Joe Sandbox Cloud Basic Analysis Report
Create Interactive Tour

Windows Analysis Report
https://scanner.topsec.com/?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=179241079d016688075724fcdc7f1607ffd17a7f

Overview

General Information

Sample URL:https://scanner.topsec.com/?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=1792
Analysis ID:1278215
Infos:

Detection

Score:0
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

No high impact signatures.

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5572 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank MD5: 0FEC2748F363150DC54C1CAFFB1A9408)
    • chrome.exe (PID: 6132 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1824 --field-trial-handle=1716,i,15612289687564200168,11251115336804718916,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8 MD5: 0FEC2748F363150DC54C1CAFFB1A9408)
  • chrome.exe (PID: 5792 cmdline: C:\Program Files\Google\Chrome\Application\chrome.exe" "https://scanner.topsec.com/?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=179241079d016688075724fcdc7f1607ffd17a7f MD5: 0FEC2748F363150DC54C1CAFFB1A9408)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

  • Compliance
  • Networking
  • System Summary

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\GoogleUpdaterJump to behavior
Source: global trafficHTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-104.0.5112.81Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=179241079d016688075724fcdc7f1607ffd17a7f HTTP/1.1Host: scanner.topsec.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /images/topsec_logo.png HTTP/1.1Host: scanner.topsec.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://scanner.topsec.com/?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=179241079d016688075724fcdc7f1607ffd17a7fAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /favico.png HTTP/1.1Host: scanner.topsec.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://scanner.topsec.com/?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=179241079d016688075724fcdc7f1607ffd17a7fAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /images/topsec_logo.png HTTP/1.1Host: scanner.topsec.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /favico.png HTTP/1.1Host: scanner.topsec.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /scripts/c/ms.jsll-3.min.js HTTP/1.1Host: js.monitor.azure.comConnection: keep-alivesec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://forms.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: unknownDNS traffic detected: queries for: accounts.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49697
Source: unknownNetwork traffic detected: HTTP traffic on port 49695 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49696
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49695
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 49694 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49694
Source: unknownNetwork traffic detected: HTTP traffic on port 49696 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49697 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49692
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49691
Source: unknownNetwork traffic detected: HTTP traffic on port 49692 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49691 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: chromecache_197.1.drString found in binary or memory: https://aka.ms/FormsConsumerElite.
Source: chromecache_192.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.1ds.37175a1.js.
Source: chromecache_167.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_cover.5a171
Source: chromecache_169.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_ext.9181c80
Source: chromecache_184.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_phishing.b0
Source: chromecache_171.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_poll.8abda8
Source: chromecache_186.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_post.boot.c
Source: chromecache_194.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_saverespons
Source: chromecache_172.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_trial.c5a8c
Source: chromecache_181.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_ty2svg.f131
Source: chromecache_170.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.officebrowserfe
Source: chromecache_189.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.sw.cc78b7e.js.m
Source: chromecache_195.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.try_dv.d33b8a6.
Source: chromecache_199.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.utel.284a47f.js
Source: chromecache_182.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.min.9a2e743.js.map/24
Source: chromecache_176.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/sw.js.map/fb0d159369b5109fd92828bb3f699d3
Source: chromecache_177.1.drString found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/telemetry-worker.js.map/5fd62701828570288
Source: unknownHTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: classification engineClassification label: clean0.win@26/39@10/7
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\GoogleUpdaterJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1824 --field-trial-handle=1716,i,15612289687564200168,11251115336804718916,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "https://scanner.topsec.com/?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=179241079d016688075724fcdc7f1607ffd17a7f
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1824 --field-trial-handle=1716,i,15612289687564200168,11251115336804718916,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\GoogleUpdaterJump to behavior

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath Interception1
Process Injection		2
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network Medium1
Encrypted Channel		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth3
Non-Application Layer Protocol		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration4
Application Layer Protocol		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled Transfer1
Ingress Tool Transfer		SIM Card SwapCarrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 1278215 URL: https://scanner.topsec.com/... Startdate: 24/07/2023 Architecture: WINDOWS Score: 0 5 chrome.exe 1 2->5         started        8 chrome.exe 2->8         started        dnsIp3 13 192.168.2.1 unknown unknown 5->13 15 239.255.255.250 unknown Reserved 5->15 10 chrome.exe 5->10         started        process4 dnsIp5 17 part-0032.t-0009.t-msedge.net 13.107.246.60, 443, 49714, 49728 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 10->17 19 accounts.google.com 172.217.168.13, 443, 49691 GOOGLEUS United States 10->19 21 11 other IPs or domains 10->21

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://scanner.topsec.com/?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=179241079d016688075724fcdc7f1607ffd17a7f0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://scanner.topsec.com/favico.png0%Avira URL Cloudsafe
https://scanner.topsec.com/images/topsec_logo.png0%Avira URL Cloudsafe

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
scanner.topsec.com
35.210.200.138
truefalse
    		unknown
    accounts.google.com
    		172.217.168.13
    		truefalse
      		high
      part-0032.t-0009.t-msedge.net
      		13.107.246.60
      		truefalse
        		unknown
        www.google.com
        		172.217.168.4
        		truefalse
          		high
          clients.l.google.com
          		172.217.168.46
          		truefalse
            		high
            js.monitor.azure.com
            		unknown
            		unknownfalse
              		high
              clients2.google.com
              		unknown
              		unknownfalse
                		high
                cdn.forms.office.net
                		unknown
                		unknownfalse
                  		high
                  lists.office.com
                  		unknown
                  		unknownfalse
                    		high

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://scanner.topsec.com/images/topsec_logo.pngfalse
                    • Avira URL Cloud: safe
                    		unknown
                    https://scanner.topsec.com/favico.pngfalse
                    • Avira URL Cloud: safe
                    		unknown
                    https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.jsfalse
                      		high
                      https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standardfalse
                        		high
                        https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1false
                          		high
                          NameSourceMaliciousAntivirus DetectionReputation
                          https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.officebrowserfechromecache_170.1.drfalse
                            		high
                            https://aka.ms/FormsConsumerElite.chromecache_197.1.drfalse
                              		high
                              https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.utel.284a47f.jschromecache_199.1.drfalse
                                		high
                                https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/sw.js.map/fb0d159369b5109fd92828bb3f699d3chromecache_176.1.drfalse
                                  		high
                                  https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_phishing.b0chromecache_184.1.drfalse
                                    		high
                                    https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/telemetry-worker.js.map/5fd62701828570288chromecache_177.1.drfalse
                                      		high
                                      https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_ty2svg.f131chromecache_181.1.drfalse
                                        		high
                                        https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.1ds.37175a1.js.chromecache_192.1.drfalse
                                          		high
                                          https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.try_dv.d33b8a6.chromecache_195.1.drfalse
                                            		high
                                            https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_cover.5a171chromecache_167.1.drfalse
                                              		high
                                              https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_saveresponschromecache_194.1.drfalse
                                                		high
                                                https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_post.boot.cchromecache_186.1.drfalse
                                                  		high
                                                  https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_trial.c5a8cchromecache_172.1.drfalse
                                                    		high
                                                    https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_poll.8abda8chromecache_171.1.drfalse
                                                      		high
                                                      https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.lrp_ext.9181c80chromecache_169.1.drfalse
                                                        		high
                                                        https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.chunk.sw.cc78b7e.js.mchromecache_189.1.drfalse
                                                          		high
                                                          https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/light-response-page.min.9a2e743.js.map/24chromecache_182.1.drfalse
                                                            		high

                                                            World Map of Contacted IPs

                                                            • No. of IPs < 25%
                                                            • 25% < No. of IPs < 50%
                                                            • 50% < No. of IPs < 75%
                                                            • 75% < No. of IPs

                                                            Public IPs

                                                            IPDomainCountryFlagASNASN NameMalicious
                                                            35.210.200.138
                                                            		scanner.topsec.comUnited States
                                                            		19527GOOGLE-2USfalse
                                                            13.107.246.60
                                                            		part-0032.t-0009.t-msedge.netUnited States
                                                            		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                            172.217.168.13
                                                            		accounts.google.comUnited States
                                                            		15169GOOGLEUSfalse
                                                            172.217.168.46
                                                            		clients.l.google.comUnited States
                                                            		15169GOOGLEUSfalse
                                                            239.255.255.250
                                                            		unknownReserved
                                                            		unknownunknownfalse
                                                            172.217.168.4
                                                            		www.google.comUnited States
                                                            		15169GOOGLEUSfalse

