnsKgvGtn23KIZvNSq7k6eThPIKzUvviLzsqT_iimvOapY2YGgM9whoiZg4bkMu4z9d6z5cv0lNBjHZcfg0kdQlTUMSnOwC8PKM_MXrPbH80wfRlnbb-mb9-crPqis-wWBJI6fbvHMIFXJ8GJer1Jm28gcbRnLl2tDP3R28REyEgEa7-xMvkf9AzdhkKrOiwSOAeVCDBp9E-1yvfJIrzkY_57ROTSdI0Q6ZWAhHAyZUXFiwl2iXJ-4pXQLnnTs&x-client-SKU=ID_NET8_0&x-client-ver=8.3.0.0HTTP Parser: No <meta name="copyright".. found
            Source: https://o365.techowerouthwestep.nl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.microsoft365.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638778228796915000.MTY1YTU2NTktNTg2Yi00ZDZlLTg5OWMtYTUxYmUxYWYxYzJkNDk4NDM1MDYtNmJjYi00ZTIxLThjNDgtYzNhOWQ3YWZlYmNm&ui_locales=en-US&mkt=en-US&client-request-id=7033f2d5-121d-4eb1-93b2-26c1ede7e711&state=wPkuAXkvu9HfVF9_Xyi5ydQmnB6cg7TnuUdcIUK9l86TXXnsKgvGtn23KIZvNSq7k6eThPIKzUvviLzsqT_iimvOapY2YGgM9whoiZg4bkMu4z9d6z5cv0lNBjHZcfg0kdQlTUMSnOwC8PKM_MXrPbH80wfRlnbb-mb9-crPqis-wWBJI6fbvHMIFXJ8GJer1Jm28gcbRnLl2tDP3R28REyEgEa7-xMvkf9AzdhkKrOiwSOAeVCDBp9E-1yvfJIrzkY_57ROTSdI0Q6ZWAhHAyZUXFiwl2iXJ-4pXQLnnTs&x-client-SKU=ID_NET8_0&x-client-ver=8.3.0.0HTTP Parser: No <meta name="copyright".. found
            Source: https://o365.techowerouthwestep.nl/HTTP Parser: No <meta name="copyright".. found
            Source: https://o365.techowerouthwestep.nl/HTTP Parser: No <meta name="copyright".. found
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49698 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49699 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49700 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49702 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49706 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49713 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49714 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49715 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49717 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49718 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49719 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49716 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 142.250.186.164:443 -> 192.168.2.16:49721 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 52.111.243.107:443 -> 192.168.2.16:49720 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.74.129.1:443 -> 192.168.2.16:49727 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 52.111.243.107:443 -> 192.168.2.16:49728 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49730 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 52.111.243.107:443 -> 192.168.2.16:49732 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49737 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.74.129.1:443 -> 192.168.2.16:49738 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49741 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49740 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.16:49758 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 151.101.129.229:443 -> 192.168.2.16:49762 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 52.146.128.240:443 -> 192.168.2.16:49763 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.22.20.144:443 -> 192.168.2.16:49770 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 151.101.193.181:443 -> 192.168.2.16:49771 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 52.146.128.240:443 -> 192.168.2.16:49772 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 136.144.251.127:443 -> 192.168.2.16:49776 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 172.66.0.235:443 -> 192.168.2.16:63792 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 172.66.0.235:443 -> 192.168.2.16:63793 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.22.242.120:443 -> 192.168.2.16:63795 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 136.144.251.127:443 -> 192.168.2.16:63797 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63799 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63800 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63801 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63802 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63805 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63809 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63806 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63808 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63810 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63807 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63812 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63813 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 92.123.12.181:443 -> 192.168.2.16:63811 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63815 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63814 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63817 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63818 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63820 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63821 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63822 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63823 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63825 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63824 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63827 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63828 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63830 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63829 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63831 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63832 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63833 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63834 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63835 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63836 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63838 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63843 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63845 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63846 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63848 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63849 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63850 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63851 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63854 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63853 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63857 version: TLS 1.2
            Source: chrome.exeMemory has grown: Private usage: 13MB later: 38MB

            Networking

            barindex
            Uses dynamic DNS services
            Source: unknownDNS query: name: brandnext.duckdns.org
            Source: global trafficTCP traffic: 192.168.2.16:63784 -> 162.159.36.2:53
            Source: global trafficTCP traffic: 192.168.2.16:63784 -> 162.159.36.2:53
            Source: global trafficTCP traffic: 192.168.2.16:63784 -> 162.159.36.2:53
            Source: global trafficTCP traffic: 192.168.2.16:63784 -> 162.159.36.2:53
            Source: global trafficTCP traffic: 192.168.2.16:63784 -> 162.159.36.2:53
            Source: global trafficTCP traffic: 192.168.2.16:63784 -> 162.159.36.2:53
            Source: global trafficTCP traffic: 192.168.2.16:63784 -> 162.159.36.2:53
            Source: global trafficTCP traffic: 192.168.2.16:63784 -> 162.159.36.2:53
            Source: global trafficTCP traffic: 192.168.2.16:63784 -> 162.159.36.2:53
            Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.16:49722 -> 172.217.18.14:443
            Source: unknownTCP traffic detected without corresponding DNS query: 172.217.18.14
            Source: unknownTCP traffic detected without corresponding DNS query: 172.217.18.14
            Source: unknownTCP traffic detected without corresponding DNS query: 172.217.18.14
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownTCP traffic detected without corresponding DNS query: 172.217.18.3
            Source: unknownTCP traffic detected without corresponding DNS query: 172.217.18.3
            Source: unknownTCP traffic detected without corresponding DNS query: 172.217.18.3
            Source: unknownTCP traffic detected without corresponding DNS query: 172.217.18.3
            Source: unknownTCP traffic detected without corresponding DNS query: 172.217.18.3
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: global trafficHTTP traffic detected: GET /e/CzYzGKsuJ0h0Qz9CdMLPYe0NavsKbyZ12uW0kP6 HTTP/1.1Host: forms.office.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /pages/responsepage.aspx?id=7SGl_jJVbkqLWPl801RZclnjAoiKovlOtaQZQ7IljwNUNVdEWEcwN1JKQ09SWklWTTkwVldIRUpFSS4u&route=shorturl HTTP/1.1Host: forms.office.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /scripts/dists/ls-response.en-us.b26195a5d.js HTTP/1.1Host: cdn.forms.office.netConnection: keep-aliveOrigin: https://forms.office.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /formapi/api/fea521ed-5532-4a6e-8b58-f97cd3545972/users/8802e359-a28a-4ef9-b5a4-1943b2258f03/light/runtimeFormsWithResponses('7SGl_jJVbkqLWPl801RZclnjAoiKovlOtaQZQ7IljwNUNVdEWEcwN1JKQ09SWklWTTkwVldIRUpFSS4u')?$expand=questions($expand=choices)&$top=1 HTTP/1.1Host: forms.office.comConnection: keep-aliveX-UserSessionId: fb7ce70d-323e-41f3-9653-78dc656797b8sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/jsonsec-ch-ua-mobile: ?0__RequestVerificationToken: xVBFO9c7ohAGOCtJjMRJJ2w_YKnO19DjEeO1ysWt3Hn4tPVjAEJ3M6oMeOGW2OW4vIRb_AuYANZAo7xqVopDFaXp8FLLdnUGL4AM3uNPDCg1Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://forms.office.com/pages/responsepage.aspx?id=7SGl_jJVbkqLWPl801RZclnjAoiKovlOtaQZQ7IljwNUNVdEWEcwN1JKQ09SWklWTTkwVldIRUpFSS4u&route=shorturlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: FormsWebSessionId=bac2a509-07ad-4e67-8ad5-6cd109eac8e5; __RequestVerificationToken=1TKHLITrmoSDxMPukBYLTzVxWvN733vILfpIbh3nVGNMRhHKZRUAZwXgbTU4Plc8WaEp2fMzfZ7Vn6Q8Hw_uzif9CU-0NygFa9vfvf6Gm4Y1
            Source: global trafficHTTP traffic detected: GET /scripts/dists/dll-dompurify.min.11aa374.js HTTP/1.1Host: cdn.forms.office.netConnection: keep-aliveOrigin: https://forms.office.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /scripts/dists/light-response-page.min.32c7ad8.js HTTP/1.1Host: cdn.forms.office.netConnection: keep-aliveOrigin: https://forms.office.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /formapi/api/fea521ed-5532-4a6e-8b58-f97cd3545972/users/8802e359-a28a-4ef9-b5a4-1943b2258f03/light/runtimeFormsWithResponses('7SGl_jJVbkqLWPl801RZclnjAoiKovlOtaQZQ7IljwNUNVdEWEcwN1JKQ09SWklWTTkwVldIRUpFSS4u')?$expand=questions($expand=choices)&$top=1 HTTP/1.1Host: forms.office.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: FormsWebSessionId=bac2a509-07ad-4e67-8ad5-6cd109eac8e5; __RequestVerificationToken=1TKHLITrmoSDxMPukBYLTzVxWvN733vILfpIbh3nVGNMRhHKZRUAZwXgbTU4Plc8WaEp2fMzfZ7Vn6Q8Hw_uzif9CU-0NygFa9vfvf6Gm4Y1
            Source: global trafficHTTP traffic detected: GET /scripts/dists/light-response-page.chunk.lrp_ext.74e63c0.js HTTP/1.1Host: cdn.forms.office.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /scripts/dists/light-response-page.chunk.lrp_saveresponse.5448557.js HTTP/1.1Host: cdn.forms.office.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /scripts/dists/light-response-page.chunk.lrp_cover.5640ba3.js HTTP/1.1Host: cdn.forms.office.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /scripts/dists/light-response-page.chunk.lrp_post.boot.d21af61.js HTTP/1.1Host: cdn.forms.office.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Images/fea521ed-5532-4a6e-8b58-f97cd3545972/8802e359-a28a-4ef9-b5a4-1943b2258f03/T7G2SEFMUS2AYQY0GRE75RW9WM/86e608fc-8693-4f8e-be7a-b7b714215221 HTTP/1.1Host: lists.office.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /scripts/dists/light-response-page.chunk.sw.a912249.js HTTP/1.1Host: cdn.forms.office.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /images/microsoft365logo_v1.png HTTP/1.1Host: cdn.forms.office.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /scripts/dists/light-response-page.chunk.utel.fa097bf.js HTTP/1.1Host: cdn.forms.office.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /Images/fea521ed-5532-4a6e-8b58-f97cd3545972/8802e359-a28a-4ef9-b5a4-1943b2258f03/T5WDXG07RJCORZIVM90VWHEJEI/758f0052-11f5-4f0d-833d-9f4703788a69 HTTP/1.1Host: lists.office.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /c.gif HTTP/1.1Host: c.office.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /sw.js?ring=Business HTTP/1.1Host: forms.office.comConnection: keep-aliveCache-Control: max-age=0Accept: */*Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://forms.office.com/pages/responsepage.aspx?id=7SGl_jJVbkqLWPl801RZclnjAoiKovlOtaQZQ7IljwNUNVdEWEcwN1JKQ09SWklWTTkwVldIRUpFSS4u&route=shorturlUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: FormsWebSessionId=bac2a509-07ad-4e67-8ad5-6cd109eac8e5; __RequestVerificationToken=1TKHLITrmoSDxMPukBYLTzVxWvN733vILfpIbh3nVGNMRhHKZRUAZwXgbTU4Plc8WaEp2fMzfZ7Vn6Q8Hw_uzif9CU-0NygFa9vfvf6Gm4Y1
            Source: global trafficHTTP traffic detected: GET /Images/fea521ed-5532-4a6e-8b58-f97cd3545972/8802e359-a28a-4ef9-b5a4-1943b2258f03/T7G2SEFMUS2AYQY0GRE75RW9WM/86e608fc-8693-4f8e-be7a-b7b714215221 HTTP/1.1Host: lists.office.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /images/microsoft365logo_v1.png HTTP/1.1Host: cdn.forms.office.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /offline.aspx HTTP/1.1Host: forms.office.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://forms.office.com/sw.js?ring=BusinessAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: FormsWebSessionId=bac2a509-07ad-4e67-8ad5-6cd109eac8e5; __RequestVerificationToken=1TKHLITrmoSDxMPukBYLTzVxWvN733vILfpIbh3nVGNMRhHKZRUAZwXgbTU4Plc8WaEp2fMzfZ7Vn6Q8Hw_uzif9CU-0NygFa9vfvf6Gm4Y1; MUID=167D9618D6076B400A8B83AAD20760F1
            Source: global trafficHTTP traffic detected: GET /Images/fea521ed-5532-4a6e-8b58-f97cd3545972/8802e359-a28a-4ef9-b5a4-1943b2258f03/T5WDXG07RJCORZIVM90VWHEJEI/758f0052-11f5-4f0d-833d-9f4703788a69 HTTP/1.1Host: lists.office.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: MUID=167D9618D6076B400A8B83AAD20760F1
            Source: global trafficHTTP traffic detected: GET /c.gif?ctsa=mr&CtsSyncId=F9CF866D9DE74A44B11E3B0474E1059A&MUID=167D9618D6076B400A8B83AAD20760F1 HTTP/1.1Host: c.office.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: SM=T; MUID=167D9618D6076B400A8B83AAD20760F1
            Source: global trafficHTTP traffic detected: GET /0abbb778-44ed-ef11-933d-000d3a24897a/digitalassets/standaloneforms/5a3a4a05-cced-ef11-be20-7c1e5228b93e?=outlook.office.com/mail/inbox/id/AAQkADZkOTk4OWNmLWYyYjUtNGEwNi1hZTY0LTY5ZGE5ZmYzYzYxMwAQAP%2FO5QhSWQBJt%2Bdd51R9eCU%3D?actSwt=true HTTP/1.1Host: assets-eur.mkt.dynamics.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /muid.gif?muid=167D9618D6076B400A8B83AAD20760F1 HTTP/1.1Host: forms.cloud.microsoftConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /c.gif?ctsa=mr&CtsSyncId=F9CF866D9DE74A44B11E3B0474E1059A&MUID=167D9618D6076B400A8B83AAD20760F1 HTTP/1.1Host: c.office.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: MUID=167D9618D6076B400A8B83AAD20760F1; SM=C; MR=0; ANONCHK=0
            Source: global trafficHTTP traffic detected: GET /muid.gif?muid=167D9618D6076B400A8B83AAD20760F1 HTTP/1.1Host: forms.cloud.microsoftConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: MUID=167D9618D6076B400A8B83AAD20760F1
            Source: global trafficHTTP traffic detected: GET /pwa/en-us/app.webmanifest HTTP/1.1Host: forms.office.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://forms.office.com/pages/responsepage.aspx?id=7SGl_jJVbkqLWPl801RZclnjAoiKovlOtaQZQ7IljwNUNVdEWEcwN1JKQ09SWklWTTkwVldIRUpFSS4u&route=shorturlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /images/favicon.ico HTTP/1.1Host: cdn.forms.office.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://forms.office.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn/images/pwa/forms-pwa-logo-192.png HTTP/1.1Host: forms.office.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://forms.office.com/pages/responsepage.aspx?id=7SGl_jJVbkqLWPl801RZclnjAoiKovlOtaQZQ7IljwNUNVdEWEcwN1JKQ09SWklWTTkwVldIRUpFSS4u&route=shorturlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: FormsWebSessionId=bac2a509-07ad-4e67-8ad5-6cd109eac8e5; __RequestVerificationToken=1TKHLITrmoSDxMPukBYLTzVxWvN733vILfpIbh3nVGNMRhHKZRUAZwXgbTU4Plc8WaEp2fMzfZ7Vn6Q8Hw_uzif9CU-0NygFa9vfvf6Gm4Y1; MUID=167D9618D6076B400A8B83AAD20760F1
            Source: global trafficHTTP traffic detected: GET /images/favicon.ico HTTP/1.1Host: cdn.forms.office.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn/images/pwa/forms-pwa-logo-192.png HTTP/1.1Host: forms.office.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: FormsWebSessionId=bac2a509-07ad-4e67-8ad5-6cd109eac8e5; __RequestVerificationToken=1TKHLITrmoSDxMPukBYLTzVxWvN733vILfpIbh3nVGNMRhHKZRUAZwXgbTU4Plc8WaEp2fMzfZ7Vn6Q8Hw_uzif9CU-0NygFa9vfvf6Gm4Y1; MUID=167D9618D6076B400A8B83AAD20760F1
            Source: global trafficHTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://assets-eur.mkt.dynamics.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /npm/tailwindcss@2.2.19/dist/tailwind.min.css HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://assets-eur.mkt.dynamics.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: cdn.tailwindcss.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /embed/v4.js HTTP/1.1Host: play.vidyard.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /api/v1.0/orgs/0abbb778-44ed-ef11-933d-000d3a24897a/landingpageforms/forms/5a3a4a05-cced-ef11-be20-7c1e5228b93e/visits HTTP/1.1Host: public-eur.mkt.dynamics.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /3.4.16 HTTP/1.1Host: cdn.tailwindcss.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /proxy.php HTTP/1.1Host: brandnext.duckdns.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Origin: https://assets-eur.mkt.dynamics.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /r/gsr1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
            Source: global trafficHTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
            Source: global trafficHTTP traffic detected: GET /qxzzqvpwksmrwwphvwzgcjhafmmzzp.html HTTP/1.1Host: pub-1ffadcd6b396417f874c98b451d896be.r2.devConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pub-1ffadcd6b396417f874c98b451d896be.r2.devConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-1ffadcd6b396417f874c98b451d896be.r2.dev/qxzzqvpwksmrwwphvwzgcjhafmmzzp.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /proxy.php HTTP/1.1Host: brandnext.duckdns.orgConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Origin: https://pub-1ffadcd6b396417f874c98b451d896be.r2.devSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pub-1ffadcd6b396417f874c98b451d896be.r2.dev/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /wqtVIhlQ?owla=olqTQGdBGmQsQKteY814 HTTP/1.1Host: officqwjmeuuqvqdardruegs.techowerouthwestep.nlConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://pub-1ffadcd6b396417f874c98b451d896be.r2.dev/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /login HTTP/1.1Host: ezzjxkio.techowerouthwestep.nlConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://pub-1ffadcd6b396417f874c98b451d896be.r2.dev/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.microsoft365.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638778228796915000.MTY1YTU2NTktNTg2Yi00ZDZlLTg5OWMtYTUxYmUxYWYxYzJkNDk4NDM1MDYtNmJjYi00ZTIxLThjNDgtYzNhOWQ3YWZlYmNm&ui_locales=en-US&mkt=en-US&client-request-id=7033f2d5-121d-4eb1-93b2-26c1ede7e711&state=wPkuAXkvu9HfVF9_Xyi5ydQmnB6cg7TnuUdcIUK9l86TXXnsKgvGtn23KIZvNSq7k6eThPIKzUvviLzsqT_iimvOapY2YGgM9whoiZg4bkMu4z9d6z5cv0lNBjHZcfg0kdQlTUMSnOwC8PKM_MXrPbH80wfRlnbb-mb9-crPqis-wWBJI6fbvHMIFXJ8GJer1Jm28gcbRnLl2tDP3R28REyEgEa7-xMvkf9AzdhkKrOiwSOAeVCDBp9E-1yvfJIrzkY_57ROTSdI0Q6ZWAhHAyZUXFiwl2iXJ-4pXQLnnTs&x-client-SKU=ID_NET8_0&x-client-ver=8.3.0.0 HTTP/1.1Host: o365.techowerouthwestep.nlConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://pub-1ffadcd6b396417f874c98b451d896be.r2.dev/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveOrigin: https://o365.techowerouthwestep.nlsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /s/19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363/371beb1562c0c3b4daa70d0fc6a4e9230503db5872ab082e1076a67425082762.js HTTP/1.1Host: o365.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.microsoft365.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638778228796915000.MTY1YTU2NTktNTg2Yi00ZDZlLTg5OWMtYTUxYmUxYWYxYzJkNDk4NDM1MDYtNmJjYi00ZTIxLThjNDgtYzNhOWQ3YWZlYmNm&ui_locales=en-US&mkt=en-US&client-request-id=7033f2d5-121d-4eb1-93b2-26c1ede7e711&state=wPkuAXkvu9HfVF9_Xyi5ydQmnB6cg7TnuUdcIUK9l86TXXnsKgvGtn23KIZvNSq7k6eThPIKzUvviLzsqT_iimvOapY2YGgM9whoiZg4bkMu4z9d6z5cv0lNBjHZcfg0kdQlTUMSnOwC8PKM_MXrPbH80wfRlnbb-mb9-crPqis-wWBJI6fbvHMIFXJ8GJer1Jm28gcbRnLl2tDP3R28REyEgEa7-xMvkf9AzdhkKrOiwSOAeVCDBp9E-1yvfJIrzkY_57ROTSdI0Q6ZWAhHAyZUXFiwl2iXJ-4pXQLnnTs&x-client-SKU=ID_NET8_0&x-client-ver=8.3.0.0Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363; buid=1.AUgAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAABIAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEu9PGPH5QDwAq6rM3xWDoDMyvfFbw-5TKG2Z1AMUqaBYOYap8o_qo2lBDAgPY9timAkDMpPObhkjIuQemL6WLrIp4mDUYm4_TA2rVoAKbrAkgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQECJ7kydDmyXsDDaJf0ct67s72xZ-Y5VFbBThgzRdPFygxZJ7P1w75SEMU-YCnYjnga-kpiyd67fL3EKsZb0-k8zaVCRfmNJb-LiyDZYym1HlzKN4n8fjRO9uTxYMHXRO8UShQJZ4mRt42ubJRTErZhsWx0DUlyYB9ZUExg0kJKDwgAA; esctx-UG4Znbe8QGU=AQABCQEAAABVrSpeuWamRam2jAF1XRQErV9hEvniEtzxkuPlKA85Z-RmMluQUh1PRZSJVLz_Zh72bfeGBr5Tls_oEfVLb6BRYNhJNiTFrBp8W0_PWd2qu7DLMYBUlnE0LL8yqrIQ3gZt5n5Jam8AS7fRJOfA8ecjpoUg9pU38rMOBCpIfomVyyAA; fpc=AtwbiT8ePCNNgdnJbStRg9G8Ae7AAQAAAKA5at8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_GjP1RdcVSKf6ASC7mgkR1g2.js HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveOrigin: https://o365.techowerouthwestep.nlsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /s/19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363.js HTTP/1.1Host: o365.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.microsoft365.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638778228796915000.MTY1YTU2NTktNTg2Yi00ZDZlLTg5OWMtYTUxYmUxYWYxYzJkNDk4NDM1MDYtNmJjYi00ZTIxLThjNDgtYzNhOWQ3YWZlYmNm&ui_locales=en-US&mkt=en-US&client-request-id=7033f2d5-121d-4eb1-93b2-26c1ede7e711&state=wPkuAXkvu9HfVF9_Xyi5ydQmnB6cg7TnuUdcIUK9l86TXXnsKgvGtn23KIZvNSq7k6eThPIKzUvviLzsqT_iimvOapY2YGgM9whoiZg4bkMu4z9d6z5cv0lNBjHZcfg0kdQlTUMSnOwC8PKM_MXrPbH80wfRlnbb-mb9-crPqis-wWBJI6fbvHMIFXJ8GJer1Jm28gcbRnLl2tDP3R28REyEgEa7-xMvkf9AzdhkKrOiwSOAeVCDBp9E-1yvfJIrzkY_57ROTSdI0Q6ZWAhHAyZUXFiwl2iXJ-4pXQLnnTs&x-client-SKU=ID_NET8_0&x-client-ver=8.3.0.0Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363; buid=1.AUgAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAABIAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEu9PGPH5QDwAq6rM3xWDoDMyvfFbw-5TKG2Z1AMUqaBYOYap8o_qo2lBDAgPY9timAkDMpPObhkjIuQemL6WLrIp4mDUYm4_TA2rVoAKbrAkgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQECJ7kydDmyXsDDaJf0ct67s72xZ-Y5VFbBThgzRdPFygxZJ7P1w75SEMU-YCnYjnga-kpiyd67fL3EKsZb0-k8zaVCRfmNJb-LiyDZYym1HlzKN4n8fjRO9uTxYMHXRO8UShQJZ4mRt42ubJRTErZhsWx0DUlyYB9ZUExg0kJKDwgAA; esctx-UG4Znbe8QGU=AQABCQEAAABVrSpeuWamRam2jAF1XRQErV9hEvniEtzxkuPlKA85Z-RmMluQUh1PRZSJVLz_Zh72bfeGBr5Tls_oEfVLb6BRYNhJNiTFrBp8W0_PWd2qu7DLMYBUlnE0LL8yqrIQ3gZt5n5Jam8AS7fRJOfA8ecjpoUg9pU38rMOBCpIfomVyyAA; fpc=AtwbiT8ePCNNgdnJbStRg9G8Ae7AAQAAAKA5at8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
            Source: global trafficHTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: nogejopmc.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_r1sg5sxlkljjoa22hvk04g2.js HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveOrigin: https://o365.techowerouthwestep.nlsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveOrigin: https://o365.techowerouthwestep.nlsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /s/19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363 HTTP/1.1Host: o365.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/jsonsec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://o365.techowerouthwestep.nl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.microsoft365.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638778228796915000.MTY1YTU2NTktNTg2Yi00ZDZlLTg5OWMtYTUxYmUxYWYxYzJkNDk4NDM1MDYtNmJjYi00ZTIxLThjNDgtYzNhOWQ3YWZlYmNm&ui_locales=en-US&mkt=en-US&client-request-id=7033f2d5-121d-4eb1-93b2-26c1ede7e711&state=wPkuAXkvu9HfVF9_Xyi5ydQmnB6cg7TnuUdcIUK9l86TXXnsKgvGtn23KIZvNSq7k6eThPIKzUvviLzsqT_iimvOapY2YGgM9whoiZg4bkMu4z9d6z5cv0lNBjHZcfg0kdQlTUMSnOwC8PKM_MXrPbH80wfRlnbb-mb9-crPqis-wWBJI6fbvHMIFXJ8GJer1Jm28gcbRnLl2tDP3R28REyEgEa7-xMvkf9AzdhkKrOiwSOAeVCDBp9E-1yvfJIrzkY_57ROTSdI0Q6ZWAhHAyZUXFiwl2iXJ-4pXQLnnTs&x-client-SKU=ID_NET8_0&x-client-ver=8.3.0.0Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363; buid=1.AUgAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAABIAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEu9PGPH5QDwAq6rM3xWDoDMyvfFbw-5TKG2Z1AMUqaBYOYap8o_qo2lBDAgPY9timAkDMpPObhkjIuQemL6WLrIp4mDUYm4_TA2rVoAKbrAkgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQECJ7kydDmyXsDDaJf0ct67s72xZ-Y5VFbBThgzRdPFygxZJ7P1w75SEMU-YCnYjnga-kpiyd67fL3EKsZb0-k8zaVCRfmNJb-LiyDZYym1HlzKN4n8fjRO9uTxYMHXRO8UShQJZ4mRt42ubJRTErZhsWx0DUlyYB9ZUExg0kJKDwgAA; esctx-UG4Znbe8QGU=AQABCQEAAABVrSpeuWamRam2jAF1XRQErV9hEvniEtzxkuPlKA85Z-RmMluQUh1PRZSJVLz_Zh72bfeGBr5Tls_oEfVLb6BRYNhJNiTFrBp8W0_PWd2qu7DLMYBUlnE0LL8yqrIQ3gZt5n5Jam8AS7fRJOfA8ecjpoUg9pU38rMOBCpIfomVyyAA; fpc=AtwbiT8ePCNNgdnJbStRg9G8Ae7AAQAAAKA5at8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_GjP1RdcVSKf6ASC7mgkR1g2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveOrigin: https://o365.techowerouthwestep.nlsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveOrigin: https://o365.techowerouthwestep.nlsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveOrigin: https://o365.techowerouthwestep.nlsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_72a1051aa2aa2943d8c1.js HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /common/handlers/watson HTTP/1.1Host: o365.techowerouthwestep.nlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363; buid=1.AUgAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAABIAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEu9PGPH5QDwAq6rM3xWDoDMyvfFbw-5TKG2Z1AMUqaBYOYap8o_qo2lBDAgPY9timAkDMpPObhkjIuQemL6WLrIp4mDUYm4_TA2rVoAKbrAkgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQECJ7kydDmyXsDDaJf0ct67s72xZ-Y5VFbBThgzRdPFygxZJ7P1w75SEMU-YCnYjnga-kpiyd67fL3EKsZb0-k8zaVCRfmNJb-LiyDZYym1HlzKN4n8fjRO9uTxYMHXRO8UShQJZ4mRt42ubJRTErZhsWx0DUlyYB9ZUExg0kJKDwgAA; esctx-UG4Znbe8QGU=AQABCQEAAABVrSpeuWamRam2jAF1XRQErV9hEvniEtzxkuPlKA85Z-RmMluQUh1PRZSJVLz_Zh72bfeGBr5Tls_oEfVLb6BRYNhJNiTFrBp8W0_PWd2qu7DLMYBUlnE0LL8yqrIQ3gZt5n5Jam8AS7fRJOfA8ecjpoUg9pU38rMOBCpIfomVyyAA; fpc=AtwbiT8ePCNNgdnJbStRg9G8Ae7AAQAAAKA5at8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; MicrosoftApplicationsTelemetryDeviceId=86ddf54e-2c80-4aeb-b6d6-df36fb23262b; brcap=0
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4ba7c391e6f3f547d8ce.js HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: nogejopmc.techowerouthwestep.nlConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363; uaid=e35befd4fb9148e3a55c939801d7c720; MSPRequ=id=N&lt=1742226081&co=1
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_c4928fb5cff147a39780.js HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1Host: o365.techowerouthwestep.nlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363; buid=1.AUgAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAABIAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEu9PGPH5QDwAq6rM3xWDoDMyvfFbw-5TKG2Z1AMUqaBYOYap8o_qo2lBDAgPY9timAkDMpPObhkjIuQemL6WLrIp4mDUYm4_TA2rVoAKbrAkgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQECJ7kydDmyXsDDaJf0ct67s72xZ-Y5VFbBThgzRdPFygxZJ7P1w75SEMU-YCnYjnga-kpiyd67fL3EKsZb0-k8zaVCRfmNJb-LiyDZYym1HlzKN4n8fjRO9uTxYMHXRO8UShQJZ4mRt42ubJRTErZhsWx0DUlyYB9ZUExg0kJKDwgAA; esctx-UG4Znbe8QGU=AQABCQEAAABVrSpeuWamRam2jAF1XRQErV9hEvniEtzxkuPlKA85Z-RmMluQUh1PRZSJVLz_Zh72bfeGBr5Tls_oEfVLb6BRYNhJNiTFrBp8W0_PWd2qu7DLMYBUlnE0LL8yqrIQ3gZt5n5Jam8AS7fRJOfA8ecjpoUg9pU38rMOBCpIfomVyyAA; fpc=AtwbiT8ePCNNgdnJbStRg9G8Ae7AAQAAAKA5at8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; MicrosoftApplicationsTelemetryDeviceId=86ddf54e-2c80-4aeb-b6d6-df36fb23262b; brcap=0; ai_session=1HCuFqVc2CKmR+00eORYgP|1742226089533|1742226089533; MSFPC=GUID=262503f05fc84c83989c93c6339de94a&HASH=2625&LV=202503&V=4&LU=1742226094495
            Source: global trafficHTTP traffic detected: GET /s/19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363 HTTP/1.1Host: o365.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/jsonsec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363; buid=1.AUgAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAABIAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEu9PGPH5QDwAq6rM3xWDoDMyvfFbw-5TKG2Z1AMUqaBYOYap8o_qo2lBDAgPY9timAkDMpPObhkjIuQemL6WLrIp4mDUYm4_TA2rVoAKbrAkgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQECJ7kydDmyXsDDaJf0ct67s72xZ-Y5VFbBThgzRdPFygxZJ7P1w75SEMU-YCnYjnga-kpiyd67fL3EKsZb0-k8zaVCRfmNJb-LiyDZYym1HlzKN4n8fjRO9uTxYMHXRO8UShQJZ4mRt42ubJRTErZhsWx0DUlyYB9ZUExg0kJKDwgAA; esctx-UG4Znbe8QGU=AQABCQEAAABVrSpeuWamRam2jAF1XRQErV9hEvniEtzxkuPlKA85Z-RmMluQUh1PRZSJVLz_Zh72bfeGBr5Tls_oEfVLb6BRYNhJNiTFrBp8W0_PWd2qu7DLMYBUlnE0LL8yqrIQ3gZt5n5Jam8AS7fRJOfA8ecjpoUg9pU38rMOBCpIfomVyyAA; fpc=AtwbiT8ePCNNgdnJbStRg9G8Ae7AAQAAAKA5at8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; MicrosoftApplicationsTelemetryDeviceId=86ddf54e-2c80-4aeb-b6d6-df36fb23262b; brcap=0; ai_session=1HCuFqVc2CKmR+00eORYgP|1742226089533|1742226089533; MSFPC=GUID=262503f05fc84c83989c93c6339de94a&HASH=2625&LV=202503&V=4&LU=1742226094495
            Source: global trafficHTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1Host: o365.techowerouthwestep.nlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363; buid=1.AUgAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAABIAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEu9PGPH5QDwAq6rM3xWDoDMyvfFbw-5TKG2Z1AMUqaBYOYap8o_qo2lBDAgPY9timAkDMpPObhkjIuQemL6WLrIp4mDUYm4_TA2rVoAKbrAkgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQECJ7kydDmyXsDDaJf0ct67s72xZ-Y5VFbBThgzRdPFygxZJ7P1w75SEMU-YCnYjnga-kpiyd67fL3EKsZb0-k8zaVCRfmNJb-LiyDZYym1HlzKN4n8fjRO9uTxYMHXRO8UShQJZ4mRt42ubJRTErZhsWx0DUlyYB9ZUExg0kJKDwgAA; esctx-UG4Znbe8QGU=AQABCQEAAABVrSpeuWamRam2jAF1XRQErV9hEvniEtzxkuPlKA85Z-RmMluQUh1PRZSJVLz_Zh72bfeGBr5Tls_oEfVLb6BRYNhJNiTFrBp8W0_PWd2qu7DLMYBUlnE0LL8yqrIQ3gZt5n5Jam8AS7fRJOfA8ecjpoUg9pU38rMOBCpIfomVyyAA; fpc=AtwbiT8ePCNNgdnJbStRg9G8Ae7AAQAAAKA5at8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; MicrosoftApplicationsTelemetryDeviceId=86ddf54e-2c80-4aeb-b6d6-df36fb23262b; brcap=0; ai_session=1HCuFqVc2CKmR+00eORYgP|1742226089533|1742226089533; MSFPC=GUID=262503f05fc84c83989c93c6339de94a&HASH=2625&LV=202503&V=4&LU=1742226094495
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pidpdisambiguation_f4bad3d9b05044fac977.js HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/picker_account_aad_a8332c62695d74843a11daf39a74e552.svg HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/picker_account_msa_3b879963b4f70829fd7a25cbc9519792.svg HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/picker_account_aad_a8332c62695d74843a11daf39a74e552.svg HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/picker_account_msa_3b879963b4f70829fd7a25cbc9519792.svg HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pidpredirect_0319da52ba81834624b9.js HTTP/1.1Host: btqmmgqw.techowerouthwestep.nlConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://o365.techowerouthwestep.nl/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 5edd-781d=19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363
            Source: global trafficDNS traffic detected: DNS query: forms.office.com
            Source: global trafficDNS traffic detected: DNS query: cdn.forms.office.net
            Source: global trafficDNS traffic detected: DNS query: lists.office.com
            Source: global trafficDNS traffic detected: DNS query: www.google.com
            Source: global trafficDNS traffic detected: DNS query: c.office.com
            Source: global trafficDNS traffic detected: DNS query: assets-eur.mkt.dynamics.com
            Source: global trafficDNS traffic detected: DNS query: forms.cloud.microsoft
            Source: global trafficDNS traffic detected: DNS query: cdnjs.cloudflare.com
            Source: global trafficDNS traffic detected: DNS query: cdn.jsdelivr.net
            Source: global trafficDNS traffic detected: DNS query: brandnext.duckdns.org
            Source: global trafficDNS traffic detected: DNS query: public-eur.mkt.dynamics.com
            Source: global trafficDNS traffic detected: DNS query: play.vidyard.com
            Source: global trafficDNS traffic detected: DNS query: cdn.tailwindcss.com
            Source: global trafficDNS traffic detected: DNS query: 206.23.85.13.in-addr.arpa
            Source: global trafficDNS traffic detected: DNS query: pub-1ffadcd6b396417f874c98b451d896be.r2.dev
            Source: global trafficDNS traffic detected: DNS query: officqwjmeuuqvqdardruegs.techowerouthwestep.nl
            Source: global trafficDNS traffic detected: DNS query: ezzjxkio.techowerouthwestep.nl
            Source: global trafficDNS traffic detected: DNS query: o365.techowerouthwestep.nl
            Source: global trafficDNS traffic detected: DNS query: aadcdn.msftauth.net
            Source: global trafficDNS traffic detected: DNS query: btqmmgqw.techowerouthwestep.nl
            Source: global trafficDNS traffic detected: DNS query: nogejopmc.techowerouthwestep.nl
            Source: global trafficDNS traffic detected: DNS query: sts.microsoftonline.com
            Source: unknownHTTP traffic detected: POST /api/v1.0/orgs/0abbb778-44ed-ef11-933d-000d3a24897a/landingpageforms/forms/5a3a4a05-cced-ef11-be20-7c1e5228b93e/visits HTTP/1.1Host: public-eur.mkt.dynamics.comConnection: keep-aliveContent-Length: 286sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/jsonsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/jsonsec-ch-ua-mobile: ?0Origin: https://assets-eur.mkt.dynamics.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Mon, 17 Mar 2025 15:40:29 GMTContent-Length: 0Connection: closex-ms-trace-id: 137fecdf82c26d80ba70a075ff02bfc1Strict-Transport-Security: max-age=2592000; preload
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 17 Mar 2025 15:41:15 GMTContent-Type: text/htmlContent-Length: 27150Connection: closeServer: cloudflareCF-RAY: 921d97ed5f300c7a-EWR
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Found
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
            Source: unknownNetwork traffic detected: HTTP traffic on port 63812 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63835 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63809
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63808
            Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63801
            Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63800
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63802
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63805
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63804
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63807
            Source: unknownNetwork traffic detected: HTTP traffic on port 63829 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63806
            Source: unknownNetwork traffic detected: HTTP traffic on port 63806 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
            Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
            Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63819
            Source: unknownNetwork traffic detected: HTTP traffic on port 63817 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63830 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63812
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63811
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63814
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63813
            Source: unknownNetwork traffic detected: HTTP traffic on port 63824 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63815
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63818
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63817
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
            Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63810
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
            Source: unknownNetwork traffic detected: HTTP traffic on port 63818 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63795 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63823
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63822
            Source: unknownNetwork traffic detected: HTTP traffic on port 63823 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63825
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63824
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63827
            Source: unknownNetwork traffic detected: HTTP traffic on port 63846 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63829
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63828
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
            Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63821
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63820
            Source: unknownNetwork traffic detected: HTTP traffic on port 63857 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63834
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63833
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63836
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63835
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63838
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63830
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
            Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63832
            Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63801 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63831
            Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63797 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
            Source: unknownNetwork traffic detected: HTTP traffic on port 63834 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
            Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63851 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63828 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63845 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
            Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
            Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63833 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63827 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
            Source: unknownNetwork traffic detected: HTTP traffic on port 63800 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63811 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63805 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63822 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
            Source: unknownNetwork traffic detected: HTTP traffic on port 63793 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63850 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63821 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
            Source: unknownNetwork traffic detected: HTTP traffic on port 63861 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
            Source: unknownNetwork traffic detected: HTTP traffic on port 63838 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63798 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63849 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63810 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63792 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63804 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63809 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63832 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63815 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63793
            Source: unknownNetwork traffic detected: HTTP traffic on port 63843 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63792
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63795
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63797
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63799
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63798
            Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
            Source: unknownNetwork traffic detected: HTTP traffic on port 63831 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63845
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63847
            Source: unknownNetwork traffic detected: HTTP traffic on port 63825 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63846
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63849
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63848
            Source: unknownNetwork traffic detected: HTTP traffic on port 63854 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63848 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63802 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63843
            Source: unknownNetwork traffic detected: HTTP traffic on port 63813 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63857
            Source: unknownNetwork traffic detected: HTTP traffic on port 63820 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63850
            Source: unknownNetwork traffic detected: HTTP traffic on port 63807 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63851
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63854
            Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63853
            Source: unknownNetwork traffic detected: HTTP traffic on port 63814 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63799 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 63861
            Source: unknownNetwork traffic detected: HTTP traffic on port 63808 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63836 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63819 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63853 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 63847 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49698 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49699 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49700 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49702 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49706 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49713 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49714 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49715 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49717 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49718 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49719 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49716 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 142.250.186.164:443 -> 192.168.2.16:49721 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 52.111.243.107:443 -> 192.168.2.16:49720 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.74.129.1:443 -> 192.168.2.16:49727 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 52.111.243.107:443 -> 192.168.2.16:49728 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.18.121.134:443 -> 192.168.2.16:49730 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 52.111.243.107:443 -> 192.168.2.16:49732 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49737 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.74.129.1:443 -> 192.168.2.16:49738 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49741 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 13.107.6.194:443 -> 192.168.2.16:49740 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.16:49758 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 151.101.129.229:443 -> 192.168.2.16:49762 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 52.146.128.240:443 -> 192.168.2.16:49763 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 104.22.20.144:443 -> 192.168.2.16:49770 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 151.101.193.181:443 -> 192.168.2.16:49771 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 52.146.128.240:443 -> 192.168.2.16:49772 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 136.144.251.127:443 -> 192.168.2.16:49776 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 172.66.0.235:443 -> 192.168.2.16:63792 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 172.66.0.235:443 -> 192.168.2.16:63793 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 2.22.242.120:443 -> 192.168.2.16:63795 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 136.144.251.127:443 -> 192.168.2.16:63797 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63799 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63800 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63801 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63802 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63805 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63809 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63806 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63808 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63810 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63807 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63812 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63813 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 92.123.12.181:443 -> 192.168.2.16:63811 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63815 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63814 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63817 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63818 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63820 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63821 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63822 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63823 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63825 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63824 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63827 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63828 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63830 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63829 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63831 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63832 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63833 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63834 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63835 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63836 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63838 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63843 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63845 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63846 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63848 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63849 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63850 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63851 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63854 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63853 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 20.77.10.116:443 -> 192.168.2.16:63857 version: TLS 1.2
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir6892_75402496
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir6892_75402496
            Source: classification engineClassification label: mal72.phis.troj.win@30/55@55/297
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1972,i,2150199765037437879,18234948028347598232,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2040 /prefetch:3
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://forms.office.com/e/CzYzGKsuJ0h0Qz9CdMLPYe0NavsKbyZ12uW0kP6"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1972,i,2150199765037437879,18234948028347598232,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2040 /prefetch:3
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: Window RecorderWindow detected: More than 3 window changes detected