                                                            Private

                                                            IP
                                                            192.168.2.1

                                                            General Information

                                                            Joe Sandbox Version:38.0.0 Beryl
                                                            Analysis ID:1278215
                                                            Start date and time:2023-07-24 12:02:50 +02:00
                                                            Joe Sandbox Product:CloudBasic
                                                            Overall analysis duration:0h 5m 4s
                                                            Hypervisor based Inspection enabled:false
                                                            Report type:full
                                                            Cookbook file name:browseurl.jbs
                                                            Sample URL:https://scanner.topsec.com/?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=179241079d016688075724fcdc7f1607ffd17a7f
                                                            Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                            Number of analysed new started processes analysed:5
                                                            Number of new started drivers analysed:0
                                                            Number of existing processes analysed:0
                                                            Number of existing drivers analysed:0
                                                            Number of injected processes analysed:0
                                                            Technologies:
                                                            • HCA enabled
                                                            • EGA enabled
                                                            • HDC enabled
                                                            • AMSI enabled
                                                            Analysis Mode:default
                                                            Analysis stop reason:Timeout
                                                            Detection:CLEAN
                                                            Classification:clean0.win@26/39@10/7
                                                            EGA Information:Failed
                                                            HDC Information:Failed
                                                            HCA Information:
                                                            • Successful, ratio: 100%
                                                            • Number of executed functions: 0
                                                            • Number of non-executed functions: 0
                                                            Cookbook Comments:
                                                            • Browse: https://forms.microsoft.com/pages/responsepage.aspx?id=uiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u
                                                            • Exclude process from analysis (whitelisted): audiodg.exe, WMIADAP.exe
                                                            • Excluded IPs from analysis (whitelisted): 172.217.168.35, 34.104.35.123, 13.107.6.194, 23.0.174.11, 23.10.249.144, 172.217.168.74, 216.58.215.234, 172.217.168.10, 172.217.168.42, 68.219.88.97, 52.109.68.84, 204.79.197.200, 13.107.21.200, 51.116.246.105, 20.189.173.14
                                                            • Excluded domains from analysis (whitelisted): aijscdn2.afd.azureedge.net, onedscolprdgwc03.germanywestcentral.cloudapp.azure.com, c-msn-com-nsatc.trafficmanager.net, c-bing-com.a-0001.a-msedge.net, cdn.forms.office.net.edgesuite.net, clientservices.googleapis.com, browser.events.data.trafficmanager.net, forms.microsoft.com, star-azurefd-prod.trafficmanager.net, prod.lists.office.com.akadns.net, update.googleapis.com, csp.microsoft.com, b-0039.b-msedge.net, content-autofill.googleapis.com, onedscolprdwus13.westus.cloudapp.azure.com, dual-a-0001.a-msedge.net, ctldl.windowsupdate.com, firstparty-azurefd-prod.trafficmanager.net, eu.events.data.trafficmanager.net, a1894.dscms.akamai.net, aijscdn2.azureedge.net, browser.events.data.microsoft.com, edgedl.me.gvt1.com, c.bing.com, c1.microsoft.com, forms.office.com.b-0039.b-msedge.net, eu-mobile.events.data.microsoft.com
                                                            • Not all processes where analyzed, report is missing behavior information

                                                            Simulations

                                                            Behavior and APIs

                                                            No simulations

                                                            Joe Sandbox View / Context

                                                            IPs

                                                            No context

                                                            Domains

                                                            No context

                                                            ASNs

                                                            No context

                                                            JA3 Fingerprints

                                                            No context

                                                            Dropped Files

                                                            No context

                                                            Created / dropped Files

                                                            Chrome Cache Entry: 165

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 296 x 98, 8-bit/color RGB, non-interlaced
                                                            Category:dropped
                                                            Size (bytes):15571
                                                            Entropy (8bit):7.971642633112179
                                                            Encrypted:false
                                                            SSDEEP:384:jXE05rO+g53afcsgWMzTJbA/I94fwHXnuAJWakk3:j35Sb5cgvTofwHXuAJF
                                                            MD5:9CC3FD2200C48A9D32DBFB93E78344FF
                                                            SHA1:4F651116F804440DBFECA369A041C4B5CFCEF9BD
                                                            SHA-256:246124BFDFBC23DAC56A19AC8A486D4742F6DA9FC08C8C73E0CEF624ABC23E8F
                                                            SHA-512:E2EDCAEF9993651A93E2E683105EACCDFE08275D17F1C43D2E237790A2D467C7B81213E744A659CCE69F499515F0C911A61B47876EFD75C6B02119D1DE4BBC55
                                                            Malicious:false
                                                            Reputation:low
                                                            Preview:.PNG........IHDR...(...b.....l......OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&*!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+...*..x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X*..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D..*.A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9., +.....3...!.[..b@q

                                                            Chrome Cache Entry: 166

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:downloaded
                                                            Size (bytes):22457
                                                            Entropy (8bit):5.204951637833873
                                                            Encrypted:false
                                                            SSDEEP:384:8nS64tjJ6yrA9EJn/h+K7lv1UIH4NriqYFASVygVQHeQXdW3W0y+su9y:8/KjQyr4EJh973UviRFAjgKHesdMi5
                                                            MD5:BF72F4717C22504D4711F7C8E2CD545C
                                                            SHA1:067670A2B4B4AF2092CDA2816E5CE9140792C361
                                                            SHA-256:DFC11749ADBF2E92CB1DD4DB5F56CC6AE6D18F9E9180FC96076C5482C98E7362
                                                            SHA-512:9F4EDCA442D46695A8667C418A1A3B3412AAE573DE41DE2B1582BF75EF213DC7FD3291459B57C422B70D703FC2A1C5892D072F6FFA980565CEB2F4B2D4F2FFD5
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://forms.microsoft.com/formapi/api/e0fb20ba-0e7e-4407-8bcc-a18a6601fe5f/users/49eee182-265d-4c45-b02d-e1199063b33b/light/runtimeFormsWithResponses('uiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u')?$expand=questions($expand=choices)&$top=1
                                                            Preview:{"responses":null,"form":{"description":"We are asking all Clerical and Executive Officers (Grades 3 - 7) to.complete this short survey which is being rolled out across multiple.locations..The purpose of this questionnaire is to identify the challenges that.Clerical and Executive Officers are currently facing in their.workplaces..It is vitally important that we as Clerical and Executive Officers.identify and understand our shared challenges so that we can work together in addressing same. This survey is being undertaken under the F.rsa Equivalent Grades Committees..\n","onlineSafetyLevel":0,"reputationTier":1,"background":{"altText":null,"contentType":null,"fileIdentifier":null,"originalFileName":null,"resourceId":null,"resourceUrl":null,"height":null,"width":null,"size":null},"header":{"altText":null,"contentType":null,"fileIdentifier":null,"originalFileName":null,"resourceId":null,"resourceUrl":null,"height":null,"width":null,"size":null},"logo":{"altText":"","contentType":"

                                                            Chrome Cache Entry: 167

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (65536), with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):67457
                                                            Entropy (8bit):5.508253339898177
                                                            Encrypted:false
                                                            SSDEEP:1536:gwrqwsWu2vK15kv1GoJSw3GiPSVhO+ZveYeFP:zuBoCiqVPvMP
                                                            MD5:C1509CFD5E60997B03B3A31A1763A7C4
                                                            SHA1:5C5621AFF42D787F1E5E4E1EA33F70D0F6941FD4
                                                            SHA-256:BA7B6382D9D35BF95AC6214E92E99F6B37D9C52A33095DDAB3B5B4BBBAC3429B
                                                            SHA-512:472415709BFD154C6CADB4ADBB086D789F00C69C4DE0C2E45DCDDAFD6F72434643E0365501F193FC84158860B44714771D2D8E86D2CE93C19BF1C15CFE1FF693
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.5a1710b.js
                                                            Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[376],{86219:function(e,t,n){n.d(t,{l:function(){return i}});var o=n(35852);function i(e){for(var t=[],n=1;n<arguments.length;n++)t[n-1]=arguments[n];for(var i=[],r=0,_=t;r<_.length;r++){var a=_[r];a&&i.push("function"==typeof a?a(e):a)}return 1===i.length?i[0]:i.length?o.m.apply(void 0,i):{}}},82699:function(e,t,n){n.d(t,{j:function(){return _}});var o=n(65690),i=n(36178),r=n(49295);function _(e){var t=i.Y.getInstance(),n=(0,r.dH)((0,o.Eo)(),e);if(!t.classNameFromKey(n)){var _=t.getClassName();t.insertRule("@font-face{"+n+"}",!0),t.cacheClassName(_,n,[],["font-face",n])}}},41633:function(e,t,n){n.d(t,{x:function(){return r}});var o={},i=void 0;try{i=window}catch(e){}function r(e,t){if(void 0!==i){var n=i.__packages__=i.__packages__||{};if(!n[e]||!o[e])o[e]=t,(n[e]=n[e]||[]).push(t)}}r("@fluentui/set-version","6.0.0")},94630:function(e,t,n){n.r(t),n.d(t,{AnimationClassNames:function(){return Y},AnimationStyles:function(){retu