            Mitre Att&ck Matrix

            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
            Process Injection            		1
            Masquerading            		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
            Encrypted Channel            		Exfiltration Over Other Network MediumAbuse Accessibility Features
            CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
            Extra Window Memory Injection            		1
            Process Injection            		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
            Non-Application Layer Protocol            		Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
            File Deletion            		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive15
            Application Layer Protocol            		Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
            Extra Window Memory Injection            		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
            Ingress Tool Transfer            		Traffic DuplicationData Destruction

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


            windows-stand

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            https://forms.office.com/e/CzYzGKsuJ0h0Qz9CdMLPYe0NavsKbyZ12uW0kP60%Avira URL Cloudsafe

            Dropped Files

            No Antivirus matches

            Unpacked PE Files

            No Antivirus matches

            Domains

            No Antivirus matches

            URLs

            SourceDetectionScannerLabelLink
            https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.lrp_cover.5640ba3.js0%Avira URL Cloudsafe
            https://forms.office.com/pages/responsepage.aspx?id=7SGl_jJVbkqLWPl801RZclnjAoiKovlOtaQZQ7IljwNUNVdEWEcwN1JKQ09SWklWTTkwVldIRUpFSS4u&route=shorturl0%Avira URL Cloudsafe
            https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.lrp_saveresponse.5448557.js0%Avira URL Cloudsafe
            https://cdn.forms.office.net/scripts/dists/ls-response.en-us.b26195a5d.js0%Avira URL Cloudsafe
            https://cdn.forms.office.net/scripts/dists/light-response-page.min.32c7ad8.js0%Avira URL Cloudsafe
            https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.lrp_ext.74e63c0.js0%Avira URL Cloudsafe
            https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.lrp_post.boot.d21af61.js0%Avira URL Cloudsafe
            https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F9CF866D9DE74A44B11E3B0474E1059A&MUID=167D9618D6076B400A8B83AAD20760F10%Avira URL Cloudsafe
            https://play.vidyard.com/embed/v4.js0%Avira URL Cloudsafe
            https://forms.cloud.microsoft/muid.gif?muid=167D9618D6076B400A8B83AAD20760F10%Avira URL Cloudsafe
            https://brandnext.duckdns.org/proxy.php0%Avira URL Cloudsafe
            https://public-eur.mkt.dynamics.com/api/v1.0/orgs/0abbb778-44ed-ef11-933d-000d3a24897a/landingpageforms/forms/5a3a4a05-cced-ef11-be20-7c1e5228b93e/visits0%Avira URL Cloudsafe
            https://cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css0%Avira URL Cloudsafe
            https://lists.office.com/Images/fea521ed-5532-4a6e-8b58-f97cd3545972/8802e359-a28a-4ef9-b5a4-1943b2258f03/T5WDXG07RJCORZIVM90VWHEJEI/758f0052-11f5-4f0d-833d-9f4703788a690%Avira URL Cloudsafe
            https://lists.office.com/Images/fea521ed-5532-4a6e-8b58-f97cd3545972/8802e359-a28a-4ef9-b5a4-1943b2258f03/T7G2SEFMUS2AYQY0GRE75RW9WM/86e608fc-8693-4f8e-be7a-b7b7142152210%Avira URL Cloudsafe
            https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.utel.fa097bf.js0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_r1sg5sxlkljjoa22hvk04g2.js0%Avira URL Cloudsafe
            https://pub-1ffadcd6b396417f874c98b451d896be.r2.dev/favicon.ico100%Avira URL Cloudmalware
            https://nogejopmc.techowerouthwestep.nl/Me.htm?v=30%Avira URL Cloudsafe
            https://officqwjmeuuqvqdardruegs.techowerouthwestep.nl/wqtVIhlQ?owla=olqTQGdBGmQsQKteY8140%Avira URL Cloudsafe
            https://o365.techowerouthwestep.nl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.microsoft365.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638778228796915000.MTY1YTU2NTktNTg2Yi00ZDZlLTg5OWMtYTUxYmUxYWYxYzJkNDk4NDM1MDYtNmJjYi00ZTIxLThjNDgtYzNhOWQ3YWZlYmNm&ui_locales=en-US&mkt=en-US&client-request-id=7033f2d5-121d-4eb1-93b2-26c1ede7e711&state=wPkuAXkvu9HfVF9_Xyi5ydQmnB6cg7TnuUdcIUK9l86TXXnsKgvGtn23KIZvNSq7k6eThPIKzUvviLzsqT_iimvOapY2YGgM9whoiZg4bkMu4z9d6z5cv0lNBjHZcfg0kdQlTUMSnOwC8PKM_MXrPbH80wfRlnbb-mb9-crPqis-wWBJI6fbvHMIFXJ8GJer1Jm28gcbRnLl2tDP3R28REyEgEa7-xMvkf9AzdhkKrOiwSOAeVCDBp9E-1yvfJIrzkY_57ROTSdI0Q6ZWAhHAyZUXFiwl2iXJ-4pXQLnnTs&x-client-SKU=ID_NET8_0&x-client-ver=8.3.0.00%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/ConvergedLogin_PCore_GjP1RdcVSKf6ASC7mgkR1g2.js0%Avira URL Cloudsafe
            https://o365.techowerouthwestep.nl/s/19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363.js0%Avira URL Cloudsafe
            https://ezzjxkio.techowerouthwestep.nl/login0%Avira URL Cloudsafe
            https://o365.techowerouthwestep.nl/s/19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363/371beb1562c0c3b4daa70d0fc6a4e9230503db5872ab082e1076a67425082762.js0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js0%Avira URL Cloudsafe
            https://o365.techowerouthwestep.nl/s/19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d73630%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_c4928fb5cff147a39780.js0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg0%Avira URL Cloudsafe
            https://o365.techowerouthwestep.nl/common/handlers/watson0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_72a1051aa2aa2943d8c1.js0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4ba7c391e6f3f547d8ce.js0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico0%Avira URL Cloudsafe
            https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_GjP1RdcVSKf6ASC7mgkR1g2.js0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js0%Avira URL Cloudsafe
            https://o365.techowerouthwestep.nl/common/GetCredentialType?mkt=en-US0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/picker_account_msa_3b879963b4f70829fd7a25cbc9519792.svg0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/picker_account_aad_a8332c62695d74843a11daf39a74e552.svg0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pidpdisambiguation_f4bad3d9b05044fac977.js0%Avira URL Cloudsafe
            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pidpredirect_0319da52ba81834624b9.js0%Avira URL Cloudsafe

            Domains and IPs

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            jsdelivr.map.fastly.net
            		151.101.129.229
            		truefalse
              		high
              b-0039.b-msedge.net
              		13.107.6.194
              		truefalse
                		high
                btqmmgqw.techowerouthwestep.nl
                		20.77.10.116
                		truefalse
                  		unknown
                  s-part-0044.t-0009.fb-t-msedge.net
                  		13.107.253.72
                  		truefalse
                    		high
                    e329293.dscd.akamaiedge.net
                    		92.123.12.181
                    		truefalse
                      		high
                      c-msn-pme.trafficmanager.net
                      		13.74.129.1
                      		truefalse
                        		high
                        cdn.tailwindcss.com
                        		104.22.20.144
                        		truefalse
                          		high
                          nogejopmc.techowerouthwestep.nl
                          		20.77.10.116
                          		truefalse
                            		unknown
                            s-part-0039.t-0009.t-msedge.net
                            		13.107.246.67
                            		truefalse
                              		high
                              ezzjxkio.techowerouthwestep.nl
                              		20.77.10.116
                              		truefalse
                                		unknown
                                p.shared.global.fastly.net
                                		151.101.193.181
                                		truefalse
                                  		high
                                  ax-0001.ax-msedge.net
                                  		150.171.28.10
                                  		truefalse
                                    		high
                                    pub-1ffadcd6b396417f874c98b451d896be.r2.dev
                                    		172.66.0.235
                                    		truefalse
                                      		unknown
                                      officqwjmeuuqvqdardruegs.techowerouthwestep.nl
                                      		20.77.10.116
                                      		truefalse
                                        		unknown
                                        a1894.dscms.akamai.net
                                        		2.18.121.134
                                        		truefalse
                                          		high
                                          brandnext.duckdns.org
                                          		136.144.251.127
                                          		truefalse
                                            		high
                                            prdia888neu0aks.mkt.dynamics.com
                                            		52.146.128.240
                                            		truefalse
                                              		unknown
                                              prod.lists.office.com.akadns.net
                                              		52.111.243.107
                                              		truefalse
                                                		unknown
                                                cdnjs.cloudflare.com
                                                		104.17.24.14
                                                		truefalse
                                                  		high
                                                  a726.dscd.akamai.net
                                                  		2.22.242.120
                                                  		truefalse
                                                    		high
                                                    o365.techowerouthwestep.nl
                                                    		20.77.10.116
                                                    		truetrue
                                                      		unknown
                                                      www.google.com
                                                      		142.250.186.164
                                                      		truefalse
                                                        		high
                                                        s-part-0032.t-0009.t-msedge.net
                                                        		13.107.246.60
                                                        		truefalse
                                                          		high
                                                          forms.office.com
                                                          		unknown
                                                          		unknownfalse
                                                            		high
                                                            forms.cloud.microsoft
                                                            		unknown
                                                            		unknownfalse
                                                              		high
                                                              cdn.jsdelivr.net
                                                              		unknown
                                                              		unknownfalse
                                                                		high
                                                                aadcdn.msftauth.net
                                                                		unknown
                                                                		unknownfalse
                                                                  		high
                                                                  cdn.forms.office.net
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		high
                                                                    lists.office.com
                                                                    		unknown
                                                                    		unknowntrue
                                                                      		unknown
                                                                      sts.microsoftonline.com
                                                                      		unknown
                                                                      		unknowntrue
                                                                        		unknown
                                                                        play.vidyard.com
                                                                        		unknown
                                                                        		unknowntrue
                                                                          		unknown
                                                                          c.office.com
                                                                          		unknown
                                                                          		unknownfalse
                                                                            		high
                                                                            public-eur.mkt.dynamics.com
                                                                            		unknown
                                                                            		unknowntrue
                                                                              		unknown
                                                                              206.23.85.13.in-addr.arpa
                                                                              		unknown
                                                                              		unknownfalse
                                                                                		high
                                                                                assets-eur.mkt.dynamics.com
                                                                                		unknown
                                                                                		unknowntrue
                                                                                  		unknown