                                                            Chrome Cache Entry: 168

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                                                            Category:downloaded
                                                            Size (bytes):7886
                                                            Entropy (8bit):3.973130033666625
                                                            Encrypted:false
                                                            SSDEEP:48:gzeweweQeQeQe2eWe+RjvChvL42Kcb/M96GgEfY86d:pNNttt3X8upiJvQFd
                                                            MD5:9425D8E9313A692BB3F022E8055FAB82
                                                            SHA1:EDDCF3EA767D4C3042D01AC88594D7E795D8615C
                                                            SHA-256:F2A1ABCF12EBD0F329E5B66B811B0BD76C8E954CB283CE3B61E72FBF459EF6F1
                                                            SHA-512:93B3EB3C4CE385D80D4A8F6902355BBD156AC1AA20B8869AF05C8E714E90E74C5630BB8DE34D5B8FC9F876AC44BE314F3A2A08B3163295ADADBC6DD7B8D23561
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/images/favicon.ico
                                                            Preview:...... .... .....6......... ............... .h...f...(... ...@..... .........................................................................................................................................................................................................................................................................................................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................ZV..ZV..ZV..ZV..ZV..ZV..ZV..ZV..^Z..pl..pl..pl..pl..................................|x..pl..pl..................................QN..QN..QN..QN..QN..QN..QN..QN..QN..c`..pl..pl..pl..................................|x..pl..pl............

                                                            Chrome Cache Entry: 169

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Unicode text, UTF-8 text, with very long lines (64406), with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):324571
                                                            Entropy (8bit):5.62413976396319
                                                            Encrypted:false
                                                            SSDEEP:6144:FTCJFYNLOXaxKQ1sfRAL+/9AVmSBP4t4Oxf7F0/UA8:1GFYNLOV9AdMpf
                                                            MD5:EEAC03EB9E526938B1E7471718A6B128
                                                            SHA1:ADE9303DAB8C2E0DDF4256D71632551DAEC36E57
                                                            SHA-256:EE9D35738BCFC2F822C4FB8EACC1F7AB6E1E6E3A91B3A56F4980446B3F08E62F
                                                            SHA-512:D7D821890FDFEF9C1B97506D11EF6A7F1750844BD3F0DC787558F5ACED46DAA7B58295505659604C156B8B4D8FD52DF6D3984670F19E4C63F9C2BB757024F2E9
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.9181c80.js
                                                            Preview:(self.webpackChunk=self.webpackChunk||[]).push([[920],{86219:function(n,t,e){"use strict";e.d(t,{l:function(){return i}});var r=e(35852);function i(n){for(var t=[],e=1;e<arguments.length;e++)t[e-1]=arguments[e];for(var i=[],o=0,a=t;o<a.length;o++){var u=a[o];u&&i.push("function"==typeof u?u(n):u)}return 1===i.length?i[0]:i.length?r.m.apply(void 0,i):{}}},82699:function(n,t,e){"use strict";e.d(t,{j:function(){return a}});var r=e(65690),i=e(36178),o=e(49295);function a(n){var t=i.Y.getInstance(),e=(0,o.dH)((0,r.Eo)(),n);if(!t.classNameFromKey(e)){var a=t.getClassName();t.insertRule("@font-face{"+e+"}",!0),t.cacheClassName(a,e,[],["font-face",e])}}},41633:function(n,t,e){"use strict";e.d(t,{x:function(){return o}});var r={},i=void 0;try{i=window}catch(n){}function o(n,t){if(void 0!==i){var e=i.__packages__=i.__packages__||{};if(!e[n]||!r[n])r[n]=t,(e[n]=e[n]||[]).push(t)}}o("@fluentui/set-version","6.0.0")},94630:function(n,t,e){"use strict";e.r(t),e.d(t,{AnimationClassNames:function(){re

                                                            Chrome Cache Entry: 170

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (65381)
                                                            Category:downloaded
                                                            Size (bytes):955425
                                                            Entropy (8bit):5.575532303422978
                                                            Encrypted:false
                                                            SSDEEP:6144:2pZ4mWkOhJm3wIRTblLK4ReL1Dkxmpsw0uOhJm3wIaCHhLQ4vQLXEpJBE:sDgIRnwkxcgIa6RpJBE
                                                            MD5:2CB9AABADAB7CC0442D1549C0B909800
                                                            SHA1:210C1BC340B4DFFE47C264F57743C874404E5B0C
                                                            SHA-256:D47B0B6B6E1DAB93F28C3C1A2757CEE6AB3FAD9ABBC4FE5C138ECE6D533F1280
                                                            SHA-512:19AFF840B9F37DE1D8C14EA4031429405B21A2F1FB0166359E59E0F4B438B0CC0DDED04A16E89724CB382FCF0CF67BD23E2874D781CD09AE0A5A8229CB5099B3
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.officebrowserfeedback.39bdf71.js
                                                            Preview:(self.webpackChunk=self.webpackChunk||[]).push([[18],{55074:function(){./*! For license information please see officebrowserfeedback.min.js.LICENSE.txt */.!function(A){var t={};function n(r){if(t[r])return t[r].exports;var e=t[r]={i:r,l:!1,exports:{}};return A[r].call(e.exports,e,e.exports,n),e.l=!0,e.exports}n.m=A,n.c=t,n.d=function(A,t,r){n.o(A,t)||Object.defineProperty(A,t,{enumerable:!0,get:r})},n.r=function(A){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(A,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(A,"__esModule",{value:!0})},n.t=function(A,t){if(1&t&&(A=n(A)),8&t)return A;if(4&t&&"object"==typeof A&&A&&A.__esModule)return A;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:A}),2&t&&"string"!=typeof A)for(var e in A)n.d(r,e,function(t){return A[t]}.bind(null,e));return r},n.n=function(A){var t=A&&A.__esModule?function(){return A.default}:function(){return A};return n.d(t,"a",t),t},n.o=function(A,t){r

                                                            Chrome Cache Entry: 171

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (10165)
                                                            Category:downloaded
                                                            Size (bytes):10411
                                                            Entropy (8bit):5.432208280425478
                                                            Encrypted:false
                                                            SSDEEP:192:v1JqGmXt5H1zXqDQSu9i/fAeuKyZCipXhOws/5QNV:v1JWt5H1zKQr9reuqipxOHyNV
                                                            MD5:AC6F5EE185FFE10998118AF4CDD4044D
                                                            SHA1:421E26803DFCC26A458453E2A068D24003A5686F
                                                            SHA-256:A52867EFE1C87963482C826366A1395D072005778CC46A30FE3BDC422B99DB19
                                                            SHA-512:FCA82EEDA608ED653AB25FA23FFBFB4870E2FD06DBB74169706C8B7833C3CE50774AC4422F7830876A20055E44A709EE48BC817F28EDFE9EB1CAC13A8E85CF30
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_poll.8abda83.js
                                                            Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[721],{74081:function(n,t,e){e.r(t),e.d(t,{enterEmailAction:function(){return m},pollAggregateResultFetchDoneAction:function(){return h},pollResultFetchDoneAction:function(){return g},pureShowThankYouPageAction:function(){return d},pureViewPollResultAction:function(){return $},showThankYouPageAction:function(){return P},viewPollResultAction:function(){return w},viewPollResultBackAction:function(){return p},viewResultAsync:function(){return y},viewResultBack:function(){return k},voteAction:function(){return _},voteAsync:function(){return b},voteRecordAction:function(){return v}});var r=e(59312),u=e(9345),i=e(76515),o=e(4844),a=e(11324),s=e(98251),c=e(37265),l=e(50463),f=e(59197);var _=(0,u.createAction)(c.Vl)(),$=(0,u.createAction)(c.aH)(),d=(0,u.createAction)(c.Zt)(),v=(0,u.createAction)(c.Qw)(),p=(0,u.createAction)(c.yG)(),m=(0,u.createAction)(c.VP)(),g=(0,u.createAction)(c.Y)(),h=(0,u.createAction)(c.mD)(),R=(0,u.createActi