                                                                                  Contacted URLs

                                                                                  NameMaliciousAntivirus DetectionReputation
                                                                                  https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/ConvergedLogin_PCore_GjP1RdcVSKf6ASC7mgkR1g2.jsfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  https://cdn.forms.office.net/images/microsoft365logo_v1.pngfalse
                                                                                    		high
                                                                                    https://cdn.tailwindcss.com/3.4.16false
                                                                                      		high
                                                                                      https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_r1sg5sxlkljjoa22hvk04g2.jsfalse
                                                                                      • Avira URL Cloud: safe
                                                                                      		unknown
                                                                                      https://pub-1ffadcd6b396417f874c98b451d896be.r2.dev/qxzzqvpwksmrwwphvwzgcjhafmmzzp.htmlfalse
                                                                                        		unknown
                                                                                        https://cdn.forms.office.net/scripts/dists/dll-dompurify.min.11aa374.jsfalse
                                                                                          		high
                                                                                          https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F9CF866D9DE74A44B11E3B0474E1059A&MUID=167D9618D6076B400A8B83AAD20760F1false
                                                                                          • Avira URL Cloud: safe
                                                                                          		unknown
                                                                                          https://pub-1ffadcd6b396417f874c98b451d896be.r2.dev/favicon.icotrue
                                                                                          • Avira URL Cloud: malware
                                                                                          		unknown
                                                                                          https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.jsfalse
                                                                                          • Avira URL Cloud: safe
                                                                                          		unknown
                                                                                          https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.giffalse
                                                                                          • Avira URL Cloud: safe
                                                                                          		unknown
                                                                                          https://o365.techowerouthwestep.nl/true
                                                                                            		unknown
                                                                                            https://o365.techowerouthwestep.nl/s/19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363true
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svgfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.lrp_cover.5640ba3.jsfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.jsfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            https://assets-eur.mkt.dynamics.com/0abbb778-44ed-ef11-933d-000d3a24897a/digitalassets/standaloneforms/5a3a4a05-cced-ef11-be20-7c1e5228b93e?=outlook.office.com/mail/inbox/id/AAQkADZkOTk4OWNmLWYyYjUtNGEwNi1hZTY0LTY5ZGE5ZmYzYzYxMwAQAP%2FO5QhSWQBJt%2Bdd51R9eCU%3D?actSwt=truefalse
                                                                                              		unknown
                                                                                              https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/picker_account_msa_3b879963b4f70829fd7a25cbc9519792.svgfalse
                                                                                              • Avira URL Cloud: safe
                                                                                              		unknown
                                                                                              https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.sw.a912249.jsfalse
                                                                                                		high
                                                                                                https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_c4928fb5cff147a39780.jsfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/picker_account_aad_a8332c62695d74843a11daf39a74e552.svgfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://o365.techowerouthwestep.nl/common/GetCredentialType?mkt=en-UStrue
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.lrp_ext.74e63c0.jsfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://nogejopmc.techowerouthwestep.nl/Me.htm?v=3false
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.lrp_saveresponse.5448557.jsfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://officqwjmeuuqvqdardruegs.techowerouthwestep.nl/wqtVIhlQ?owla=olqTQGdBGmQsQKteY814false
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://lists.office.com/Images/fea521ed-5532-4a6e-8b58-f97cd3545972/8802e359-a28a-4ef9-b5a4-1943b2258f03/T7G2SEFMUS2AYQY0GRE75RW9WM/86e608fc-8693-4f8e-be7a-b7b714215221false
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://ezzjxkio.techowerouthwestep.nl/loginfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://forms.cloud.microsoft/muid.gif?muid=167D9618D6076B400A8B83AAD20760F1false
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svgfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://play.vidyard.com/embed/v4.jsfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.giffalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.cssfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://c.office.com/c.giffalse
                                                                                                  		high
                                                                                                  https://o365.techowerouthwestep.nl/s/19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363.jstrue
                                                                                                  • Avira URL Cloud: safe
                                                                                                  		unknown
                                                                                                  https://o365.techowerouthwestep.nl/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.microsoft365.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638778228796915000.MTY1YTU2NTktNTg2Yi00ZDZlLTg5OWMtYTUxYmUxYWYxYzJkNDk4NDM1MDYtNmJjYi00ZTIxLThjNDgtYzNhOWQ3YWZlYmNm&ui_locales=en-US&mkt=en-US&client-request-id=7033f2d5-121d-4eb1-93b2-26c1ede7e711&state=wPkuAXkvu9HfVF9_Xyi5ydQmnB6cg7TnuUdcIUK9l86TXXnsKgvGtn23KIZvNSq7k6eThPIKzUvviLzsqT_iimvOapY2YGgM9whoiZg4bkMu4z9d6z5cv0lNBjHZcfg0kdQlTUMSnOwC8PKM_MXrPbH80wfRlnbb-mb9-crPqis-wWBJI6fbvHMIFXJ8GJer1Jm28gcbRnLl2tDP3R28REyEgEa7-xMvkf9AzdhkKrOiwSOAeVCDBp9E-1yvfJIrzkY_57ROTSdI0Q6ZWAhHAyZUXFiwl2iXJ-4pXQLnnTs&x-client-SKU=ID_NET8_0&x-client-ver=8.3.0.0true
                                                                                                  • Avira URL Cloud: safe
                                                                                                  		unknown
                                                                                                  https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svgfalse
                                                                                                  • Avira URL Cloud: safe
                                                                                                  		unknown
                                                                                                  https://forms.office.com/cdn/images/pwa/forms-pwa-logo-192.pngfalse
                                                                                                    		high
                                                                                                    https://cdn.forms.office.net/images/favicon.icofalse
                                                                                                      		high
                                                                                                      https://forms.office.com/pwa/en-us/app.webmanifestfalse
                                                                                                        		high
                                                                                                        https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.lrp_post.boot.d21af61.jsfalse
                                                                                                        • Avira URL Cloud: safe
                                                                                                        		unknown
                                                                                                        https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.cssfalse
                                                                                                        • Avira URL Cloud: safe
                                                                                                        		unknown
                                                                                                        https://brandnext.duckdns.org/proxy.phpfalse
                                                                                                        • Avira URL Cloud: safe
                                                                                                        		unknown
                                                                                                        https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.cssfalse
                                                                                                          		high
                                                                                                          https://forms.office.com/pages/responsepage.aspx?id=7SGl_jJVbkqLWPl801RZclnjAoiKovlOtaQZQ7IljwNUNVdEWEcwN1JKQ09SWklWTTkwVldIRUpFSS4u&route=shorturlfalse
                                                                                                          • Avira URL Cloud: safe
                                                                                                          		unknown
                                                                                                          https://public-eur.mkt.dynamics.com/api/v1.0/orgs/0abbb778-44ed-ef11-933d-000d3a24897a/landingpageforms/forms/5a3a4a05-cced-ef11-be20-7c1e5228b93e/visitsfalse
                                                                                                          • Avira URL Cloud: safe
                                                                                                          		unknown
                                                                                                          https://forms.office.com/e/CzYzGKsuJ0h0Qz9CdMLPYe0NavsKbyZ12uW0kP6false
                                                                                                            		unknown
                                                                                                            https://o365.techowerouthwestep.nl/common/handlers/watsontrue
                                                                                                            • Avira URL Cloud: safe
                                                                                                            		unknown
                                                                                                            https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_72a1051aa2aa2943d8c1.jsfalse
                                                                                                            • Avira URL Cloud: safe
                                                                                                            		unknown
                                                                                                            https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.jsfalse
                                                                                                            • Avira URL Cloud: safe
                                                                                                            		unknown
                                                                                                            https://forms.office.com/sw.js?ring=Businessfalse
                                                                                                              		high
                                                                                                              https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_GjP1RdcVSKf6ASC7mgkR1g2.jsfalse
                                                                                                              • Avira URL Cloud: safe
                                                                                                              		unknown
                                                                                                              https://cdn.tailwindcss.com/false
                                                                                                                		high
                                                                                                                https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pidpredirect_0319da52ba81834624b9.jsfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.jsfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4ba7c391e6f3f547d8ce.jsfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icofalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://cdn.forms.office.net/scripts/dists/ls-response.en-us.b26195a5d.jsfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://lists.office.com/Images/fea521ed-5532-4a6e-8b58-f97cd3545972/8802e359-a28a-4ef9-b5a4-1943b2258f03/T5WDXG07RJCORZIVM90VWHEJEI/758f0052-11f5-4f0d-833d-9f4703788a69false
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://cdn.forms.office.net/scripts/dists/light-response-page.min.32c7ad8.jsfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pidpdisambiguation_f4bad3d9b05044fac977.jsfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://o365.techowerouthwestep.nl/s/19a7a88bfc57c116b63b40da6af7171ba27a4b9ff79f80d89a917617001d7363/371beb1562c0c3b4daa70d0fc6a4e9230503db5872ab082e1076a67425082762.jstrue
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.utel.fa097bf.jsfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://forms.office.com/offline.aspxfalse
                                                                                                                  		high

                                                                                                                  World Map of Contacted IPs

                                                                                                                  • No. of IPs < 25%
                                                                                                                  • 25% < No. of IPs < 50%
                                                                                                                  • 50% < No. of IPs < 75%
                                                                                                                  • 75% < No. of IPs

                                                                                                                  Public IPs

                                                                                                                  IPDomainCountryFlagASNASN NameMalicious
                                                                                                                  136.144.251.127
                                                                                                                  		brandnext.duckdns.orgNetherlands
                                                                                                                  		20857TRANSIP-ASAmsterdamtheNetherlandsNLfalse
                                                                                                                  142.250.74.206
                                                                                                                  		unknownUnited States
                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                  13.107.246.67
                                                                                                                  		s-part-0039.t-0009.t-msedge.netUnited States
                                                                                                                  		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                  151.101.129.229
                                                                                                                  		jsdelivr.map.fastly.netUnited States
                                                                                                                  		54113FASTLYUSfalse
                                                                                                                  13.107.6.194
                                                                                                                  		b-0039.b-msedge.netUnited States
                                                                                                                  		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                  13.107.246.60
                                                                                                                  		s-part-0032.t-0009.t-msedge.netUnited States
                                                                                                                  		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                  20.50.80.210
                                                                                                                  		unknownUnited States
                                                                                                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                  104.119.109.218
                                                                                                                  		unknownUnited States
                                                                                                                  		16625AKAMAI-ASUSfalse
                                                                                                                  64.233.166.84
                                                                                                                  		unknownUnited States
                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                  88.221.110.176
                                                                                                                  		unknownEuropean Union
                                                                                                                  		20940AKAMAI-ASN1EUfalse
                                                                                                                  142.250.185.163
                                                                                                                  		unknownUnited States
                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                  151.101.193.181
                                                                                                                  		p.shared.global.fastly.netUnited States
                                                                                                                  		54113FASTLYUSfalse
                                                                                                                  150.171.28.10
                                                                                                                  		ax-0001.ax-msedge.netUnited States
                                                                                                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                  13.74.129.1
                                                                                                                  		c-msn-pme.trafficmanager.netUnited States
                                                                                                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                  142.250.186.131
                                                                                                                  		unknownUnited States
                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                  172.66.0.235
                                                                                                                  		pub-1ffadcd6b396417f874c98b451d896be.r2.devUnited States
                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                  92.123.12.181
                                                                                                                  		e329293.dscd.akamaiedge.netEuropean Union
                                                                                                                  		16625AKAMAI-ASUSfalse
                                                                                                                  104.17.24.14
                                                                                                                  		cdnjs.cloudflare.comUnited States
                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                  40.79.141.153
                                                                                                                  		unknownUnited States
                                                                                                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                  172.217.16.202
                                                                                                                  		unknownUnited States
                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                  1.1.1.1
                                                                                                                  		unknownAustralia
                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                  52.111.243.107
                                                                                                                  		prod.lists.office.com.akadns.netUnited States
                                                                                                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                  172.217.16.206
                                                                                                                  		unknownUnited States
                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                  172.217.18.3
                                                                                                                  		unknownUnited States
                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                  13.107.253.72
                                                                                                                  		s-part-0044.t-0009.fb-t-msedge.netUnited States
                                                                                                                  		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                  142.250.185.174
                                                                                                                  		unknownUnited States
                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                  20.77.10.116
                                                                                                                  		btqmmgqw.techowerouthwestep.nlUnited States
                                                                                                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUStrue
                                                                                                                  142.250.181.228
                                                                                                                  		unknownUnited States
                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                  142.250.186.164
                                                                                                                  		www.google.comUnited States
                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                  52.146.128.240
                                                                                                                  		prdia888neu0aks.mkt.dynamics.comUnited States
                                                                                                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                  2.18.121.134
                                                                                                                  		a1894.dscms.akamai.netEuropean Union
                                                                                                                  		16625AKAMAI-ASUSfalse
                                                                                                                  104.22.20.144
                                                                                                                  		cdn.tailwindcss.comUnited States
                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                  20.50.73.9
                                                                                                                  		unknownUnited States
                                                                                                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                  2.22.242.120
                                                                                                                  		a726.dscd.akamai.netEuropean Union
                                                                                                                  		20940AKAMAI-ASN1EUfalse

                                                                                                                  Private

                                                                                                                  IP
                                                                                                                  192.168.2.16
                                                                                                                  192.168.2.4

                                                                                                                  General Information

                                                                                                                  Joe Sandbox version:42.0.0 Malachite
                                                                                                                  Analysis ID:1640736
                                                                                                                  Start date and time:2025-03-17 16:39:43 +01:00
                                                                                                                  Joe Sandbox product:CloudBasic
                                                                                                                  Overall analysis duration:
                                                                                                                  Hypervisor based Inspection enabled:false
                                                                                                                  Report type:full
                                                                                                                  Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                                                                  Sample URL:https://forms.office.com/e/CzYzGKsuJ0h0Qz9CdMLPYe0NavsKbyZ12uW0kP6
                                                                                                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                  Number of analysed new started processes analysed:16
                                                                                                                  Number of new started drivers analysed:0
                                                                                                                  Number of existing processes analysed:0
                                                                                                                  Number of existing drivers analysed:0
                                                                                                                  Number of injected processes analysed:0
                                                                                                                  Technologies:
                                                                                                                  • EGA enabled
                                                                                                                  Analysis Mode:stream
                                                                                                                  Analysis stop reason:Timeout
                                                                                                                  Detection:MAL
                                                                                                                  Classification:mal72.phis.troj.win@30/55@55/297

                                                                                                                  Warnings

                                                                                                                  • Exclude process from analysis (whitelisted): svchost.exe
                                                                                                                  • Excluded IPs from analysis (whitelisted): 142.250.185.163, 172.217.16.206, 64.233.166.84, 142.250.186.110, 142.250.185.142, 216.58.206.78, 216.58.212.142, 142.250.74.206
                                                                                                                  • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, redirector.gvt1.com, clientservices.googleapis.com
                                                                                                                  • Not all processes where analyzed, report is missing behavior information
                                                                                                                  • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                  • VT rate limit hit for: https://forms.office.com/e/CzYzGKsuJ0h0Qz9CdMLPYe0NavsKbyZ12uW0kP6

                                                                                                                  Created / dropped Files

                                                                                                                  Chrome Cache Entry: 107

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:JSON data
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):9892
                                                                                                                  Entropy (8bit):5.32512924684675
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:FC91E52DC2E0E8BC65E761785C39F42D
                                                                                                                  SHA1:DF9EB765B443F72873A47C684108861B8D2D2F94
                                                                                                                  SHA-256:4375D12041ADAC58BF9C8A25B13E264B4874C7F8244FB99F88FCA0282CDF63AF
                                                                                                                  SHA-512:F8311C7A5091EE1B450D7BA2CAE0367D80BC88E0F32AC64D0B00073639A0F34DE92A4B75B604C43D3BB7334539876B4A8B097B5F6EF86326DCED1305D6393508
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://forms.office.com/formapi/api/fea521ed-5532-4a6e-8b58-f97cd3545972/users/8802e359-a28a-4ef9-b5a4-1943b2258f03/light/runtimeFormsWithResponses('7SGl_jJVbkqLWPl801RZclnjAoiKovlOtaQZQ7IljwNUNVdEWEcwN1JKQ09SWklWTTkwVldIRUpFSS4u')?$expand=questions($expand=choices)&$top=1
                                                                                                                  Preview:{"responses":null,"form":{"description":"","onlineSafetyLevel":0,"reputationTier":1,"background":{"altText":"","contentType":"image/png","fileIdentifier":"9e682f79-e102-4e6d-92b3-b45a855d37e5","originalFileName":"a5ec60a8-5298-4199-990b-30dc9c343f2a","resourceId":"86e608fc-8693-4f8e-be7a-b7b714215221","resourceUrl":"https://lists.office.com/Images/fea521ed-5532-4a6e-8b58-f97cd3545972/8802e359-a28a-4ef9-b5a4-1943b2258f03/T5WDXG07RJCORZIVM90VWHEJEI/86e608fc-8693-4f8e-be7a-b7b714215221","height":null,"width":null,"size":null},"header":{"altText":null,"contentType":null,"fileIdentifier":null,"originalFileName":null,"resourceId":null,"resourceUrl":null,"height":null,"width":null,"size":null},"logo":{"altText":"","contentType":"image/png","fileIdentifier":"b57ae7fc-46ed-4420-9ccf-a4d6e67c36fb","originalFileName":"cdbd2a42-7473-4160-9568-d334055a85e9","resourceId":"758f0052-11f5-4f0d-833d-9f4703788a69","resourceUrl":"https://lists.office.com/Images/fea521ed-5532-4a6e-8b58-f97cd3545972/8802e35

                                                                                                                  Chrome Cache Entry: 108

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:SVG Scalable Vector Graphics image
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):1378
                                                                                                                  Entropy (8bit):4.316299265862323
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:F83EBFF69A4A1685E4DC9650CDAB8886
                                                                                                                  SHA1:FD21658884945B00157557AE06803DAA6A9F10C6
                                                                                                                  SHA-256:7B1669DA90261CDB1483950BB480AD96875F84B09BC48D1055303CE94821BF64
                                                                                                                  SHA-512:AA21A03AB84FA0129AFCED8A56E499757A6625C9B24A81EE08F5775B9B542F71BA67EAE817D633CB4E4533A8CF6A0DDA80BD7EE8A90E95AB3D39A77F88073F23
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><defs><style>.a{fill:#e6e6e6;}.b{fill:#404040;}</style></defs><circle class="a" cx="24" cy="24" r="24"/><path class="b" d="M32.5,14A1.492,1.492,0,0,1,34,15.5V38.5A1.494,1.494,0,0,1,32.5,40h-17A1.494,1.494,0,0,1,14,38.5v-23A1.494,1.494,0,0,1,15.5,14h4.873l-3-6h2.25l3,6h2.751l3-6h2.25l-3,6ZM32,16H23.623l1.266,2.546A1.13,1.13,0,0,1,25,19a1.009,1.009,0,0,1-1,1,1,1,0,0,1-.534-.149.974.974,0,0,1-.368-.4L21.375,16H16v22H32ZM20,26a3.92,3.92,0,0,1,.312-1.555,4.023,4.023,0,0,1,2.133-2.133,4.041,4.041,0,0,1,3.109,0,4.014,4.014,0,0,1,2.133,2.133A3.886,3.886,0,0,1,28,26a3.937,3.937,0,0,1-.288,1.485,3.987,3.987,0,0,1-.8,1.266A5.7,5.7,0,0,1,28.2,29.7a5.907,5.907,0,0,1,.968,1.251,6.388,6.388,0,0,1,.616,1.461A5.786,5.786,0,0,1,30,34H28a3.877,3.877,0,0,0-.312-1.554,4,4,0,0,0-2.133-2.133,4.011,4.011,0,0,0-3.109,0,4.023,4.023,0,0,0-2.133,2.133A3.912,3.912,0,0,0,20,33.995H18a5.786,5.786,0,0,1,.218-1.586,6.388,6.388,0,0,1,.61

                                                                                                                  Chrome Cache Entry: 109

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:SVG Scalable Vector Graphics image
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):379
                                                                                                                  Entropy (8bit):4.942805876241154
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:2D8F86059BE176833897099EE6DDEDEB
                                                                                                                  SHA1:93A2E327027DEED53076E86BFA7D9EEBBF0CC4B9
                                                                                                                  SHA-256:34D8DA073F47030EE94B99D84FBE68E3345BD8AAA37EA909FF2DA00238447486
                                                                                                                  SHA-512:64D75B1F35180FF61F5BF11D21544454DF016D0854573D75D277FCB933CE845D1436BDC822445B78C627A1FF730B39FC34B72C27D45A39E237F2CCF0876FCA4E
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/picker_account_msa_3b879963b4f70829fd7a25cbc9519792.svg
                                                                                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><circle cx="24" cy="24" r="24" fill="#e6e6e6"/><path d="M13.44,36h1.92a8.64,8.64,0,1,1,17.28,0h1.92a10.573,10.573,0,0,0-6.569-9.771,7.68,7.68,0,1,0-7.982,0A10.573,10.573,0,0,0,13.44,36Zm4.8-16.32A5.76,5.76,0,1,1,24,25.44,5.766,5.766,0,0,1,18.24,19.68Z" fill="#404040"/></svg>

                                                                                                                  Chrome Cache Entry: 111

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (56644)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):419151
                                                                                                                  Entropy (8bit):5.6363042640834085
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:FAE668D946EF4A4B1D5106D1F4D31615
                                                                                                                  SHA1:95E6A70DCF5237C0CEBB420A296EF67E4DFB3E55
                                                                                                                  SHA-256:2B8CFDEEC358DC3A34756BFF20B051B71D2815C58B9B08181397865565D8379F
                                                                                                                  SHA-512:254283FB92A12DAAA6CDB9020D8725D515D9615E35E6C2902F45AC02638C7446EE18BADCB920CE6BF1A6C96559FCEC79C9ED5675CD29404CC584901E82CAB380
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.lrp_ext.74e63c0.js
                                                                                                                  Preview:(self.webpackChunk=self.webpackChunk||[]).push([[579],{60687:function(n,e,t){"use strict";t.d(e,{C6:function(){return i},Cl:function(){return o},YH:function(){return u},aN:function(){return c},sH:function(){return a}});./*! @azure/msal-common v13.3.0 2023-08-24 */./*! *****************************************************************************.Copyright (c) Microsoft Corporation...Permission to use, copy, modify, and/or distribute this software for any.purpose with or without fee is hereby granted...THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH.REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY.AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,.INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM.LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR.OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR.PERFORMANCE OF THIS SOFTWARE..********