                                                            Chrome Cache Entry: 172

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (58150)
                                                            Category:downloaded
                                                            Size (bytes):58398
                                                            Entropy (8bit):5.48572647989969
                                                            Encrypted:false
                                                            SSDEEP:1536:iFmrXkE4RQPVdjHfBRRR5/stOXXNIT7V+hurXXNIM4yiOw:9/LRBIT7VbNC
                                                            MD5:C91164C76E05CD5171052F7C30CDE5CC
                                                            SHA1:716A7321F65CBE5BA6AF1D0E99BA21CD8D214C50
                                                            SHA-256:DF1B5C61FBE0BF200C557350D494832C992FDCE9CAC905CD91C845BA1DB993B8
                                                            SHA-512:2B70BF914FEEEDB0A7D8351D83716403A064034B0F324A518856E60BACA76EA049C4DBAAAF785EC3B03726D2029C1EDAB14B43040519124C066EFD9F03CE8489
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_trial.c5a8cdc.js
                                                            Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[320],{63465:function(t,n,e){function r(t){return t?(t.nodeName||"").toLowerCase():null}e.d(n,{Z:function(){return r}})},62475:function(t,n,e){function r(t){if(null==t)return window;if("[object Window]"!==t.toString()){var n=t.ownerDocument;return n&&n.defaultView||window}return t}e.d(n,{Z:function(){return r}})},53817:function(t,n,e){e.d(n,{Re:function(){return i},Zq:function(){return a},kK:function(){return o}});var r=e(62475);function o(t){return t instanceof(0,r.Z)(t).Element||t instanceof Element}function i(t){return t instanceof(0,r.Z)(t).HTMLElement||t instanceof HTMLElement}function a(t){return"undefined"!=typeof ShadowRoot&&(t instanceof(0,r.Z)(t).ShadowRoot||t instanceof ShadowRoot)}},46087:function(t,n,e){var r=e(63465),o=e(53817);n.Z={name:"applyStyles",enabled:!0,phase:"write",fn:function(t){var n=t.state;Object.keys(n.elements).forEach((function(t){var e=n.styles[t]||{},i=n.attributes[t]||{},a=n.elements[t];(0,o

                                                            Chrome Cache Entry: 173

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:dropped
                                                            Size (bytes):72
                                                            Entropy (8bit):4.241202481433726
                                                            Encrypted:false
                                                            SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                                            MD5:9E576E34B18E986347909C29AE6A82C6
                                                            SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                            SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                            SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                            Malicious:false
                                                            Reputation:low
                                                            Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                            Chrome Cache Entry: 174

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 296 x 98, 8-bit/color RGB, non-interlaced
                                                            Category:downloaded
                                                            Size (bytes):15571
                                                            Entropy (8bit):7.971642633112179
                                                            Encrypted:false
                                                            SSDEEP:384:jXE05rO+g53afcsgWMzTJbA/I94fwHXnuAJWakk3:j35Sb5cgvTofwHXuAJF
                                                            MD5:9CC3FD2200C48A9D32DBFB93E78344FF
                                                            SHA1:4F651116F804440DBFECA369A041C4B5CFCEF9BD
                                                            SHA-256:246124BFDFBC23DAC56A19AC8A486D4742F6DA9FC08C8C73E0CEF624ABC23E8F
                                                            SHA-512:E2EDCAEF9993651A93E2E683105EACCDFE08275D17F1C43D2E237790A2D467C7B81213E744A659CCE69F499515F0C911A61B47876EFD75C6B02119D1DE4BBC55
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://scanner.topsec.com/images/topsec_logo.png
                                                            Preview:.PNG........IHDR...(...b.....l......OiCCPPhotoshop ICC profile..x.SgTS..=...BK...KoR.. RB....&*!..J.!...Q..EE..........Q,......!.........{.k.......>........H3Q5...B..........@..$p....d!s.#...~<<+".....x.....M..0.....B.\.....t.8K....@z.B..@F....&S....`.cb..P-.`'........{..[.!..... .e.D.h;...V.E.X0..fK.9..-.0IWfH.............0Q..)..{.`.##x.....F.W<.+...*..x..<.$9E.[.-q.WW..(.I.+.6a.a.@..y..2.4..............x.....6..._-..."bb....p@...t~..,/...;..m..%..h^..u..f..@.....W.p.~<<E.........J.B[a.W}.g._.W.l.~<.....$.2].G......L.....b..G.......".Ib.X*..Q.q.D...2.".B.).%..d..,..>.5..j>.{.-.]c..K'.Xt......o..(...h...w..?.G.%..fI.q..^D$.T.?....D..*.A....,.........`6.B$..B.B.d..r`)..B(...*`/.@.4.Qh..p...U..=p..a...(....A...a!..b.X#......!.H...$ ..Q"K.5H1R.T UH..=r.9.\F..;..2....G1...Q=...C..7..F...dt1......r..=.6...h..>C.0....3.l0...B.8,..c."......V.....c.w...E..6.wB a.AHXLXN.H. .$4...7...Q.'"..K.&.....b21.XH,#..../.{.C.7$..C2'...I..T...F.nR#.,..4H.#...dk..9., +.....3...!.[..b@q

                                                            Chrome Cache Entry: 175

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 800 x 466, 8-bit/color RGBA, non-interlaced
                                                            Category:downloaded
                                                            Size (bytes):25953
                                                            Entropy (8bit):7.875027035211182
                                                            Encrypted:false
                                                            SSDEEP:384:oosdaD/mYqeR5zl5OAUfOOlJvQ4IQhMUnWI41Ia1LKXmFwvYDQ7vfpyK3zTaraOx:oosa/mAR5HzU2ObNgI4N8OqYsDpygOcW
                                                            MD5:BAFB097B864544377090B8F047358EA8
                                                            SHA1:5369D69F4699A02B28F834B69D9538CF8361420C
                                                            SHA-256:31A447C6FC9BACFBBF9E315EFE0827C22905AFBE0E88C57FA7FACDC8124D2A9E
                                                            SHA-512:DCD74521EB52D91C9F0BC7BD118A9D4352C6A7EF9BEC2DD01CC13A691661F7CE6D6DCD054B9E829BB69E09E44851F00E0DAD77D33463E9284D04FA9FB7097482
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://lists.office.com/Images/e0fb20ba-0e7e-4407-8bcc-a18a6601fe5f/49eee182-265d-4c45-b02d-e1199063b33b/TC1FXMLHLJUA233BMGME0UQQRF/9e9c734b-2646-46f8-8ae1-5d82da8b954f
                                                            Preview:.PNG........IHDR... ............S....sRGB.........gAMA......a.....pHYs..."..."......d.IDATx^....-Uy..\....R...;.D.+(.T...b.T.-.&.!.;b..E..@#`G.jT....DP.."Mz...3/d...{..........>s..Y.k.>w....$I.$I.$I.$I.$I.$I.$I.$I.$I.$I.$I.$I.$I.$I..)......._.....#UI.$I........+iBz...%v..%I.$......k..#..Y+R.$I.T........r.S./I.$.$4.w ....".oz...Q.$I..Rp1.#.......b.(C.$IR.....8..B..2$I.$....5...~sI_....(E.$IR....W\....."6.R$I.$........R}(J.$I..w4 ..g..|...IQ.$I.......q-_$..5..G9.$I......+x..(G.$IR.q...../.5<7.$I..g\....2..D...w..$I.$.....|....6kEI.$I.......K.rQ.?FI.$I.....C.:.X.p).k.$I.$...pO...6..E...Y/.$I..W\...*HxC.$I.$..h@. ....F.W....%I.$...x.ss._6.8..0.$I..G\.....E.e|...(K.$IR_q.~X\...:.#..eI.$I.#......WA.&6..$I.$....U...P...,I.$I}.E.v.q._<jy\.&I.$...h.g\...Z.e.u.&I.$.o.h...../.....I.$I.#..?.\..&.)Q.$I....}g../i...G-..[Ey.$I.....#.....s<.eQ.$I..>.........(O.$IR_p.~7.....|.X#.$I...4.......e...J.$I}.E.V...%{].+}...D.$I...._.\....f.(U.$I.<qq~K...X.Z...y?.I.$./.@

                                                            Chrome Cache Entry: 176

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (41385)
                                                            Category:downloaded
                                                            Size (bytes):41551
                                                            Entropy (8bit):5.324005041677553
                                                            Encrypted:false
                                                            SSDEEP:768:SviBoMfMzV95J8VHrMM9jBxPCLJKUlZQ0atkRQla4WyftkkLfVTascSHI6YEEePK:SvECV94JDxPC1KAQ0ajaDydfFueXF1i
                                                            MD5:3966E9CCA1B72D22635E0EAD60FB5AD4
                                                            SHA1:C42D215CCB5220F1C17C28A73E6951A62DD74D1C
                                                            SHA-256:3756E6CA5FABEF2F39FDB8A1D3C84A9C6BF86C494DACB31016315BA864D893ED
                                                            SHA-512:BD6A144C294AF3959260C481070EA2580C0A53606FFEAC21C24A2CE12152867F2890D3D9162F9BEEDF96EE9A42DE3D633DE48F7CD9AB41C7EF9D43A948C4260F
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://forms.microsoft.com/sw.js?ring=Business
                                                            Preview:!function(){"use strict";var e={487:function(){try{self["workbox:core:6.1.0"]&&_()}catch(e){}},403:function(){try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},295:function(){try{self["workbox:core:6.4.0"]&&_()}catch(e){}},372:function(){try{self["workbox:navigation-preload:6.1.0"]&&_()}catch(e){}},815:function(){try{self["workbox:routing:6.1.0"]&&_()}catch(e){}},445:function(){try{self["workbox:strategies:6.1.0"]&&_()}catch(e){}}},t={};function n(r){var s=t[r];if(void 0!==s)return s.exports;var o=t[r]={exports:{}};return e[r](o,o.exports,n),o.exports}!function(){n(487);n(372);function e(){return Boolean(self.registration&&self.registration.navigationPreload)}const t=(e,...t)=>{let n=e;return t.length>0&&(n+=` :: ${JSON.stringify(t)}`),n};class r extends Error{constructor(e,n){super(t(e,n)),this.name=e,this.details=n}}const s={googleAnalytics:"googleAnalytics",precache:"precache-v2",prefix:"workbox",runtime:"runtime",suffix:"undefined"!=typeof registration?registration.scope:""},o=

                                                            Chrome Cache Entry: 177

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (54310)
                                                            Category:downloaded
                                                            Size (bytes):96082
                                                            Entropy (8bit):5.35091875441063
                                                            Encrypted:false
                                                            SSDEEP:1536:0F3BciG+sus2vIXu9CPdc9rEq/n+bYJ9f5xmFJuY:TiXRIXu9sUN+bYJ9/mPuY
                                                            MD5:C3EDBE14B70DEC763527860143C3D824
                                                            SHA1:E762D818BB0327DAA88E092C0E91A027F4C6D688
                                                            SHA-256:56368693895DA14A049EFA6ECCD4738CBA968116D825AE65F6078FE9AE05ED50
                                                            SHA-512:4FA6B98B7BAA234889014BC684D95F4529A87149E6BD097DC4613D38172A5F9C62CD7584B5ACB0130119221A153DA854931D9FFEF27D3016B8992686E01D7893
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://forms.microsoft.com/cdn/scripts/dists/telemetry-worker.js
                                                            Preview:!function(){"use strict";var n={};n.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(n){if("object"==typeof window)return window}}();var t="function",r="object",e="undefined",i=Object,u=i.prototype,o=i.assign,a=i.create,f=i.defineProperty,c=u.hasOwnProperty,v=null;function l(t){void 0===t&&(t=!0);var r=!1===t?null:v;return r||(typeof globalThis!==e&&(r=globalThis),r||typeof self===e||(r=self),r||typeof window===e||(r=window),r||typeof n.g===e||(r=n.g),v=r),r}function s(n){throw new TypeError(n)}function d(n){if(a)return a(n);if(null==n)return{};var e=typeof n;function i(){}return e!==r&&e!==t&&s("Object prototype may only be an Object:"+n),i.prototype=n,new i}(l()||{}).Symbol,(l()||{}).Reflect;var h,p=function(n,t){return p=i.setPrototypeOf||{__proto__:[]}instanceof Array&&function(n,t){n.__proto__=t}||function(n,t){for(var r in t)t.hasOwnProperty(r)&&(n[r]=t[r])},p(n,t)};function y(n,r){function e(){this.constructor=n}t

                                                            Chrome Cache Entry: 178

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                                                            Category:dropped
                                                            Size (bytes):7886
                                                            Entropy (8bit):3.973130033666625
                                                            Encrypted:false
                                                            SSDEEP:48:gzeweweQeQeQe2eWe+RjvChvL42Kcb/M96GgEfY86d:pNNttt3X8upiJvQFd
                                                            MD5:9425D8E9313A692BB3F022E8055FAB82
                                                            SHA1:EDDCF3EA767D4C3042D01AC88594D7E795D8615C
                                                            SHA-256:F2A1ABCF12EBD0F329E5B66B811B0BD76C8E954CB283CE3B61E72FBF459EF6F1
                                                            SHA-512:93B3EB3C4CE385D80D4A8F6902355BBD156AC1AA20B8869AF05C8E714E90E74C5630BB8DE34D5B8FC9F876AC44BE314F3A2A08B3163295ADADBC6DD7B8D23561
                                                            Malicious:false
                                                            Reputation:low
                                                            Preview:...... .... .....6......... ............... .h...f...(... ...@..... .........................................................................................................................................................................................................................................................................................................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..pl..................................ZV..ZV..ZV..ZV..ZV..ZV..ZV..ZV..^Z..pl..pl..pl..pl..................................|x..pl..pl..................................QN..QN..QN..QN..QN..QN..QN..QN..QN..c`..pl..pl..pl..................................|x..pl..pl............

                                                            Chrome Cache Entry: 179

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:dropped
                                                            Size (bytes):2
                                                            Entropy (8bit):1.0
                                                            Encrypted:false
                                                            SSDEEP:3:H:H
                                                            MD5:D751713988987E9331980363E24189CE
                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                            Malicious:false
                                                            Reputation:low
                                                            Preview:[]

                                                            Chrome Cache Entry: 180

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:dropped
                                                            Size (bytes):22457
                                                            Entropy (8bit):5.204951637833873
                                                            Encrypted:false
                                                            SSDEEP:384:8nS64tjJ6yrA9EJn/h+K7lv1UIH4NriqYFASVygVQHeQXdW3W0y+su9y:8/KjQyr4EJh973UviRFAjgKHesdMi5
                                                            MD5:BF72F4717C22504D4711F7C8E2CD545C
                                                            SHA1:067670A2B4B4AF2092CDA2816E5CE9140792C361
                                                            SHA-256:DFC11749ADBF2E92CB1DD4DB5F56CC6AE6D18F9E9180FC96076C5482C98E7362
                                                            SHA-512:9F4EDCA442D46695A8667C418A1A3B3412AAE573DE41DE2B1582BF75EF213DC7FD3291459B57C422B70D703FC2A1C5892D072F6FFA980565CEB2F4B2D4F2FFD5
                                                            Malicious:false
                                                            Reputation:low
                                                            Preview:{"responses":null,"form":{"description":"We are asking all Clerical and Executive Officers (Grades 3 - 7) to.complete this short survey which is being rolled out across multiple.locations..The purpose of this questionnaire is to identify the challenges that.Clerical and Executive Officers are currently facing in their.workplaces..It is vitally important that we as Clerical and Executive Officers.identify and understand our shared challenges so that we can work together in addressing same. This survey is being undertaken under the F.rsa Equivalent Grades Committees..\n","onlineSafetyLevel":0,"reputationTier":1,"background":{"altText":null,"contentType":null,"fileIdentifier":null,"originalFileName":null,"resourceId":null,"resourceUrl":null,"height":null,"width":null,"size":null},"header":{"altText":null,"contentType":null,"fileIdentifier":null,"originalFileName":null,"resourceId":null,"resourceUrl":null,"height":null,"width":null,"size":null},"logo":{"altText":"","contentType":"

                                                            Chrome Cache Entry: 181

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (55055)
                                                            Category:downloaded
                                                            Size (bytes):55305
                                                            Entropy (8bit):5.242350772045059
                                                            Encrypted:false
                                                            SSDEEP:1536:Ei9jZlAfGRApsqM3KLqvKDasjQeVi5E32vj83ES8Xz+s9YfdDCmtBcV6/u1MS9FN:z5E3W
                                                            MD5:E8142BD8CECC56F27A5F7394969C3654
                                                            SHA1:674B23030D0A2DEB7B0CE97E570760708AD6CA12
                                                            SHA-256:84343D722667E42728AEB9FB66C8D01351C68495CF3774247B8F7B9DD83ACA79
                                                            SHA-512:255A54E844AEEBCA0EB6233385312C168D7AD23E42BA65AF5D0E986F1EE3826F0FAED3A6F686D629D8EF86F592B7E29C50ECEA28B9E0A835BB36A93B73A7E2A1
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ty2svg.f131038.js
                                                            Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[50],{30730:function(t){t.exports='<svg xmlns="http://www.w3.org/2000/svg" width="711" height="135" fill="none" viewBox="0 0 711 135"><rect width="3.167" height="3.162" fill="#98D6D8" rx="1.581" transform="matrix(.9663 -.25825 .25863 .96576 125.633 83.225)"/><rect width="5.067" height="5.06" fill="#98D6D8" rx="2.53" transform="matrix(.9663 -.25825 .25863 .96576 168.428 74.172)"/><rect width="8.868" height="8.854" fill="#49AEB1" rx="4.427" transform="matrix(.9663 -.25825 .25863 .96576 232.687 16.22)"/><rect width="8.461" height="8.448" fill="#6FCF97" rx="4.224" transform="matrix(.9663 -.25825 .25863 .96576 100.743 17.142)"/><path fill="#F2C94C" d="m72.831 57.542 6.556 2.383-5.349 4.478-1.207-6.861Z"/><rect width="6.043" height="6.034" fill="#49AEB1" rx="3.017" transform="matrix(.9663 -.25825 .25863 .96576 26.159 3.7)"/><rect width="4.835" height="4.827" fill="#98D6D8" rx="2.414" transform="matrix(.9663 -.25825 .25863 .96576 70