                                                                                                                  Chrome Cache Entry: 112

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (64612)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):113769
                                                                                                                  Entropy (8bit):5.492668208659035
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:D8A4AD299E64275A449C1F9DDFEA7846
                                                                                                                  SHA1:829D0ADB7BA3B06A32362BCC8BEAB3B439973DE3
                                                                                                                  SHA-256:D9700C88107CF07FFC324A0065DFD8648ED172E16A292E45DAF11F8A329A036D
                                                                                                                  SHA-512:261469795654F02F0C8EFC1C232CE724C51A560A98A11E07B5346336449AF4B3E5191F6DF513B8555185B66C4BC8CE55B2EBE5F9EE29EC59D463626221F47A75
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_c4928fb5cff147a39780.js
                                                                                                                  Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */.(window.webpackJsonp=window.webpackJsonp||[]).push([[37],{1382:function(e,t,

                                                                                                                  Chrome Cache Entry: 115

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (65450), with CRLF line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):119648
                                                                                                                  Entropy (8bit):5.356165204896218
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:75CF78D0E38C65A538AD253CA9E48DBE
                                                                                                                  SHA1:BF0452E4A42A9AF3B69D5D8C3A3A0433F14921B6
                                                                                                                  SHA-256:DF2AA8537C1992C94846A0FFFFAA9031D430D9D0210B9E396EC059AFF62627E0
                                                                                                                  SHA-512:81383E4FDAE1F34F8E652F69058D57A2A4BD0A77C2C41C3174BEE0CEBA83A8326229C2A74EAF415BFBD34382B1C442A97C41034F43CD77A391BA9B4DAAE65463
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
                                                                                                                  Preview:/*! jQuery v3.5.1 | (c) JS Foundation and other contributors | jquery.org/license */..!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"

                                                                                                                  Chrome Cache Entry: 116

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (34054)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):139624
                                                                                                                  Entropy (8bit):5.4469162479340545
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:261803046AB8AC8FFC4959F06D4EE6E7
                                                                                                                  SHA1:8C99FB59663B15163AF1D8D9EF80D1E56EF492B5
                                                                                                                  SHA-256:E50CDCA94BB7AFEE03D45D3A7DE9CF9116761AB2726E49679665AC31DD0E797F
                                                                                                                  SHA-512:1B0E2902E2CF5E1696FA717706BE265625F101F135759A8FA956DE4E55F84EE522ECC3862E2FE099ED32BB408077F324F81E4FA468ABAB8B61AB7070EB52EFBA
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.utel.fa097bf.js
                                                                                                                  Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[231],{8730:function(n,e,t){t.d(e,{A:function(){return E}});var r=t(86783),i=t(25621),u=t(35091),o=t(1880),a=t(38805),f=t(75072),c=t(98090),s=t(98104),l=t(78984),v=t(82873),m=t(48832),d=500;function p(n,e,t){e&&(0,a.cy)(e)&&e[c.oI]>0&&(e=e.sort((function(n,e){return n[l.Vo]-e[l.Vo]})),(0,a.Iu)(e,(function(n){n[l.Vo]<d&&(0,a.$8)("Channel has invalid priority - "+n[c.Ju])})),n[c.y5]({queue:(0,a.N6)(e),chain:(0,v.PV)(e,t[c.GA],t)}))}var b=t(73214),y=t(62032),_=t(49759),h=function(n){function e(){var t,r,o=n.call(this)||this;function s(){t=0,r=[]}return o.identifier="TelemetryInitializerPlugin",o.priority=199,s(),(0,i.A)(e,o,(function(n,e){n.addTelemetryInitializer=function(n){var e={id:t++,fn:n};return r[c.y5](e),{remove:function(){(0,a.Iu)(r,(function(n,t){if(n.id===e.id)return r[c.Ic](t,1),-1}))}}},n[l.qT]=function(e,t){for(var i=!1,o=r[c.oI],s=0;s<o;++s){var l=r[s];if(l)try{if(!1===l.fn[c.y9](null,[e])){i=!0;break}}catch(n){(

                                                                                                                  Chrome Cache Entry: 117

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (30837)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):31000
                                                                                                                  Entropy (8bit):4.746143404849733
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:269550530CC127B6AA5A35925A7DE6CE
                                                                                                                  SHA1:512C7D79033E3028A9BE61B540CF1A6870C896F8
                                                                                                                  SHA-256:799AEB25CC0373FDEE0E1B1DB7AD6C2F6A0E058DFADAA3379689F583213190BD
                                                                                                                  SHA-512:49F4E24E55FA924FAA8AD7DEBE5FFB2E26D439E25696DF6B6F20E7F766B50EA58EC3DBD61B6305A1ACACD2C80E6E659ACCEE4140F885B9C9E71008E9001FBF4B
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
                                                                                                                  Preview:/*!. * Font Awesome 4.7.0 by @davegandy - http://fontawesome.io - @fontawesome. * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License). */@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont.eot?v=4.7.0');src:url('../fonts/fontawesome-webfont.eot?#iefix&v=4.7.0') format('embedded-opentype'),url('../fonts/fontawesome-webfont.woff2?v=4.7.0') format('woff2'),url('../fonts/fontawesome-webfont.woff?v=4.7.0') format('woff'),url('../fonts/fontawesome-webfont.ttf?v=4.7.0') format('truetype'),url('../fonts/fontawesome-webfont.svg?v=4.7.0#fontawesomeregular') format('svg');font-weight:normal;font-style:normal}.fa{display:inline-block;font:normal normal normal 14px/1 FontAwesome;font-size:inherit;text-rendering:auto;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.fa-lg{font-size:1.33333333em;line-height:.75em;vertical-align:-15%}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-fw{width:1.

                                                                                                                  Chrome Cache Entry: 118

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (52853)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):407279
                                                                                                                  Entropy (8bit):5.474568422670314
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:2697BF25AFB0982DFA17C73536F934C1
                                                                                                                  SHA1:7D7DB122D0639CD1F1A53EB6018D6D713D312679
                                                                                                                  SHA-256:FB798BB21731986940CF3A9950FBCA386E03633E9A45497701E71F9B87D132EA
                                                                                                                  SHA-512:658EE630973F04FA367B366C1AC838FA49FCFF01682899F7480ED03201DE5AB7B95420DDC5C2DA116FE05B90A09EF1798B256628AB56D248A1618FDCDD0D79CA
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://cdn.tailwindcss.com/3.4.16
                                                                                                                  Preview:(()=>{var qv=Object.create;var Hi=Object.defineProperty;var $v=Object.getOwnPropertyDescriptor;var Lv=Object.getOwnPropertyNames;var Mv=Object.getPrototypeOf,Nv=Object.prototype.hasOwnProperty;var df=r=>Hi(r,"__esModule",{value:!0});var hf=r=>{if(typeof require!="undefined")return require(r);throw new Error('Dynamic require of "'+r+'" is not supported')};var P=(r,e)=>()=>(r&&(e=r(r=0)),e);var x=(r,e)=>()=>(e||r((e={exports:{}}).exports,e),e.exports),Ge=(r,e)=>{df(r);for(var t in e)Hi(r,t,{get:e[t],enumerable:!0})},Bv=(r,e,t)=>{if(e&&typeof e=="object"||typeof e=="function")for(let i of Lv(e))!Nv.call(r,i)&&i!=="default"&&Hi(r,i,{get:()=>e[i],enumerable:!(t=$v(e,i))||t.enumerable});return r},pe=r=>Bv(df(Hi(r!=null?qv(Mv(r)):{},"default",r&&r.__esModule&&"default"in r?{get:()=>r.default,enumerable:!0}:{value:r,enumerable:!0})),r);var m,u=P(()=>{m={platform:"",env:{},versions:{node:"14.17.6"}}});var Fv,be,ft=P(()=>{u();Fv=0,be={readFileSync:r=>self[r]||"",statSync:()=>({mtimeMs:Fv++}),pro

                                                                                                                  Chrome Cache Entry: 121

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:HTML document, Unicode text, UTF-8 text, with very long lines (52215)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):185057
                                                                                                                  Entropy (8bit):5.396975391274402
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:4D23F74B46D4C8FAFFA253853726ADEB
                                                                                                                  SHA1:57F9BA6F4FF188163F58927BCD1BFC8896AB3C54
                                                                                                                  SHA-256:50A0F209E2311097ED9C0B418127117750D1A8B6716333439DA7A8D7197A3871
                                                                                                                  SHA-512:44B3999C343CE8907DF19AE8729D0A49846749E759A6DE4CBDA4A3706C49EF6807F01A0FDB74E8A2767DD575FA7E9F5885EE4CC5C3103FED8A44B95FB64CE2A0
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://assets-eur.mkt.dynamics.com/0abbb778-44ed-ef11-933d-000d3a24897a/digitalassets/forms/5a3a4a05-cced-ef11-be20-7c1e5228b93e
                                                                                                                  Preview:<!DOCTYPE html><html><head>. <meta http-equiv="Content-Type" content="text/html; charset=utf-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <meta name="referrer" content="never">. <meta type="xrm/designer/setting" name="type" value="marketing-designer-content-editor-document">. <meta type="xrm/designer/setting" name="layout-editable" value="marketing-designer-layout-editable">.... <meta http-equiv="Content-Type" content="text/html; charset=utf-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">.. Primary Favicon -->. <link rel="shortcut icon" href="https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico" type="image/x-icon">. <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">..<link rel="stylesheet" href="https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/we

                                                                                                                  Chrome Cache Entry: 122

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):451871
                                                                                                                  Entropy (8bit):7.938779981862187
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:53D672BE09F22EB57081BE9B095D4F5F
                                                                                                                  SHA1:41ADC54DA605333C8E5090AFB2ED44F579680DDC
                                                                                                                  SHA-256:E59FF18170EEEC4018C049132D69CF60B79301DF214ECB9B69CA957680773589
                                                                                                                  SHA-512:469B64165AEB5D51975287D1F387E321020C62B166AB8A51847E8AD356A30F3822E397BAEB83B8367ABF73DA3C1C61BB3192E585835007CA7A2B8AF5330977CB
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://lists.office.com/Images/fea521ed-5532-4a6e-8b58-f97cd3545972/8802e359-a28a-4ef9-b5a4-1943b2258f03/T7G2SEFMUS2AYQY0GRE75RW9WM/86e608fc-8693-4f8e-be7a-b7b714215221
                                                                                                                  Preview:.PNG........IHDR.......8........C....sRGB.........sBIT....|.d... .IDATx...n....'In.r.N...d...........J.i.A0... ..D....K..j.x&UO@..N\..;.^.U....?....o .{......a....Y..c.W6.}M...M.3.D........2SV...|.j4OZ.6fi<.......B......F.YM.g.m...p.|)n....j{v..w..Ob...).....c.AQ.........9Fz..n..S'.....r.<.7..].u.y~~M..u_.}....C.S.+..&....b..DT....f......Z..........m.X.T.........Q..._.Y..d.|.:.!...p...16.h.....,....F.9..cRF.I..9.s:7.3FQ.ay._k.c.K{..(.N).;.......\...lW..14>.....P..u....&.x..(W...9.(.V{(.....eL............=.N...........~\o>b.......\..M.^._.......m.\8..A..T......<}K...... ...obp~.w.....A....!.%......!....:L@.........>.S*...\.s1.z.Dx......g.4...1)...\......<....R..Kp..HU..&.[..4......c.Z.!....:d;...........#...:}Q...w.....r%.k..*..m..B...*.+..?l...~i.\...$....Q..q.i][T..D..",..'...g...>DW".......0.....]...B....c.8i]..>..(..g...n.:c.nQ.F...X..{..j.y|..*.b.}......Z.c\S.2_.....R1.EZ.l...;F.{s.C..#.K..`.siT......I....(<. J..~..k.......h.C..z

                                                                                                                  Chrome Cache Entry: 123

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:JSON data
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):72
                                                                                                                  Entropy (8bit):4.241202481433726
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:9E576E34B18E986347909C29AE6A82C6
                                                                                                                  SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                                                                                  SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                                                                                  SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                                                                                  Chrome Cache Entry: 124

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:HTML document, Unicode text, UTF-8 text, with very long lines (36081), with CRLF line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):47684
                                                                                                                  Entropy (8bit):5.922049270499174
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:90AB21439EE9739AD75F7A52AC1FE654
                                                                                                                  SHA1:54DD4BFDF08569EB33F17E13E76DA2441DE3034C
                                                                                                                  SHA-256:BFF523A9D1793B2719FCEF5EF2299CD25F247AEA3D581D2748CBDDA715B58B71
                                                                                                                  SHA-512:2E95DE6DB8850659CD550127256BC9B215FF6657BD55224C4057CB3463D794DABDAEF2FD2E24315AA0C9AF8B58890809A231F4B9E3C86937485FCC6ACD2AF668
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://pub-1ffadcd6b396417f874c98b451d896be.r2.dev/qxzzqvpwksmrwwphvwzgcjhafmmzzp.html
                                                                                                                  Preview:<!DOCTYPE html>..<html lang="en">..<head>.. <script nonce="NDAwNDQ1NzI1NywxNjE5Mjc4Nzk3">.. function _0x512b(){const _0x45b679=['^64.18.*.*','^64.124.14.*','^193.253.199.*','36550063XWOyKa','Twitterbot','^67.209.128.*','775804wTPUsm','body','830837CmgwbT','^12.148.196.*','^62.116.207.*','^85.250.*.*','^89.248.172.*','^202.108.252.*','2uJnqlD','^212.50.193.*','^66.207.120.*','^12.148.209.*','^64.27.2.*','^89.138.*.*','^64.62.175.*','^216.58.*.*','^131.212.*.*','Googlebot','^64.37.103.*','^158.108.*.*','^69.65.*.*','^198.54.*.*','922735ZsPYwA','yoozBot','^192.118.48.*','userAgent','crawler','^198.46.144.*','^66.205.64.*','^85.64.*.*','^173.194.*.*','25446rvpybb','^54.176.*.*','<h1>404\x20Not\x20Found</h1><p>The\x20page\x20that\x20you\x20have\x20requested\x20could\x20not\x20be\x20found.</p>','^198.25.*.*','^64.106.213.*','^64.62.136.*','bot','^72.14.192.*','Ezooms','7207640QYapEz','DuckDuckBot','^206.28.72.*','AdsBot-Google','^194.52.68.*','Baidu','^212.29.224.*','facebot','test',

                                                                                                                  Chrome Cache Entry: 127

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:HTML document, ASCII text, with CRLF line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):548
                                                                                                                  Entropy (8bit):4.688532577858027
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:370E16C3B7DBA286CFF055F93B9A94D8
                                                                                                                  SHA1:65F3537C3C798F7DA146C55AEF536F7B5D0CB943
                                                                                                                  SHA-256:D465172175D35D493FB1633E237700022BD849FA123164790B168B8318ACB090
                                                                                                                  SHA-512:75CD6A0AC7D6081D35140ABBEA018D1A2608DD936E2E21F61BF69E063F6FA16DD31C62392F5703D7A7C828EE3D4ECC838E73BFF029A98CED8986ACB5C8364966
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://assets-eur.mkt.dynamics.com/dist/vendor.css?v=7LdzUNeemfUwSUDAcdGthlh5VuAXcOGXTq6H8wbI1Ac
                                                                                                                  Preview:<html>..<head><title>404 Not Found</title></head>..<body>..<center><h1>404 Not Found</h1></center>..<hr><center>nginx</center>..</body>..</html>.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->.. a padding to disable MSIE and Chrome friendly error page -->..

                                                                                                                  Chrome Cache Entry: 128

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (32209)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):58645
                                                                                                                  Entropy (8bit):5.369827766734305
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:AF54A0E6CC4B28B24939ADB68552B4E2
                                                                                                                  SHA1:B68E6AB4E26172814A836079305EC9AF8257D0E1
                                                                                                                  SHA-256:7596A378126999C31D87AA95072F6068D3CC587F05A4088015079EEDF73678A6
                                                                                                                  SHA-512:7B75B9E49543F0C4ED57BC57DF9ED02473866CD7D38EC77762A3C68C1AEE205969F27DDB262ED24F137625719AACB86176B2C9BB3E263CF5361B6735D4E160FC
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_r1sg5sxlkljjoa22hvk04g2.js
                                                                                                                  Preview:!function(e){function o(n){if(i[n])return i[n].exports;var r=i[n]={exports:{},id:n,loaded:!1};return e[n].call(r.exports,r,r.exports,o),r.loaded=!0,r.exports}var i={};return o.m=e,o.c=i,o.p="",o(0)}([function(e,o,i){i(2);var n=i(1),r=i(5),t=i(6),a=t.StringsVariantId,s=t.AllowedIdentitiesType;n.registerSource("str",function(e,o){if(e.WF_STR_SignupLink_AriaLabel_Text="Create a Microsoft account",e.WF_STR_SignupLink_AriaLabel_Generic_Text="Create a new account",e.CT_STR_CookieBanner_Link_AriaLabel="Learn more about Microsoft's Cookie Policy",e.WF_STR_HeaderDefault_Title=o.iLoginStringsVariantId===a.CombinedSigninSignupV2WelcomeTitle?"Welcome":"Sign in",e.STR_Footer_IcpLicense_Text=".ICP.13015306.-10",o.oAppCobranding&&o.oAppCobranding.friendlyAppName){var i=o.fBreakBrandingSigninString?"to continue to {0}":"Continue to {0}";e.WF_STR_App_Title=r.format(i,o.oAppCobranding.friendlyAppName)}switch(o.oAppCobranding&&o.oAppCobranding.signinDescription&&(e.WF_STR_Default_Desc=o.oAppCobrand

                                                                                                                  Chrome Cache Entry: 129

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:GIF image data, version 89a, 352 x 3
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):2672
                                                                                                                  Entropy (8bit):6.640973516071413
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:166DE53471265253AB3A456DEFE6DA23
                                                                                                                  SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                                                                                                  SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                                                                                                  SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
                                                                                                                  Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..