                                                            Chrome Cache Entry: 182

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (37611)
                                                            Category:downloaded
                                                            Size (bytes):419055
                                                            Entropy (8bit):5.4784255568212545
                                                            Encrypted:false
                                                            SSDEEP:6144:sq2+FgZqKo0Bp//8zNA9reWGJaN2mIME1tOON9Sda:7gLHp38RAZbNIME1hQY
                                                            MD5:2520A55FEF01AE5A3D06B48318EF5962
                                                            SHA1:E9DAB9E1D310D09DF99E838C6CDE59E6780B1C77
                                                            SHA-256:3A2B50E79D313897FBFF6536AEAEA3EC6AB1752582D2F0CD57706818706F662F
                                                            SHA-512:AB4CAAAF4DE16E064270DA1CD6C90E00B805A696FC40D540D0E6A63E6C74819A115CA22FA46586D504B4825D2B0DC4205B59942A6396FE387590FE33412E12B4
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9a2e743.js
                                                            Preview:!function(){var n,t,r,e,i,o={65690:function(n,t,r){"use strict";function e(n){o!==n&&(o=n)}function i(){return void 0===o&&(o="undefined"!=typeof document&&!!document.documentElement&&"rtl"===document.documentElement.getAttribute("dir")),o}var o;function u(){return{rtl:i()}}r.d(t,{Eo:function(){return u},ok:function(){return e}}),o=i()},36178:function(n,t,r){"use strict";r.d(t,{Y:function(){return c},q:function(){return o}});var e,i=r(59312),o={none:0,insertNode:1,appendChild:2},u="undefined"!=typeof navigator&&/rv:11.0/.test(navigator.userAgent),a={};try{a=window||{}}catch(n){}var c=function(){function n(n,t){var r,e,u,a,c,f;this._rules=[],this._preservedRules=[],this._counter=0,this._keyToClassName={},this._onInsertRuleCallbacks=[],this._onResetCallbacks=[],this._classNameToArgs={},this._config=(0,i.pi)({injectionMode:"undefined"==typeof document?o.none:o.insertNode,defaultPrefix:"css",namespace:void 0,cspSettings:void 0},n),this._classNameToArgs=null!==(r=null==t?void 0:t.classNameT

                                                            Chrome Cache Entry: 183

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (16145)
                                                            Category:downloaded
                                                            Size (bytes):16397
                                                            Entropy (8bit):5.286258431576774
                                                            Encrypted:false
                                                            SSDEEP:384:y74nJhdohv8ElMuGlrneeGwxlP5ChiGJdWxrup:MQd6v84MuUTNZxlP5CMGoy
                                                            MD5:1BCB9FAD75BC8F8E37F53280398C3F78
                                                            SHA1:0B093ECDB2696297002A2848615FC552D99BCED7
                                                            SHA-256:D66F84365612EFC7F174622C835D65FB5105F691E4013B232882C0A1946D7C47
                                                            SHA-512:C79767AB48606DACA4C00FBE28A6B4855DCA4964ADBEBB8028D2C26C9D2AAF16B50A678D8DF38A4641100B06262D982D57DBC5FF8B832A5D27FB20C6D9685FD1
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.3c32c70.js
                                                            Preview:var _dll_dompurify_940d9dad7c575ffb9e50;(()=>{var e={699:function(e){./*! @license DOMPurify | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/2.2.2/LICENSE */.e.exports=function(){"use strict";function e(e){if(Array.isArray(e)){for(var t=0,r=Array(e.length);t<e.length;t++)r[t]=e[t];return r}return Array.from(e)}var t=Object.hasOwnProperty,r=Object.setPrototypeOf,n=Object.isFrozen,o=Object.freeze,i=Object.seal,a=Object.create,l="undefined"!=typeof Reflect&&Reflect,c=l.apply,s=l.construct;c||(c=function(e,t,r){return e.apply(t,r)}),o||(o=function(e){return e}),i||(i=function(e){return e}),s||(s=function(t,r){return new(Function.prototype.bind.apply(t,[null].concat(e(r))))});var u=T(Array.prototype.forEach),d=T(Array.prototype.pop),f=T(Array.prototype.push),p=T(String.prototype.toLowerCase),m=T(String.prototype.match),y=T(String.prototype.replace),h=T(String.prototype.indexOf),g=T(String.prototype

                                                            Chrome Cache Entry: 184

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (4957)
                                                            Category:downloaded
                                                            Size (bytes):5211
                                                            Entropy (8bit):5.551404612456807
                                                            Encrypted:false
                                                            SSDEEP:96:A/OSfgZuWStTdY1TWIpnMMk53gTyl9lHxM4YEzcP7eWZY0zIFEmqf:mWSQ1TpnM0yl9lRMCE7eKz
                                                            MD5:C7747CE6E68191D703CAD5F055CE2DF6
                                                            SHA1:E4EACFB69BC672FB321C08B9D6B3649F2ED707F2
                                                            SHA-256:57375170CA8C9EDE7D9AEF0F2E89A8A7ECA388E6138C5110036F2A469202486B
                                                            SHA-512:0076EDC4AE31346B6106760DC08FCAB9E0B180FA1B5B9E07F4B7BEF20B63159A70B572B5E51F935431967F032FEDCFBF15185C5089155E1B3DE6DA3356E91AEB
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.b0865cc.js
                                                            Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[195],{22231:function(t,n,i){i.d(n,{u:function(){return s}});var e=i(59312),o=i(69686),a=i(35995),r=i(80098),$=i(67298),l=function(t,n){return[(0,e.pi)({backgroundColor:"rgba(0, 0, 0, 0.4)",height:"100%",left:"0",position:"absolute",top:"0",transition:"opacity 0.3s ease",width:"100%",zIndex:t},(0,r.f)({$i:"flex",$e:"center",$p:"center"})),n]},s=o.Gp((function(t,n){var i=t.children,r=t.$iM,s=t.$tw,_=void 0===s?15e3:s,u=t.style,c=(t.className,(0,e._T)(t,["children","$iM","$tw","style","className"])),g=(0,$.F7)(r),f=g&&g.current,m=(0,a.m)(l)(_,u);return f?o.jz(o.az("div",(0,e.pi)({},c,{className:m,ref:n}),i),f):null}))},36208:function(t,n,i){i.r(n),i.d(n,{PhishingWarningPage:function(){return q}});var e=i(59312),o=i(10420),a=i(69686),r=i(81762),$=i(86029),l=function(t){return a.az($.a,(0,e.pi)({},t,{$$:a.az("svg",{xmlns:"http://www.w3.org/2000/svg",viewBox:"0 0 2048 2048"},a.az("path",{d:"M1024 1536H896v-128h128v128zm0-1152H896v

                                                            Chrome Cache Entry: 185

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 800 x 466, 8-bit/color RGBA, non-interlaced
                                                            Category:dropped
                                                            Size (bytes):25953
                                                            Entropy (8bit):7.875027035211182
                                                            Encrypted:false
                                                            SSDEEP:384:oosdaD/mYqeR5zl5OAUfOOlJvQ4IQhMUnWI41Ia1LKXmFwvYDQ7vfpyK3zTaraOx:oosa/mAR5HzU2ObNgI4N8OqYsDpygOcW
                                                            MD5:BAFB097B864544377090B8F047358EA8
                                                            SHA1:5369D69F4699A02B28F834B69D9538CF8361420C
                                                            SHA-256:31A447C6FC9BACFBBF9E315EFE0827C22905AFBE0E88C57FA7FACDC8124D2A9E
                                                            SHA-512:DCD74521EB52D91C9F0BC7BD118A9D4352C6A7EF9BEC2DD01CC13A691661F7CE6D6DCD054B9E829BB69E09E44851F00E0DAD77D33463E9284D04FA9FB7097482
                                                            Malicious:false
                                                            Reputation:low
                                                            Preview:.PNG........IHDR... ............S....sRGB.........gAMA......a.....pHYs..."..."......d.IDATx^....-Uy..\....R...;.D.+(.T...b.T.-.&.!.;b..E..@#`G.jT....DP.."Mz...3/d...{..........>s..Y.k.>w....$I.$I.$I.$I.$I.$I.$I.$I.$I.$I.$I.$I.$I.$I..)......._.....#UI.$I........+iBz...%v..%I.$......k..#..Y+R.$I.T........r.S./I.$.$4.w ....".oz...Q.$I..Rp1.#.......b.(C.$IR.....8..B..2$I.$....5...~sI_....(E.$IR....W\....."6.R$I.$........R}(J.$I..w4 ..g..|...IQ.$I.......q-_$..5..G9.$I......+x..(G.$IR.q...../.5<7.$I..g\....2..D...w..$I.$.....|....6kEI.$I.......K.rQ.?FI.$I.....C.:.X.p).k.$I.$...pO...6..E...Y/.$I..W\...*HxC.$I.$..h@. ....F.W....%I.$...x.ss._6.8..0.$I..G\.....E.e|...(K.$IR_q.~X\...:.#..eI.$I.#......WA.&6..$I.$....U...P...,I.$I}.E.v.q._<jy\.&I.$...h.g\...Z.e.u.&I.$.o.h...../.....I.$I.#..?.\..&.)Q.$I....}g../i...G-..[Ey.$I.....#.....s<.eQ.$I..>.........(O.$IR_p.~7.....|.X#.$I...4.......e...J.$I}.E.V...%{].+}...D.$I...._.\....f.(U.$I.<qq~K...X.Z...y?.I.$./.@

                                                            Chrome Cache Entry: 186

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (14860)
                                                            Category:downloaded
                                                            Size (bytes):15116
                                                            Entropy (8bit):5.526768261704075
                                                            Encrypted:false
                                                            SSDEEP:384:ONyp00ZJDg6ySPq1xzDvE3XC4Zq/wFaYu/lSO:gyfZJDbySPKXyXfZkwgYu9/
                                                            MD5:52041F58C70E2A3617D54DBD5DC100DA
                                                            SHA1:59EA8B1FA12529BB3CC19337301043DD9635B4DD
                                                            SHA-256:92C3F8ECD847424547FCD7882BB817A04858D259DE1877CD1F01BEE8982ACEA1
                                                            SHA-512:BCA5ABA50852AD00C5ECC71CCAF8E87831CC6F77C69CBE2175D7F91551A4D99123978101813184A10A6DA03F6A6D4A2461968F18A786A44BA2EABFB5D300ABF0
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.c5faa4d.js
                                                            Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[537],{85708:function(n,e,r){function t(){return Date.now||(Date.now=function(){return(new Date).getTime()}),Math.floor(Date.now())}r.d(e,{dg:function(){return t}})},54109:function(n,e,r){r.d(e,{K:function(){return o}});var t=r(59749);function o(n,e,r){return new Promise((function(o,i){if(!n)throw Error("No script path for "+n);var a=document.getElementsByTagName("head")[0];if(!a)return i(Error("No head element found!"));var u=document.createElement("script");u.type="text/javascript",u.async=!0,(0,t.M5)(u,n),e&&r&&(u.crossOrigin="anonymous"),u.onload=function(){return o()},u.onerror=function(){a.removeChild(u),i(Error("Failed to load javascript file: "+n))},a.appendChild(u)}))}},72192:function(n,e,r){r.r(e),r.d(e,{BrandingFooter:function(){return C}});var t=r(59312),o=r(69686),i=r(69065),a=r(80820),u=r(46411),c=r(13729),l=r(35995),f=r(80098),s=r(28729),d=r(36082),p=r(262),_=r(51710),m=r(39886),$=r(15463),v=r(60505),g=r(82610)

                                                            Chrome Cache Entry: 187

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:dropped
                                                            Size (bytes):72
                                                            Entropy (8bit):4.241202481433726
                                                            Encrypted:false
                                                            SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                                            MD5:9E576E34B18E986347909C29AE6A82C6
                                                            SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                            SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                            SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                            Malicious:false
                                                            Reputation:low
                                                            Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                            Chrome Cache Entry: 188

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 16 x 16, 8-bit colormap, non-interlaced
                                                            Category:dropped
                                                            Size (bytes):526
                                                            Entropy (8bit):6.592260035215652
                                                            Encrypted:false
                                                            SSDEEP:12:6v/7uU58F8OaRjDq+1S5L+Fmtq2YTzmpg2zS+Dl34WEM3l3Sz:C9DjA+FmtrYTmxzjmWEMm
                                                            MD5:43FCF55E4372221567F0C3962E1C2647
                                                            SHA1:10E3FBC754F74C61E370EAF5FA5AA9074228DF48
                                                            SHA-256:FF0FA7BC7EC81AA93E04BA8F4FDC98473D63D07E59BBF40BD1D33F4CE65F7BBB
                                                            SHA-512:7EA6913F5F329B1754AB2BBC1D29E60977819EDB0799807D5342D1C34CFBDDCD6E7EBC554A0BC4ECCA2A7F2492A004073E0EB17A5F3E4A214C698427C346990D
                                                            Malicious:false
                                                            Reputation:low
                                                            Preview:.PNG........IHDR.............(-.S....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<...iPLTE....Z..Z..Z..Z..Z.S...Z..Z..Z..Z..Z..Z..m.7..h...k..b.S..h..h...m..b.E...s..Z..Z.._.N...j.U..h..A..4......GCT....tRNS......0..` @..........pY.......bKGD"]e\.....tIME......9.n.g...|IDAT..U.W..0..P%lHL.%.e.....eM...X;.b.v.#(i:.....c}...kv+.....j..j1..m.X.....&i...QX.|........:+%.5.IU...Y.W....S1p/.j`...5....Gm....%tEXtdate:create.2018-04-30T20:06:57+00:00.......%tEXtdate:modify.2018-04-30T20:06:57+00:00i.......IEND.B`.

                                                            Chrome Cache Entry: 189

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (917)
                                                            Category:downloaded
                                                            Size (bytes):1151
                                                            Entropy (8bit):5.348561596065604
                                                            Encrypted:false
                                                            SSDEEP:24:icYJ+bsfAITqI03JJKEDKlnMSrDDNGCauJkmbqdZu/pIh:icZsfAiGjKuKRDR6uJrbYJ
                                                            MD5:5B0D9E0A7BF5E674C5BD369A29451004
                                                            SHA1:F4BA906D2BD5091268D26690423A6C0525792DC1
                                                            SHA-256:FC72407EDBB46B2AFD5DAB68D6297FD426EE0E13959E1607085015F1505E5E40
                                                            SHA-512:9DD8E24FDF5E260EDBC1EB0F928DFBD8F56FA940578AF7D6525726395603560F70CEFBDA5A9D8C5901C21357E1F52A5A487E7CF272549292EE76DA387D1B48B7
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.cc78b7e.js
                                                            Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[670],{70082:function(r,e,n){n.r(e),n.d(e,{register:function(){return f}});var t=n(59312),i=n(16586),s=n(9947),u=n(90710),c=n(55890),o=n(10836),a=n(81653);function f(r){return(0,t.mG)(this,void 0,void 0,(function(){var e,n;return(0,t.Jh)(this,(function(t){switch(t.label){case 0:return t.trys.push([0,5,,6]),(0,a.qI)()?(0,o.cr)("UnregisterServiceWorker")?[4,navigator.serviceWorker.getRegistrations().then((function(r){return Promise.all(r.map((function(r){return r.unregister()})))}))]:[3,2]:[2];case 1:return t.sent(),[2];case 2:return(0,o.cr)("ServiceWorkerEnabled")||"1"===(0,u.NW)().fsw?(e=r?"Business":(0,s.k0)().ring,[4,navigator.serviceWorker.register((0,i.wT)("/sw.js?ring=".concat(e)))]):[3,4];case 3:t.sent(),t.label=4;case 4:return[3,6];case 5:return n=t.sent(),(0,c.$U)("ServiceWorker.Registration.Error",n),[3,6];case 6:return[2]}}))}))}}}]);..//# sourceMappingURL=https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/l

                                                            Chrome Cache Entry: 190

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:dropped
                                                            Size (bytes):72
                                                            Entropy (8bit):4.241202481433726
                                                            Encrypted:false
                                                            SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                                            MD5:9E576E34B18E986347909C29AE6A82C6
                                                            SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                            SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                            SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                            Malicious:false
                                                            Reputation:low
                                                            Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                            Chrome Cache Entry: 191