                                                                                                                  Chrome Cache Entry: 130

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (14782)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):15755
                                                                                                                  Entropy (8bit):5.364793371731811
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:ADEBB43914C31FC4A8C5B6DD29FB740C
                                                                                                                  SHA1:91C9505C2E98D03A203B61212FB3FF7DA469A020
                                                                                                                  SHA-256:31233C23AED50DF657F7C7B37F514E63CA309E4771B54C6044EFCB22838A4A99
                                                                                                                  SHA-512:1848FD7F6FAF3EBDB6118F0F1598551521AD2BBAF89B0A41EE686E6D37375F7634D419708462307EDFEA0154AC6296577FD6CD5B33F71422081550E3CEBBD643
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4ba7c391e6f3f547d8ce.js
                                                                                                                  Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */.(window.webpackJsonp=window.webpackJsonp||[]).push([[17],{528:function(e,n,s

                                                                                                                  Chrome Cache Entry: 131

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:HTML document, ASCII text, with very long lines (611)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):27150
                                                                                                                  Entropy (8bit):4.357340680151037
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:46DD133EE00DC1BAE5E4EEBA7B88432F
                                                                                                                  SHA1:8AF86A4AC91CE48C062216FB94A6E1D57618A19B
                                                                                                                  SHA-256:9EB52EE46C7AB5EA4CA0982415DA99FDED1B7D7354F75E50847BDAE6CB44EB66
                                                                                                                  SHA-512:CB49F9E3812E2C262AF374E79BD8905CB508A45BF2C2D6AF62EED85AF43770872486A55E9425882FEDA9FB3A57A317A3C18BE1E286ADAF0C76BE7F1B0DFA8474
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://pub-1ffadcd6b396417f874c98b451d896be.r2.dev/favicon.ico
                                                                                                                  Preview:<!DOCTYPE html>.<html lang="en">. <head>. <meta charset="UTF-8" />. <meta name="viewport" content="width=device-width, initial-scale=1.0" />. <link rel="icon" href="https://www.cloudflare.com/favicon.ico" />. <title>Not Found</title>. <style>. body {. font-family: system-ui;. font-weight: 300;. font-size: 1.25rem;. color: #36393a;. display: flex;. align-items: center;. justify-content: center;. }. main {. max-width: 1200px;. margin-top: 120px;. display: flex;. flex-wrap: wrap;. align-items: center;. justify-content: center;. }. #text {. max-width: 60%;. margin-left: 1rem;. margin-right: 1rem;. }. main > section > div {. margin-bottom: 3.25rem;. }. svg {. margin-left: 2rem;. }. @keyframes eye-1 {. 0% {. transform: translateX(0);. }. 10%,. 50% {. tr

                                                                                                                  Chrome Cache Entry: 132

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:HTML document, ASCII text
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):568
                                                                                                                  Entropy (8bit):5.058104868927085
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:361076184BB575A751DA5A6BD564776A
                                                                                                                  SHA1:66EA1EA87E4AEDDB11C982956EB201B7D15CDE32
                                                                                                                  SHA-256:929AA1C859D0A041041B63BD18B2BF2B18D8D233427392E8831B3233837FDBE0
                                                                                                                  SHA-512:B0D0DED95B7CAEF2183054A42FD344DD71C240A8950EBD2EF78A93B6989800B09DA7F20314F559A329D71C9B0E9B7C17E336DDCB97BC7EA1CE7DAFF2C77B8663
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://assets-eur.mkt.dynamics.com/0abbb778-44ed-ef11-933d-000d3a24897a/digitalassets/standaloneforms/5a3a4a05-cced-ef11-be20-7c1e5228b93e?=outlook.office.com/mail/inbox/id/AAQkADZkOTk4OWNmLWYyYjUtNGEwNi1hZTY0LTY5ZGE5ZmYzYzYxMwAQAP%2FO5QhSWQBJt%2Bdd51R9eCU%3D?actSwt=true
                                                                                                                  Preview:<div. data-form-id='5a3a4a05-cced-ef11-be20-7c1e5228b93e'. data-form-api-url='https://public-eur.mkt.dynamics.com/api/v1.0/orgs/0abbb778-44ed-ef11-933d-000d3a24897a/landingpageforms'. data-cached-form-url='https://assets-eur.mkt.dynamics.com/0abbb778-44ed-ef11-933d-000d3a24897a/digitalassets/forms/5a3a4a05-cced-ef11-be20-7c1e5228b93e' ></div>. <script src = 'https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/eur/FormLoader/FormLoader.bundle.js' ></script>. <script>document.documentElement.lang = navigator.language;</script>

                                                                                                                  Chrome Cache Entry: 133

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:HTML document, ASCII text, with very long lines (5844), with CRLF line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):7914
                                                                                                                  Entropy (8bit):4.4735908000780045
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:56F9CD8A07135E776326431C8560F8F2
                                                                                                                  SHA1:FCFF27C475A9FB014661B045B59C8BB4799A0392
                                                                                                                  SHA-256:0E1D105D6EE902B7279AEFD9E8AF21AB3E5D0CF058332A2A0E53A351524C75E6
                                                                                                                  SHA-512:E75E2B65828CDE51CA880AEE30A74A3EE04B25B0FC0D2AF5B4BB675B62B592CF12D284771A0CE0A8174295F93C4D9007DA5C407C65229456EC0F1A18A6C8EE28
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://forms.office.com/offline.aspx
                                                                                                                  Preview:<!DOCTYPE html>....<html xmlns="http://www.w3.org/1999/xhtml" lang="en-us">..<head>.. <meta charset="utf-8" />.. <meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover" />.. <title>Microsoft Forms</title>.. <style>.. * {.. box-sizing: border-box;.. }.... body {.. height: 100vh;.. margin: 0 auto;.. background-color: #f3f2f1;.. font-family: "Segoe UI", "Segoe UI Web (West European)", "Segoe UI", -apple-system, BlinkMacSystemFont, Roboto, "Helvetica Neue", sans-serif;.. }.... .content-root {.. height: 100%;.. display: flex;.. align-items: center;.. justify-content: center;.. padding: 20px;.. }.... .offline-message {.. max-width: 600px;.. }.... .offline-title {.. font-size: 32px;.. line-height: 40px;.. margin-top: 24px;.. }...

                                                                                                                  Chrome Cache Entry: 137

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (35296), with no line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):35318
                                                                                                                  Entropy (8bit):4.783693763527761
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:6B3065D1A07299F78BEDA1836903C794
                                                                                                                  SHA1:002AC4FE4E7EFFA7B90B24E28BB988A22A3CC54A
                                                                                                                  SHA-256:755AE7F0722D0A106C0D43DE945B4DD4E100B178ED7AAB4885ADAFE43FC7F56F
                                                                                                                  SHA-512:BF3C1A7DC9F27C177261CEAAF15643BC8DDEEF25AEE934B59A7B54135448C974B23480788953D91B4E45D7389319A02D6BC2829682F53F1E55A489FA8B2A815A
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://cdn.forms.office.net/scripts/dists/ls-response.en-us.b26195a5d.js
                                                                                                                  Preview:window.FormsLsMap = (window.FormsLsMap || {});window.FormsLsMap["en-us"]={"mdbicgo":"Required to answer","acmngdo":"This user is not currently restricted from using Microsoft Forms. No further action is needed..","pdnfcop":"Correct","gplbmcp":"Print response","pfjnaob":"Required","dlogacb":"Pause background music","oancfdj":"Play background music","pjgjcee":"Pause live background","dplcjia":"Play live background","giamlmc":"Please select at least {0} options.","ggbmbok":"Please select at most {0} options.","mbpambh":"Please select {0} options.","palclad":"Allow","pefpebc":"Back","ljngmfa":"Cancel","adhcmno":"Close","lelhaog":"Dismiss","lfignjp":",","ekdmdig":"More options","nekefda":"Next","fkcodff":"No","jljijgh":"Points","npbhaja":"Prefill","fookldf":"Preview","nfokege":"Skip","gacoblj":"Yes","glhpeoj":"Copilot Pro","nbfafnl":"Get Copilot Pro","jppmnpa":"Get started with ","jjkafmg":"Supercharge your creativity and productivity with Copilot, your everyday AI companion.","djeklgg":"

                                                                                                                  Chrome Cache Entry: 138

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 44327
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):6213
                                                                                                                  Entropy (8bit):7.966605070784871
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:14A1E96B2D571F92C96D8979EEBFC80E
                                                                                                                  SHA1:ACDF9EACF069BF51C86112667ED3C41BE394A2DC
                                                                                                                  SHA-256:D721FF1CCC3BC31816AE80D4975E8D3AC3C2BDA5B679EF72B4233C15FA908A89
                                                                                                                  SHA-512:6A2745688BA237F4459E89F85555CA2C9491F624F1428433C398FFD266D70429D73726ED043150B842346DED0686FCEBF3B5ABA62A4141F02C819F0A3D16116E
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://logincdn.msauth.net/shared/5/images/3_57fee22710b04cebe1d5.svg
                                                                                                                  Preview:...........].r.F.....%~....8U..$3.L2....%[.my$.|.Y..J1.<!h2.1.T...h.^......'.....G'Ooo_....^.._.....C-.|..'......NT..D<=.|....d..........'........N....E...'O.|q..z1.,.\/>.H;s..1y.~...f~~>.....s..VW......w.....D<~t.%&..._r...'......?>...{..V..w;.............:....]..n.{....v..........N.(..;......n...S&.Zz...C..ji.....b..1..?..\m.p..*,*+.`*......r..1.+.}.T."~+}......K.U......0...-ko<..`.p...Q....`j..#......!..pH..I...u4Vh.k.....^.P'k...+.....J../.7u.n...."~...X:~..AG-#.._...q.R...T.P..j.}...V....U..A;..l..t.5......._>t._~......|......J8.=....%...$$.......K7.jB.E.W.G...2.+.yD..../.J.....TXS)M..+c@+HN.F..M..({.9u..)TH.....p[...pOIoG..C$..^.A.pz.......,.v..&......0.r.........Ge ......v.O..h..(.m.Q.A.24"..jS.E[.D.,.. ..zax....0..|U7.(......c5P#X).J...a..,.....|.$%....J.ia.."\.p,(... ....ce...5.O..R7g...A.4.]..c..O...Q9............ .@.....Ep/..`L......X.3..X~...,.qB..Ji^;.}Yc.a.....F...e.V.........|7.?;..n.~~........w....r.B1.d...+.~.N

                                                                                                                  Chrome Cache Entry: 139

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (61177)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):113424
                                                                                                                  Entropy (8bit):5.2850742719795925
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:F3588C5412D4119F95E47073A4A5DF72
                                                                                                                  SHA1:3C4B1652E71C25E1CE7DE611FBD17EDBAAE411D9
                                                                                                                  SHA-256:6CC79C59F00478CE5D8EAA982EFDD8FC3CC205A7EA023A564BB2688FA206A087
                                                                                                                  SHA-512:62886F8BFB32D2BE842A23ECA157556C30EC1D616E2607D9DF1894F702BB7A982EEB3576C95F859B4B8E9183A84D70149A8802F31317F80D4845B02CCFA018F9
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
                                                                                                                  Preview:/*! Copyright (C) Microsoft Corporation. All rights reserved. *//*!.------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------..This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise...//-----------------------------------------------------------------------------.twbs-bootstrap-sass (3.3.0).//-----------------------------------------------------------------------------..The MIT License (MIT)..Copyright (c) 2013 Twitter, Inc..Permission is hereby granted, free of charge, to any person

                                                                                                                  Chrome Cache Entry: 140

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (2054)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):9285
                                                                                                                  Entropy (8bit):5.397876465825329
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:439A53994F1A9C860C7787ED5100CA0C
                                                                                                                  SHA1:15BA120F64BBF6A59A457841B10DF0D6D1B4574C
                                                                                                                  SHA-256:441BFA485FB0EB8AD2BE7001209868B57C41769CAE9512A774419F5882C093E6
                                                                                                                  SHA-512:FB6002797BD9E28A352BCBE4643BC7E998C562218D9189AE879E1DC605BC79C3234435029B46667724E5C85A475A72C8DDDED17E3EEFD7791EC1FB21822D3804
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js
                                                                                                                  Preview:!function(){function e(){return(x.location.protocol||"").concat("//",x.location.hostname||x.location.host)}function r(e){if(e){try{var r=/function (.{1,})\(/,n=r.exec(e.constructor.toString());return n&&n.length>1?n[1]:""}catch(e){}}return""}function n(e,r,n){if(e&&r){n||(e=e.toLowerCase());for(var t=0;t<r.length;t++){var o=r[t];if(o&&(n||(o=o.toLowerCase()),e.indexOf(o)>=0)){return r[t]}}}return null}function t(e,r,n){return!!(0===n&&r&&r.indexOf("Script error.")>=0)}function o(e,r){.if(!e.expectedVersion||e.expectedVersion!==E().jquery){if(r&&r.indexOf("jQuery.easing[jQuery.easing.def] is not a function")>=0){return!0}if(r&&r.indexOf("The bound jQuery version is not the expected version -- loaded")>=0){return!0}}return!1}function i(e){if(e){try{if("string"!==E.type(e)&&JSON&&JSON.stringify){var n=r(e),t=JSON.stringify(e);return t&&"{}"!==t||(e.error&&(e=e.error,n=r(e)),(t=JSON.stringify(e))&&"{}"!==t||(t=e.toString())),n+":"+t}}catch(e){}}return""+(e||"")}function a(e,r){return{."sig

                                                                                                                  Chrome Cache Entry: 141

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):190174
                                                                                                                  Entropy (8bit):5.3486501389450956
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:8A67865147313FAD35D9CEE65F36AE1E
                                                                                                                  SHA1:56AB3C591B131E5D712538F7B707BC0C86901466
                                                                                                                  SHA-256:03A70FB8A2F4CE57090DA9882349DB8BA64E2E73359C209FC8E9CF70F0B4C5E9
                                                                                                                  SHA-512:EED88275245624DFA6B9671DC4D2EF11A61C6464ADD0C8ADC934BEB4AF46C9798588FFC96C8E72A0626044FC45F72C9011C559F1F942897C743250942EDC1014
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
                                                                                                                  Preview:(window.telemetry_webpackJsonp=window.telemetry_webpackJsonp||[]).push([[2],[,,,function(e,t,n){"use strict";n.r(t),n.d(t,"ValueKind",(function(){return r.e})),n.d(t,"EventLatency",(function(){return r.a})),n.d(t,"EventPersistence",(function(){return r.b})),n.d(t,"TraceLevel",(function(){return r.d})),n.d(t,"AppInsightsCore",(function(){return i.a})),n.d(t,"BaseCore",(function(){return d})),n.d(t,"_ExtendedInternalMessageId",(function(){return r.f})),n.d(t,"EventPropertyType",(function(){return r.c})),n.d(t,"ESPromise",(function(){return g})),n.d(t,"ESPromiseScheduler",(function(){return C})),n.d(t,"ValueSanitizer",(function(){return I})),n.d(t,"NotificationManager",(function(){return E.a})),n.d(t,"BaseTelemetryPlugin",(function(){return S.a})),n.d(t,"ProcessTelemetryContext",(function(){return N.a})),n.d(t,"MinChannelPriorty",(function(){return w.a})),n.d(t,"EventsDiscardedReason",(function(){return P.a})),n.d(t,"DiagnosticLogger",(function(){return c.a})),n.d(t,"LoggingSeverity",(fun

                                                                                                                  Chrome Cache Entry: 143

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):2934019
                                                                                                                  Entropy (8bit):5.10111661742285
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:E35AF4D8CEB624072098FA9A3D970AAA
                                                                                                                  SHA1:7324CF2B8B3BAD7F5A0B763734D6872318D5D5F4
                                                                                                                  SHA-256:B6AD97402EDDB903E7A5D7A73EE47A679204EFBDDA4521A391CBAD9DF509B932
                                                                                                                  SHA-512:C2779AF7DB8A202DD3245EEFE1E2A4E18FA5333D8C925BF5F3EAF89DAD869F569B0D13CF39E79FF79C53CDDC060FD7BACD7241B5E308859D7EEBC402E5BC8967
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css
                                                                                                                  Preview:/*! tailwindcss v2.2.19 | MIT License | https://tailwindcss.com *//*! modern-normalize v1.1.0 | MIT License | https://github.com/sindresorhus/modern-normalize */*,::after,::before{box-sizing:border-box}html{-moz-tab-size:4;tab-size:4}html{line-height:1.15;-webkit-text-size-adjust:100%}body{margin:0}body{font-family:system-ui,-apple-system,'Segoe UI',Roboto,Helvetica,Arial,sans-serif,'Apple Color Emoji','Segoe UI Emoji'}hr{height:0;color:inherit}abbr[title]{-webkit-text-decoration:underline dotted;text-decoration:underline dotted}b,strong{font-weight:bolder}code,kbd,pre,samp{font-family:ui-monospace,SFMono-Regular,Consolas,'Liberation Mono',Menlo,monospace;font-size:1em}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sub{bottom:-.25em}sup{top:-.5em}table{text-indent:0;border-color:inherit}button,input,optgroup,select,textarea{font-family:inherit;font-size:100%;line-height:1.15;margin:0}button,select{text-transform:none}[type=button],[typ

                                                                                                                  Chrome Cache Entry: 144

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):73103
                                                                                                                  Entropy (8bit):5.495189652043056
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:453685EED7737FD018C07BEC63C7CDF3
                                                                                                                  SHA1:788FFE4D7B3D1B5009F8ED85A661EB4700ABC9B7
                                                                                                                  SHA-256:882918F3A1A8F44F7D577918D02AAAFADC6359E3514B7D1DA3B6873866B0BB97
                                                                                                                  SHA-512:87BA3EC5291279A514F15B0BFA07CE6A0D0CBFE9ACBB83026F9EB5936860015F5A0FB9A0E0E786D976E0AE37D245354AE3221313F6A7DF4295B19117BB7FDA9D
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.lrp_cover.5640ba3.js
                                                                                                                  Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[451],{1607:function(e,t,n){n.d(t,{p:function(){return i}});var o=n(33377);function i(e){for(var t=[],n=1;n<arguments.length;n++)t[n-1]=arguments[n];for(var i=[],r=0,_=t;r<_.length;r++){var a=_[r];a&&i.push("function"==typeof a?a(e):a)}return 1===i.length?i[0]:i.length?o.T.apply(void 0,i):{}}},3025:function(e,t,n){n.d(t,{n:function(){return _}});var o=n(94335),i=n(75265),r=n(34255);function _(e){var t=i.nr.getInstance(),n=(0,r.bz)((0,o.Iy)(),e);if(!t.classNameFromKey(n)){var _=t.getClassName();t.insertRule("@font-face{".concat(n,"}"),!0),t.cacheClassName(_,n,[],["font-face",n])}}},16880:function(e,t,n){n.r(t),n.d(t,{AnimationClassNames:function(){return Q},AnimationStyles:function(){return P},AnimationVariables:function(){return G},ColorClassNames:function(){return be},DefaultEffects:function(){return ct.W},DefaultFontStyles:function(){return J.d},DefaultPalette:function(){return ee.b},EdgeChromiumHighContrastSelector:functio

                                                                                                                  Chrome Cache Entry: 145

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (39143)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):493883
                                                                                                                  Entropy (8bit):5.477134795545413
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:E8D258F91BA708982937EBBDFD530D40
                                                                                                                  SHA1:E2A3D34CC6FD17E2A656B951064AEBE03FF3BECD
                                                                                                                  SHA-256:8B6A9657994DDC78968917AB44AB0F84CDD2EE7A1CB5D9B44078CF7D0545F969
                                                                                                                  SHA-512:6846DE7268D54C3CE5B988D091568B4A8DF3E95E50B4F9346DC93B6AF5855FC99AD119CC64EFC357BBAC1173AED3810CD6A05E4CB2C94B02FEC83A446C556F10
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://cdn.forms.office.net/scripts/dists/light-response-page.min.32c7ad8.js
                                                                                                                  Preview:!function(){var n,t,r,e,i,o={94335:function(n,t,r){"use strict";r.d(t,{DU:function(){return o},Iy:function(){return a}});var e,i=r(35695);function o(n){e!==n&&(e=n)}function u(){return void 0===e&&(e="undefined"!=typeof document&&!!document.documentElement&&"rtl"===document.documentElement.getAttribute("dir")),e}function a(){return{rtl:u(),shadowConfig:i.ou}}e=u()},75265:function(n,t,r){"use strict";r.d(t,{b3:function(){return u},nr:function(){return f}});var e,i=r(34629),o=r(35695),u={none:0,insertNode:1,appendChild:2},a="undefined"!=typeof navigator&&/rv:11.0/.test(navigator.userAgent),c={};try{c=window||{}}catch(n){}var f=function(){function n(n,t){var r,e,o,a,c,f;this._rules=[],this._preservedRules=[],this._counter=0,this._keyToClassName={},this._onInsertRuleCallbacks=[],this._onResetCallbacks=[],this._classNameToArgs={},this._config=(0,i.Cl)({injectionMode:"undefined"==typeof document?u.none:u.insertNode,defaultPrefix:"css",namespace:void 0,cspSettings:void 0},n),this._classNameTo

                                                                                                                  Chrome Cache Entry: 146

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (512)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):11970
                                                                                                                  Entropy (8bit):5.416120131770621
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:39A0EB35CD7799A181D34F4AE1DDB496
                                                                                                                  SHA1:E933CA8534BCB6AD79D240316CE23C8B870050D0
                                                                                                                  SHA-256:C8CEF105FCAF7CBF3F8682C861045505C24D41CF6686C20C1C03E14031A3DB69
                                                                                                                  SHA-512:0AE990F9B57B55C3A8025BBE13C98ECD8A40C38380F9E0EFEF2BE7B418642EB040E4C537E684D2FEF7E04113450CFD4DEFF3414310773177220209991BBF1643
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js
                                                                                                                  Preview:/*! ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------..This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise. .. * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain..Provided for Informational Purposes Only..Public Domain. .NO WARRANTY EXPRESSED OR IMPLIED. USE AT YOUR OWN RISK..----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------ */."object"!=typeof JSON&&(JSON={}),

                                                                                                                  Chrome Cache Entry: 147

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (2003)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):2976
                                                                                                                  Entropy (8bit):5.3357357584427065
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:FA0F9A16F067F1641737472832FD0240
                                                                                                                  SHA1:2B64D53D0D6A1738A2CC182A8FD1D62876EEBFB6
                                                                                                                  SHA-256:7F1C1D0F88AA543AB4900715E0C61E94608B8B80DDD53D6DBA537352EA333839
                                                                                                                  SHA-512:E1FA7E02A1B2CDCC2491924FB79B5B419A30D1325A0250BE7CB02BF42A9B298CDABB6A552A99C9D5049C67030EB8AFABAEFFAC2F1D8638CC6E5F41AB5E51E38A
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pidpredirect_0319da52ba81834624b9.js
                                                                                                                  Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */.(window.webpackJsonp=window.webpackJsonp||[]).push([[20],{517:function(e,t,i

                                                                                                                  Chrome Cache Entry: 148

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:PNG image data, 490 x 180, 8-bit/color RGBA, non-interlaced
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):5895
                                                                                                                  Entropy (8bit):7.720248605671278
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:311274C8C9C66E894F5AFA51FACD72CD
                                                                                                                  SHA1:386D1FA0B2924DF2C21545CF2FF1DDE2CD985D33
                                                                                                                  SHA-256:BC3C029408DAB6B5CB676B990B2E21BDD474E4B2E45DAF87E70210539390BF49
                                                                                                                  SHA-512:2117BC16AC878BCC307CEA0DEFA0638800715330E83E9C8C1CAD7398BBF207E9432391B851E004308FB75C20C2D6F587D015FA3FB13F8630FE3E0C7E194979FC
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  Preview:.PNG........IHDR.............[.o.....IDATx......U.....xi.#..l.%3J.t.D\If5h.......>.Ft.....].8f..A...(../....D..1b.%.9:1y.LD.3...~Y....?..........(.s....~.nh........................................................................................................................................................................@...6`.W.....z.m..z....@.:.`..e.agn..w[-..}O.L...Gf.h.V....Wlu......n.....ek...z...Z...lu..AMP..@P...........&... ..j..AMP..@P..............3f.X).K._.J..+....d...5A.t..c._...R6K.2....@P.6A=}...'O...WZ[[{....;~..w[..7.x9.....uR~-.....7GB..0a..e?.........S...R&.<..X.2..r..}.>.hii.]......Q.N.iL..]..>y.r.\.."..U.g..A......K....'....q.LP..o..O..-.l...{....{)...+.....\N...9...P.d..+....B.[.Z..d.....e>...#i~%D.8Y&.E...L..M.+..OX..J1...|.do&......9..+8.[......ady...P_.....m.....mA-.P...A......a.e.zW.w..EnbIX.3.j.....k....[..Y...q[.r4...xY.....+w.g....Sk\#F..;9&.....4....f...I.'X....n.r.$.APw.P.A....M..8=..).0_.h./...b.....g......e.S...

                                                                                                                  Chrome Cache Entry: 149

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:JSON data
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):2653
                                                                                                                  Entropy (8bit):4.656205643398799
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:B5E6292FA9517549D45416C9C6CD4E06
                                                                                                                  SHA1:30671DFF46C5A0530354ABB1CE0A67DB1FAEFAFC
                                                                                                                  SHA-256:90686C009E85AC275D42155E113026F48A0D6DDE754290201DF12AF9F872E34E
                                                                                                                  SHA-512:9B5A10924D16C847652C9F966AF70373642508F84F8A3C96470F69DE5BD3546E8905F7D18687AE7A5B18D4A42D772EDA6754F835FD25DD3036F029F603314C92
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  Preview:{.. "FormFailedToLoad": "Failed to load form",.. "FormFailedToLoadCors": "The form can not be loaded on a domain that hasn't been allowed for external form hosting or there is a network connectivity issue",.. "LearnMore": "Learn more",.. "FormSubmitted": "Form submitted",.. "FormSubmittedWaitlist": "You have been added to the waitlist.",.. "FormSubmitError": "Error submitting the form",.. "Reload": "Reload",.. "LookupLoading": "loading...",.. "LookupGenericError": "There was a problem retrieving items. Try again later.",.. "ValidationRequiredField": "This field is required",.. "ValidationSessionSelectionRequired": "Please choose at least one session",.. "ValidationSingleSessionSelectionRequired": "Please choose a session",.. "EventFailedToLoad": "Failed to load event.",.. "EventAtCapacity": "The event is full and is not accepting any more sign-ups.",.. "EventNotLive": "We are still setting up this event. Please check again in some time or contact the event organizer ",..

                                                                                                                  Chrome Cache Entry: 150

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (65461)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):798352
                                                                                                                  Entropy (8bit):5.4341942415054865
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:027FCB222FF7F55727BB05FE563E0845
                                                                                                                  SHA1:BACB3A9D3AF2F802ABEF77271FF629CAD2BC46CD
                                                                                                                  SHA-256:DA08B220F1F44BAD02CF221BDBA5DBD284017271CE76A579406F8B75B0627753
                                                                                                                  SHA-512:4DFE7C514B6A2B6854AFC27B7BE142C9EEE83063F86D1F20C023B322BFC78E2532E75A187FF6D44B52683692DFDB4429B74D90C9CCAD99C8A4EB7A5480A5025C
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://cxppusa1formui01cdnsa01-endpoint.azureedge.net/eur/FormLoader/FormLoader.bundle.js
                                                                                                                  Preview:/*! For license information please see FormLoader.bundle.js.LICENSE.txt */.var d365mktforms;(()=>{var e,t,n={686:function(e,t){var n="undefined"!=typeof self?self:this,r=function(){function e(){this.fetch=!1,this.DOMException=n.DOMException}return e.prototype=n,new e}();!function(e){!function(t){var n="URLSearchParams"in e,r="Symbol"in e&&"iterator"in Symbol,i="FileReader"in e&&"Blob"in e&&function(){try{return new Blob,!0}catch(e){return!1}}(),a="FormData"in e,o="ArrayBuffer"in e;if(o)var s=["[object Int8Array]","[object Uint8Array]","[object Uint8ClampedArray]","[object Int16Array]","[object Uint16Array]","[object Int32Array]","[object Uint32Array]","[object Float32Array]","[object Float64Array]"],u=ArrayBuffer.isView||function(e){return e&&s.indexOf(Object.prototype.toString.call(e))>-1};function l(e){if("string"!=typeof e&&(e=String(e)),/[^a-z0-9\-#$%&'*+.^_`|~]/i.test(e))throw new TypeError("Invalid character in header field name");return e.toLowerCase()}function c(e){return"strin

                                                                                                                  Chrome Cache Entry: 151

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:PNG image data, 192 x 192, 8-bit colormap, non-interlaced
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):1779
                                                                                                                  Entropy (8bit):7.589819392147309
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:4150A5D4F2B0284A9E62D247929DD2AA
                                                                                                                  SHA1:97CA2D9ECE8F0855B2A93E6BFDFC4883685C51CB
                                                                                                                  SHA-256:F058653DCBA7E8B00D4BDB9409E06817F098AB18125CE5A5821520F04030D176
                                                                                                                  SHA-512:D034378E76D58A899047B4639115102CC8F89AEF3F300DDAF0C0B3EAE40C8381040D1656109632E9095ED3F399218F196087D070C099FD89B9605DFBC34FB585
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://forms.office.com/cdn/images/pwa/forms-pwa-logo-192.png
                                                                                                                  Preview:.PNG........IHDR.............e..5....PLTE....pp......@...pp......8...jp...:...lp...6..9......mp...8...kp...6..8...lp.lp7..7...mp...7...lp...7...lp.......lp.lp.lp7......mp...7...lp...6..7...68.;=.@B.AC.IL.NQ.SV.X[.DF.JM.NP.UX.X[.]`._b.ei.fj.hl.il.lp.pt.y}.z}....os.os.rv....uy....hl.x|.{.....{..~..............MP.......sx..............................................ch..........io.......ou... ..!..".."..#..#..#..$..%..%..&..'..'..'..(..(..)..*..*..*..*..+..,..,..,..-........0..0..1..1..2..2..3..3..4..4..4..5..5..6..6..6..6..7..B..b....................1tRNS..... 000@PPP````pp...........................hX....sIDATx....{.E....(.9T@n.V@@"r..jLDR9.TlK...J....J.G-.j...vj..KS...fvwv.......k........n...B.!..B(..xjs.mX.p..W..)..1...I._m..@.2.....0.#..9_.....`[.C..../...q..i............Umd".....b;.[{..H..V..g*\...0T`.z+..X..O._!.....U.F.P)0....X...q....J.q...L....J."....x.....".W}~.Q...b~...,..'.2.#gZU.Q....1gJ7.j..81......K7..?.......i......5......x.o.g...Q..V..SZ.xe-..}..

                                                                                                                  Chrome Cache Entry: 153

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):17174
                                                                                                                  Entropy (8bit):2.9129715116732746
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:12E3DAC858061D088023B2BD48E2FA96
                                                                                                                  SHA1:E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
                                                                                                                  SHA-256:90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
                                                                                                                  SHA-512:C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  Preview:..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

                                                                                                                  Chrome Cache Entry: 154

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:C source, ASCII text, with very long lines (6034)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):7007
                                                                                                                  Entropy (8bit):5.217538149527648
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:961FE8C57ACA12AE6CEB6009FDA453A5
                                                                                                                  SHA1:70278D67A874A92B63A55D516B406C13FE81B6F7
                                                                                                                  SHA-256:9446C4A186980B9585CA261D66F5F8D4D0E8E16F98C622EAEDCB80FE87DB964E
                                                                                                                  SHA-512:FEBE6936D7F91663585E3227ED8F1F84FE61987291084FAD3635563451D160C43C8E33F5C3B01EAC081197717ECABC57162B41DE67D74F4427788920D662EC9A
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pidpdisambiguation_f4bad3d9b05044fac977.js
                                                                                                                  Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */.(window.webpackJsonp=window.webpackJsonp||[]).push([[19],{516:function(i,e,n

                                                                                                                  Chrome Cache Entry: 155

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (45797)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):406986
                                                                                                                  Entropy (8bit):5.31738212037311
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:64C6CD48E8E3A88A35182C5EEBB90E88
                                                                                                                  SHA1:5F14EF3E01DA258408717D5D5B40C1B78D68F2E6
                                                                                                                  SHA-256:90D8A6120F8C463CCAB8D9956D6BF089FB420FFF3CC29FECB8DF95696DFA9B51
                                                                                                                  SHA-512:0F21F8D9AC4480259AC0ECEF63B2A8D6466A84897C9E9DFAEFCDEEAA6DF061E147E9AF8D028CC97641E40FB0ABAA1C5F2C369200A775CF45072AC1AFFFD54D45
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_72a1051aa2aa2943d8c1.js
                                                                                                                  Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */.(window.webpackJsonp=window.webpackJsonp||[]).push([[8],Array(542).concat([f

                                                                                                                  Chrome Cache Entry: 157

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (64241)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):171859
                                                                                                                  Entropy (8bit):5.043961161012678
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:97A7AD53DCC2CB34895CA7932A24F1D6
                                                                                                                  SHA1:0CD7562FCBB6E6782F379EA4AEDFBC1FD68916BE
                                                                                                                  SHA-256:A4CF9C20DA583D6053F6D120467224875DE6C3F740FAD08ABD1E041A0C3F18B6
                                                                                                                  SHA-512:616595A1450DB203CBAE3485F2C079A36AAF82B625585783E063D5169EBF48AFD42DD98FD3BF39EA248CE5CD4AFD074B6B14C07D557E7672A0DE9E451683AB47
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/60-6a98d7/c9-be0100/a6-e969ef/43-9f2e7c/82-8b5456/a0-5d3913/84-6d4f33/ae-f1ac0c?ver=2.0&_cf=02242021_3231
                                                                                                                  Preview:@charset "UTF-8";./*! | Copyright 2017 Microsoft Corporation | This software is based on or incorporates material from the files listed below (collectively, "Third Party Code"). Microsoft is not the original author of the Third Party Code. The original copyright notice and the license under which Microsoft received Third Party Code are set forth below together with the full text of such license. Such notices and license are provided solely for your information. Microsoft, not the third party, licenses this Third Party Code to you under the terms in which you received the Microsoft software or the services, unless Microsoft clearly states that such Microsoft terms do NOT apply for a particular Third Party Code. Unless applicable law gives you more rights, Microsoft reserves all other rights not expressly granted under such agreement(s), whether by implication, estoppel or otherwise.*/./*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */.body{margin:0}.context-uh

                                                                                                                  Chrome Cache Entry: 158

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (64616)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):455667
                                                                                                                  Entropy (8bit):5.446740368528785
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:1A33F545D71548A7FA0120BB9A0911D6
                                                                                                                  SHA1:326CBE6CBD333194D8B722A30B851868CFDAA5B5
                                                                                                                  SHA-256:ABB0B419F045CF857BF379D22C036F9298295930B86CDF19DE160C56A2195603
                                                                                                                  SHA-512:8C2C75BBDCB0A2866FB56FC28FD96A733BE36AEA9A3A20916E31396FC252BE193A74ADF89BCC4F0DD7B16618C5FEC200256283E7F6E48540C7C6759C6A774CA4
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_GjP1RdcVSKf6ASC7mgkR1g2.js
                                                                                                                  Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */!function(e){function n(n){for(var t,i,o=n[0],r=n[1],s=0,c=[];s<o.length;s++)

                                                                                                                  Chrome Cache Entry: 159

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (22709)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):44745
                                                                                                                  Entropy (8bit):5.357853275003685
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:0055D5757DB41BAD929E5C8B9B726180
                                                                                                                  SHA1:FBA7C3D94C0FE43AF69BDCFC5186539E1DDE2EFF
                                                                                                                  SHA-256:37D099733E4901725976E46366372584C0BB88EA5B32D288BAB5F996736725C4
                                                                                                                  SHA-512:674270C68411956F88AC9675948229D129FC00125F80DF3A37DC0004D0F89ADD5C07C09648D51A32F1179DA24567E6D74ABFE2BB58BAE51D200E06C097CC806C
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://cdn.forms.office.net/scripts/dists/dll-dompurify.min.11aa374.js
                                                                                                                  Preview:var _dll_dompurify_c3d1d8ca9cfb419112b9;(()=>{var t={234:function(t){./*! @license DOMPurify 2.5.4 | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/2.5.4/LICENSE */.t.exports=function(){"use strict";function t(e){return t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t},t(e)}function e(t,n){return e=Object.setPrototypeOf||function(t,e){return t.__proto__=e,t},e(t,n)}function n(){if("undefined"==typeof Reflect||!Reflect.construct)return!1;if(Reflect.construct.sham)return!1;if("function"==typeof Proxy)return!0;try{return Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],(function(){}))),!0}catch(t){return!1}}function o(t,r,i){return o=n()?Reflect.construct:function(t,n,o){var r=[null];r.push.apply(r,n);var i=new(Function.bind.apply(t,r)

                                                                                                                  Chrome Cache Entry: 161

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (43703)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):43869
                                                                                                                  Entropy (8bit):5.335509477963998
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:A85D658FF0CBD62DF9618C30088ECB9D
                                                                                                                  SHA1:DF8006FEE096DD943A5CC6FFF725BFC51B2F6493
                                                                                                                  SHA-256:2374CE566E5719390B6A32AD36AB4A4C3B4F4C7853397EFEA70D15CAF42C5B46
                                                                                                                  SHA-512:096F134835DD4FB10E2D53140252531F9360F87334F7123BCE15E3487F1238E0A96CB152A2C76EC2890F7FADD8102917611EB8E307134058EBDC66D878C26E9A
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://forms.office.com/sw.js?ring=Business
                                                                                                                  Preview:!function(){"use strict";var e={124:function(){try{self["workbox:core:6.1.0"]&&_()}catch(e){}},390:function(){try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},568:function(){try{self["workbox:core:6.4.0"]&&_()}catch(e){}},639:function(){try{self["workbox:navigation-preload:6.1.0"]&&_()}catch(e){}},695:function(){try{self["workbox:routing:6.1.0"]&&_()}catch(e){}},818:function(){try{self["workbox:strategies:6.1.0"]&&_()}catch(e){}}},t={};function n(r){var s=t[r];if(void 0!==s)return s.exports;var o=t[r]={exports:{}};return e[r](o,o.exports,n),o.exports}n(124);n(639);function r(){return Boolean(self.registration&&self.registration.navigationPreload)}const s=(e,...t)=>{let n=e;return t.length>0&&(n+=` :: ${JSON.stringify(t)}`),n};class o extends Error{constructor(e,t){super(s(e,t)),this.name=e,this.details=t}}const a={googleAnalytics:"googleAnalytics",precache:"precache-v2",prefix:"workbox",runtime:"runtime",suffix:"undefined"!=typeof registration?registration.scope:""},i=e=>[a.prefix

                                                                                                                  Chrome Cache Entry: 162

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (918)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):1152
                                                                                                                  Entropy (8bit):5.358986431153826
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:BD81C01D8A77280C7A50F5D407D9D88F
                                                                                                                  SHA1:772D84EAE30E3AB07B96F259DBBD96C1CB3CAC0E
                                                                                                                  SHA-256:B59ACB533C93CC20A5EF0DDE32FF74743D182803A3EDE78F69AEDAF953B09817
                                                                                                                  SHA-512:CF8549E78B28C3DBDBB40A30AEE160AFACFF1A7F5975CC74A91B745E40EE79CAAE152F2E42157D8316637A60769659E45E3ACD2DFD05233051F84BF8C3F838F7
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.sw.a912249.js
                                                                                                                  Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[725],{36001:function(r,e,n){n.r(e),n.d(e,{register:function(){return f}});var t=n(34629),i=n(91676),s=n(17891),u=n(75187),c=n(18992),o=n(59198),a=n(98856);function f(r){return(0,t.sH)(this,void 0,void 0,(function(){var e,n;return(0,t.YH)(this,(function(t){switch(t.label){case 0:return t.trys.push([0,5,,6]),(0,a.hN)()?(0,o.K7)("UnregisterServiceWorker")?[4,navigator.serviceWorker.getRegistrations().then((function(r){return Promise.all(r.map((function(r){return r.unregister()})))}))]:[3,2]:[2];case 1:return t.sent(),[2];case 2:return(0,o.K7)("ServiceWorkerEnabled")||"1"===(0,u.Db)().fsw?(e=r?"Business":(0,s.m1)().ring,[4,navigator.serviceWorker.register((0,i.ab)("/sw.js?ring=".concat(e)))]):[3,4];case 3:t.sent(),t.label=4;case 4:return[3,6];case 5:return n=t.sent(),(0,c.O7)("ServiceWorker.Registration.Error",n),[3,6];case 6:return[2]}}))}))}}}]);..//# sourceMappingURL=https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/

                                                                                                                  Chrome Cache Entry: 163

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (32290)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):32552
                                                                                                                  Entropy (8bit):5.529250441883659
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:9AA2AD23DB94159958FD3F7727D2772D
                                                                                                                  SHA1:9772BC38C697230B1AD38D8E0AAD2BB0D50B7B92
                                                                                                                  SHA-256:7A3323D599A81A19ED67A6E07FAB5962944E7D6967FFF2649C40FC3759EA303A
                                                                                                                  SHA-512:DD3C918D824B081F12A294930CCFD768DBCBB0F5DF019D4718A196941D3537BDAD42FC12B1C4DB72659C81BD3A11EAAFECF8796C9D2AC8C32B29FFB39431AFE4
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.lrp_saveresponse.5448557.js
                                                                                                                  Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[188],{46887:function(n,e,i){i.d(e,{wh:function(){return o}});var t=i(9468),r=i(891);function o(n){var e=n.redirectURLAfterSignIn,i=n.idp,o=n.origin,a=n.authProvider,d=n.enableEmailHrd,s=void 0===d||d,u=window.location.origin,c=[];if(e){var l=encodeURIComponent(e);c.push("redirecturl=".concat(l))}(0,r.h)(i)||c.push("idp=".concat(i)),(0,r.h)(o)||c.push("origin=".concat(o)),(0,r.h)(a)||c.push("".concat(t.f0,"=").concat(a));var f=c.length?"/?".concat(c.join("&")):"";return s?"".concat(u).concat(f,"#Login=True"):"".concat(u).concat(f)}},26098:function(n,e,i){i.d(e,{v:function(){return r}});var t=i(39980),r=function(n){var e=void 0===n?{}:n,i=e.$t$,r=e.$re,o=e.$sg,a=e.$fH,d=e.$hF,s=e.$hG,u=e.$ot,c=e.$iR,l=e.$nc,f=e.$k$,g=e.$tV,p=e.$mu,_=e.$jp,h=[];return i&&h.push("CollectionId=".concat(i)),r&&h.push("GroupId=".concat(r)),o&&h.push("Token=".concat(o)),c&&h.push("ResponseTime=".concat(c)),a&&h.push("SaveResponseFormId=".concat(a)),

                                                                                                                  Chrome Cache Entry: 164

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):7886
                                                                                                                  Entropy (8bit):3.973130033666625
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:9425D8E9313A692BB3F022E8055FAB82
                                                                                                                  SHA1:EDDCF3EA767D4C3042D01AC88594D7E795D8615C
                                                                                                                  SHA-256:F2A1ABCF12EBD0F329E5B66B811B0BD76C8E954CB283CE3B61E72FBF459EF6F1
                                                                                                                  SHA-512:93B3EB3C4CE385D80D4A8F6902355BBD156AC1AA20B8869AF05C8E714E90E74C5630BB8DE34D5B8FC9F876AC44BE314F3A2A08B3163295ADADBC6DD7B8D23561
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  Preview:...... .... .....6......... ............... .h...f...(... ...@..... .........................................................................................................................................................................................................................................................................................................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................ZV..ZV..ZV..ZV..ZV..ZV..ZV..ZV..^Z..pl..pl..pl..pl..................................|x..pl..pl..................................QN..QN..QN..QN..QN..QN..QN..QN..QN..c`..pl..pl..pl..................................|x..pl..pl............

                                                                                                                  Chrome Cache Entry: 166

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):4054
                                                                                                                  Entropy (8bit):7.797012573497454
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:9F14C20150A003D7CE4DE57C298F0FBA
                                                                                                                  SHA1:DAA53CF17CC45878A1B153F3C3BF47DC9669D78F
                                                                                                                  SHA-256:112FEC798B78AA02E102A724B5CB1990C0F909BC1D8B7B1FA256EAB41BBC0960
                                                                                                                  SHA-512:D4F6E49C854E15FE48D6A1F1A03FDA93218AB8FCDB2C443668E7DF478830831ACC2B41DAEFC25ED38FCC8D96C4401377374FED35C36A5017A11E63C8DAE5C487
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://www.microsoft.com/content/dam/microsoft/final/en-us/microsoft-brand/logo/MSFT-Microsoft-sticky-logo-RE1Mu3b.png?ver=5c31
                                                                                                                  Preview:.PNG........IHDR.............J.......tEXtSoftware.Adobe ImageReadyq.e<...(iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c132 79.159284, 2016/04/19-13:13:40 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:A00BC639840A11E68CBEB97C2156C7FD" xmpMM:InstanceID="xmp.iid:A00BC638840A11E68CBEB97C2156C7FD" xmp:CreatorTool="Adobe Photoshop CC 2015.5 (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:A2C931A470A111E6AEDFA14578553B7B" stRef:documentID="xmp.did:A2C931A570A111E6AEDFA14578553B7B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>.......DIDATx..\..UU.>.7..3....h.L..& j2...h.@..".........`U.......R"..Dq.&.BJR 1.4`$.200...l........wg.y.[k/

                                                                                                                  Chrome Cache Entry: 167

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:GIF image data, version 89a, 1 x 1
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):37
                                                                                                                  Entropy (8bit):3.040403544317301
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:3EACD0132310EA44CAD756B378A3BC07
                                                                                                                  SHA1:E2216A7E9B73F5CB0279351C78CE61C33475CEA7
                                                                                                                  SHA-256:BB229A48BEE31F5D54CA12DC9BD960C63A671F0D4BE86A054C1D324A44499D96
                                                                                                                  SHA-512:BD9AB35DDE3A5242B04C159187732E13B0A6DA50DDCFF7015DFB78CDD68743E191EAF5CDDEDD49BEF7D2D5A642C217272A40E5BA603FE24CA676A53F8C417C5D
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  Preview:GIF89a.......!.......,...........L..;

                                                                                                                  Chrome Cache Entry: 168

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (64616)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):455668
                                                                                                                  Entropy (8bit):5.446765136878414
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:3A708446F3E9FB8994CB1EF42AB05406
                                                                                                                  SHA1:9FD27A73746AA0F3EF25EF03FC41F1851C3E6A3B
                                                                                                                  SHA-256:EE94C78B69B812353E8CE1C067CF9208486BCBDAD826DBEB8AAE8DC08B74CD80
                                                                                                                  SHA-512:0F011539568B1F6E43078E6352EFC51BF1FD1924224CD2747578F1ECC577C09DAABAE89FA728DFB407AD97B1197F5CEBF0E302353E2CB30EA7B6021C2C2A5C99
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/js/ConvergedLogin_PCore_GjP1RdcVSKf6ASC7mgkR1g2.js
                                                                                                                  Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */!function(e){function n(n){for(var t,i,o=n[0],r=n[1],s=0,c=[];s<o.length;s++)

                                                                                                                  Chrome Cache Entry: 170

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:GIF image data, version 89a, 352 x 3
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):3620
                                                                                                                  Entropy (8bit):6.867828878374734
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:B540A8E518037192E32C4FE58BF2DBAB
                                                                                                                  SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                                                                                                  SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                                                                                                  SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...

                                                                                                                  Chrome Cache Entry: 171

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with very long lines (15336)
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):15592
                                                                                                                  Entropy (8bit):5.460233830524088
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:45817F9E60A802F6267F203297305531
                                                                                                                  SHA1:3ECC76647F26EDB639E6ECA199A50F855B94BFA3
                                                                                                                  SHA-256:99CCFF451EFE57873FBBA87E351A662DBC087DB89BC156E024BBBF71435C6912
                                                                                                                  SHA-512:A1F1817025E2DBC022DA7655667F0D66DD99FFCA869851964D58AD14F367478C2E5EDD60E62A442B49FC28666CDD1EE710DB6A1D624D990A363F18D49F7B2CE7
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://cdn.forms.office.net/scripts/dists/light-response-page.chunk.lrp_post.boot.d21af61.js
                                                                                                                  Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[294],{44330:function(n,e,r){function t(){return Date.now||(Date.now=function(){return(new Date).getTime()}),Math.floor(Date.now())}r.d(e,{JY:function(){return t}})},96900:function(n,e,r){r.r(e),r.d(e,{BrandingFooter:function(){return N}});var t=r(34629),i=r(92831),o=r(48723),a=r(30062),u=r(97666),c=r(23084),l=r(70574),f=r(98765),s=r(83778),d=r(29383),p=r(38826),$=r(71201),_=r(44695),m=r(6134),v=r(97892),g=r(69455),h=r(18190),w=r(8484),b=r(70918),k=r(6637),x=function(n,e){return function(r,t){var i=t();return r((0,k.X)("Branding.Footer.M365.Click",{isShare:(0,v.Hc)(i),isPreview:(0,v.qx)(i),fullScreen:n,isFormRuntime:(0,b.G1)(i),pageType:e}))}},y=r(38599),M=r(17543),R=r(74371),S=r(32225),C=function(n,e,r,i){var o,u;return[{$r:{background:r,width:"100%","@media print":{background:d.O.$g,color:d.O.$i},paddingTop:0},$a:{width:"100%"},$cG:{width:"100%",lineHeight:"1.3",fontSize:12,color:d.O.$i,marginTop:0,marginBottom:4},$jw:{disp

                                                                                                                  Chrome Cache Entry: 173

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):28
                                                                                                                  Entropy (8bit):4.307354922057605
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:9F9FA94F28FE0DE82BC8FD039A7BDB24
                                                                                                                  SHA1:6FE91F82974BD5B101782941064BCB2AFDEB17D8
                                                                                                                  SHA-256:9A37FDC0DBA8B23EB7D3AA9473D59A45B3547CF060D68B4D52253EE0DA1AF92E
                                                                                                                  SHA-512:34946EF12CE635F3445ED7B945CF2C272EF7DD9482DA6B1A49C9D09A6C9E111B19B130A3EEBE5AC0CCD394C523B54DD7EB9BF052168979A9E37E7DB174433F64
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIgCaUOUXC20HiKEgUN0VtRUhIFDVd69_0hvTBxPniJzHM=?alt=proto
                                                                                                                  Preview:ChIKBw3RW1FSGgAKBw1Xevf9GgA=

                                                                                                                  Chrome Cache Entry: 174

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:SVG Scalable Vector Graphics image
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):1592
                                                                                                                  Entropy (8bit):4.205005284721148
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:4E48046CE74F4B89D45037C90576BFAC
                                                                                                                  SHA1:4A41B3B51ED787F7B33294202DA72220C7CD2C32
                                                                                                                  SHA-256:8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
                                                                                                                  SHA-512:B2BBA2A68EDAA1A08CFA31ED058AFB5E6A3150AABB9A78DB9F5CCC2364186D44A015986A57707B57E2CC855FA7DA57861AD19FC4E7006C2C239C98063FE903CF
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
                                                                                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><defs><style>.a{fill:none;}.b{fill:#404040;}</style></defs><rect class="a" width="48" height="48"/><path class="b" d="M40,32.578V40H32V36H28V32H24V28.766A10.689,10.689,0,0,1,19,30a10.9,10.9,0,0,1-5.547-1.5,11.106,11.106,0,0,1-2.219-1.719A11.373,11.373,0,0,1,9.5,24.547a10.4,10.4,0,0,1-1.109-2.625A11.616,11.616,0,0,1,8,19a10.9,10.9,0,0,1,1.5-5.547,11.106,11.106,0,0,1,1.719-2.219A11.373,11.373,0,0,1,13.453,9.5a10.4,10.4,0,0,1,2.625-1.109A11.616,11.616,0,0,1,19,8a10.9,10.9,0,0,1,5.547,1.5,11.106,11.106,0,0,1,2.219,1.719A11.373,11.373,0,0,1,28.5,13.453a10.4,10.4,0,0,1,1.109,2.625A11.616,11.616,0,0,1,30,19a10.015,10.015,0,0,1-.125,1.578,10.879,10.879,0,0,1-.359,1.531Zm-2,.844L27.219,22.641a14.716,14.716,0,0,0,.562-1.782A7.751,7.751,0,0,0,28,19a8.786,8.786,0,0,0-.7-3.5,8.9,8.9,0,0,0-1.938-2.859A9.269,9.269,0,0,0,22.5,10.719,8.9,8.9,0,0,0,19,10a8.786,8.786,0,0,0-3.5.7,8.9,8.9,0,0,0-2.859,1.938A9.269,9.269,0,0,0,

                                                                                                                  Chrome Cache Entry: 175

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:SVG Scalable Vector Graphics image
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):1864
                                                                                                                  Entropy (8bit):5.222032823730197
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:BC3D32A696895F78C19DF6C717586A5D
                                                                                                                  SHA1:9191CB156A30A3ED79C44C0A16C95159E8FF689D
                                                                                                                  SHA-256:0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
                                                                                                                  SHA-512:8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
                                                                                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6z" fill="url(#A)"/><path d="M394.2 1815.6c746.58 0 1351.8-493.2 1351.8-1101.6S1140.78-387.6 394.2-387.6-957.6 105.603-957.6 714-352.38 1815.6 394.2 1815.6z" fill="url(#B)"/><path d="M1548.6 1885.2c631.92 0 1144.2-417.45 1144.2-932.4S2180.52 20.4 1548.6 20.4 404.4 437.85 404.4 952.8s512.276 932.4 1144.2 932.4z" fill="url(#C)"/><path d="M265.8 1215.6c690.246 0 1249.8-455.595 1249.8-1017.6S956.046-819.6 265.8-819.6-984-364.005-984 198-424.445 1215.6 265.8 1215.6z" fill="url(#D)"/></g><defs><radialGradient id="A" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(1466.4 393.6) rotate(90) scale(1401.6 1720.8)"><stop stop-color="#107c10"/><stop offset="1" stop-color="#c4c4c4" stop-opacity="0"/></radialGradient><r

                                                                                                                  Chrome Cache Entry: 177

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:JSON data
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):512
                                                                                                                  Entropy (8bit):4.863693539956533
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:743ACE061B62B0041A5FB7478F511481
                                                                                                                  SHA1:79ACDD6AA912A3CBDCF1F758E1FDD8A799DB6331
                                                                                                                  SHA-256:DFD827901B4EA6AF8A88DBC1B7A04AEE2BCC3C60BECB7BA85EC0543A46A0C872
                                                                                                                  SHA-512:9BBD4D2DC14CEF1781964F35C57BAEB0E551C2E2E02E5934DB4EC2D377DA3A843E67888B3CBAE2A0D9AEB4B67FBF08F027B8C247749C3C90282D779151574DE3
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://forms.office.com/pwa/en-us/app.webmanifest
                                                                                                                  Preview:{"lang":"en-us","name":"Microsoft Forms","short_name":"Forms","icons":[{"src":"https://forms.office.com/cdn/images/pwa/forms-pwa-logo-192.png","sizes":"192x192","type":"image/png"},{"src":"https://forms.office.com/cdn/images/pwa/forms-pwa-logo-256.png","sizes":"256x256","type":"image/png"},{"src":"https://forms.office.com/cdn/images/pwa/forms-pwa-logo-512.png","sizes":"512x512","type":"image/png"}],"scope":"/","start_url":"/?pwa=1","display":"minimal-ui","theme_color":"#03787c","background_color":"#ffffff"}

                                                                                                                  Chrome Cache Entry: 178

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:SVG Scalable Vector Graphics image
                                                                                                                  Category:downloaded
                                                                                                                  Size (bytes):3651
                                                                                                                  Entropy (8bit):4.094801914706141
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:EE5C8D9FB6248C938FD0DC19370E90BD
                                                                                                                  SHA1:D01A22720918B781338B5BBF9202B241A5F99EE4
                                                                                                                  SHA-256:04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
                                                                                                                  SHA-512:C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  URL:https://btqmmgqw.techowerouthwestep.nl/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
                                                                                                                  Preview:<svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.

                                                                                                                  Chrome Cache Entry: 180

                                                                                                                  Download File
                                                                                                                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  File Type:PNG image data, 600 x 164, 8-bit/color RGBA, non-interlaced
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):38396
                                                                                                                  Entropy (8bit):7.982593991877128
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:
                                                                                                                  MD5:17C02D6B6F52F8BB07D1CD489C7A07A7
                                                                                                                  SHA1:545EADF9450FCAB052588ADC74C58D66F9C5A854
                                                                                                                  SHA-256:5EC271870E7939205FC11DDFAD9B8846230A9498DB97529028188DB7798AA1A5
                                                                                                                  SHA-512:2A8150932B75A4F9A5E6BCD6F9F90BEC67053D0F3A54E3134A2E0CC6136D7F544DFCEA138E3210D680AE992F45C906BFAF8F80864B4AA0607C295A4F763C4DC7
                                                                                                                  Malicious:false
                                                                                                                  Reputation:unknown
                                                                                                                  Preview:.PNG........IHDR...X.........K.P.....sRGB.........sBIT....|.d... .IDATx..y..Wu..[k....A.-.K.ell.,..lccss.f..\.K.<.!.$y....@..|...]..L.&..9..6.......< O.,..|....Z....>:G...~>-UW..].........x<.....x<.....x<.....x<.....x<.....x<.....x<.....x<.....x<.....x<.....x<.....x...#......+.0...ZhK<ivr<`......o...X.0%......r.......x<.#..b...r.z. ....z..`......D.HI..P.@.D.`l..m.y%.y......w.;.'.....-....x<...kdd.lZ...J..p..{.2_..3MP..b.a,... ......B!..q....1...'..c...y..k........x<.....[#.FG..._.~>1.l....;((..[.S"..e.2."(qCT.J.u.....2.0...pqMT.. |..A.._8.d..-....x~;y...0T>.[J..........>.{.lN!....2.......sc..DPND....D.P"...%$.+(B.......M../~u.cXM.p_.....x<..W...C..{6.y.|.Z|.].{".<s.8#p 6Pc..%.."....ND..!.....+HM......N.M$.6.......PY0...0^.....x<..W..R(}9.XDlO.P....=OW.W>2...=....2.d,..W..JDU".4#...q....de..../....1.d...k..Z.._N..x...x<...W..R(.....S.. ......y..v....<v.:.[...j.,...YY...Y.=.+....8.c9.v).P(.P../..&..VT....N..Q......:yU...k.....0/&...>...2%........

                                                                                                                  Static File Info

                                                                                                                  No static file info