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:dropped
                                                            Size (bytes):72
                                                            Entropy (8bit):4.241202481433726
                                                            Encrypted:false
                                                            SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                                            MD5:9E576E34B18E986347909C29AE6A82C6
                                                            SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                            SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                            SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                            Malicious:false
                                                            Reputation:low
                                                            Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                                            Chrome Cache Entry: 192

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (34261)
                                                            Category:downloaded
                                                            Size (bytes):106269
                                                            Entropy (8bit):5.425872133554213
                                                            Encrypted:false
                                                            SSDEEP:1536:an6XmR3rQPL0HpEUeHEAqZomL/P3Cb9NjQkKlJlY:anu8QPL0H8EVZvDP3u9KkAJlY
                                                            MD5:CBCF31EDA6714696B473976284431801
                                                            SHA1:19D54F4EABE11CB6CBB9036BD120B39F49F1B6DB
                                                            SHA-256:D6854738593EECE90B6925C2999576B9F6AB82EBF546235755BF60F7C3C1387B
                                                            SHA-512:90B92145A81C45BB10432E305B08E6728D016D37B566B83D972BCB5568DFD6B1FC60D62C84F4D69E60368F471994505DDA90DADC91CBDA6072D0ABEA6B1F36C7
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.37175a1.js
                                                            Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[641],{79966:function(n,r,t){t.d(r,{Z:function(){return _}});var e=t(49577),u=t(71106),i=t(40154),o=t(80403),f=t(39523),c=t(61746),a=t(72480),l=t(52863),v=t(86969),s=t(90962),d=t(58398),p=500;function h(n,r,t){r&&(0,f.kJ)(r)&&r[a.R5]>0&&(r=r.sort((function(n,r){return n[v.yi]-r[v.yi]})),(0,f.tO)(r,(function(n){n[v.yi]<p&&(0,f._y)("Channel has invalid priority - "+n[a.pZ])})),n[a.MW]({queue:(0,f.FL)(r),chain:(0,s.jV)(r,t[a.TC],t)}))}var y=t(28165),g=t(45480),m=t(66450),S=function(n){function r(){var t,e,o=n.call(this)||this;function l(){t=0,e=[]}return o.identifier="TelemetryInitializerPlugin",o.priority=199,l(),(0,u.Z)(r,o,(function(n,r){n.addTelemetryInitializer=function(n){var r={id:t++,fn:n};return e[a.MW](r),{remove:function(){(0,f.tO)(e,(function(n,t){if(n.id===r.id)return e[a.cb](t,1),-1}))}}},n[v.hL]=function(r,t){for(var u=!1,o=e[a.R5],l=0;l<o;++l){var v=e[l];if(v)try{if(!1===v.fn[a.ZV](null,[r])){u=!0;break}}catch(n)

                                                            Chrome Cache Entry: 193

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:SVG Scalable Vector Graphics image
                                                            Category:downloaded
                                                            Size (bytes):1795
                                                            Entropy (8bit):5.2687859815811
                                                            Encrypted:false
                                                            SSDEEP:24:tO5SRuJ8QTmHOrW5LRqVsL+ek4KKeZvqHsL7ek4KZSY3+1AqHsLsek4KA6lWHxDT:gzE5lLZaLuY3+uLkWH1HMAHnf
                                                            MD5:DF1CD3F2DAAEE5F629C10FBC609CAC35
                                                            SHA1:7C4EADD1001AFA795442C3CA06B645CFC4831BC8
                                                            SHA-256:C04BC4EE3D822B90BA1A8562DF69FC44E199E8E36D2FDAD3F3787FCF9C5163DD
                                                            SHA-512:3F69A1B5B192C741167622A810A9CF59C071674C8014464A29E08E4BFB9546B33246D9E72CFD3E8AB5178FFF91749013B78E4BCD7A044FF309C2255425D578F6
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/images/aio/wave-pattern-v1.svg
                                                            Preview:<svg width="1366" height="768" viewBox="0 0 1366 768" fill="none" xmlns="http://www.w3.org/2000/svg">..<g clip-path="url(#clip0_1395_123507)">..<path d="M-30 1060.71V411.179C326.5 316.179 440.5 774.207 852 532.207C1181.2 338.607 1397.5 429.207 1464.5 498.707V1060.71H-30Z" fill="white" fill-opacity="0.15" stroke="url(#paint0_linear_1395_123507)" stroke-opacity="0.4" stroke-width="3"/>..<path d="M-125 1066.76V504.755C53.5 613.255 334 418.255 529 415.755C724 413.255 846 471.255 1069 574.255C1247.4 656.655 1384.33 608.589 1430.5 574.255V1080.76L-125 1066.76Z" fill="white" fill-opacity="0.2" stroke="url(#paint1_linear_1395_123507)" stroke-opacity="0.4" stroke-width="3"/>..<path d="M-81 1256.47V701C277 467 360.5 747.652 683 540.47C1005.5 333.288 1317.67 573.97 1472.5 625.47L1491 1256.47H-81Z" fill="white" fill-opacity="0.2" stroke="url(#paint2_linear_1395_123507)" stroke-opacity="0.4" stroke-width="3"/>..</g>..<defs>..<linearGradient id="paint0_linear_1395_123507" x1="-104.5" y1="895.178" x2

                                                            Chrome Cache Entry: 194

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (16422)
                                                            Category:downloaded
                                                            Size (bytes):16684
                                                            Entropy (8bit):5.4760177103495105
                                                            Encrypted:false
                                                            SSDEEP:384:pcct9vjrHtHlyefnPGiQdOlO9YVYZ1bN7DN9WZvx9n+ceJ3KwdZ:C0dlJPGtdO8YVYTNfN9cx9+NJd
                                                            MD5:AA54A21D2852B4BB5871F0CC188241E4
                                                            SHA1:4049E400D4A980B7DCF4E2AAB1215311F7D92181
                                                            SHA-256:1BCAA1AED39E96C4CA6C1FFD6AA5C5AB2EF34C5AD14E18D779FE31F8C53802FC
                                                            SHA-512:975678542DEE39CC2A1CBF618C59BF7E46BDAF6D249F812F3E4595B0B752513234AACA4898DDDB19FCFB188C716BA59AD912604B28F1CCD38F625E57F814A8F4
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.15268c8.js
                                                            Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[852],{92658:function(n,e,t){t.d(e,{b:function(){return o}});var r=t(68289),o=function(n){var e=void 0===n?{}:n,t=e.$if,o=e.$gr,i=e.$pa,u=e.$fg,s=e.$gU,a=e.$gV,c=e.$fC,_=e.$ig,f=e.$mG,g=e.$jH,$=[];return t&&$.push("CollectionId=".concat(t)),o&&$.push("GroupId=".concat(o)),i&&$.push("Token=".concat(i)),_&&$.push("ResponseTime=".concat(_)),u&&$.push("SaveResponseFormId=".concat(u)),a&&$.push("SaveResponseId=".concat(a)),c&&$.push("Action=".concat(c)),s&&$.push("RcRequireLogin=".concat(s)),f&&$.push("LrpRing=".concat(f)),g&&$.push("LrpSession=".concat(g)),"".concat((0,r.v)(),"Pages/DesignPageV2.aspx?").concat($.join("&"))}},43209:function(n,e,t){t.d(e,{C2:function(){return o},_B:function(){return i},aK:function(){return u}});var r="/formspro";function o(n){var e=n&&n.toLowerCase()||window.location.pathname.toLowerCase();switch(u()&&(e=e.substring(r.length)),e){case"/pages/designpage.aspx":case"/pages/teamsdesignpage.aspx":case"/

                                                            Chrome Cache Entry: 195

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (9809)
                                                            Category:downloaded
                                                            Size (bytes):10051
                                                            Entropy (8bit):5.402431193409903
                                                            Encrypted:false
                                                            SSDEEP:192:gtpXmv5wg345YFQrLjZP+K2c4hgu650vj5aIyT+/8sxXZFZR+I7qGlVg:g7WRwg345YqP92jc4hB65kj5aIysfxX6
                                                            MD5:65FAD330ACEC340D7323FA39845342DC
                                                            SHA1:11314332EDE442E0BED1540FC033B8B3A1AA86A1
                                                            SHA-256:16DCDEB4B006795CEAF1F8DD41B085704BA9E3ED69389597CC4755006E18E53E
                                                            SHA-512:D71C9A051AF74C30C26F24D05E3C6B79A2D637C2E421F26B734A5D359BF975B45663D3B84A22C0E2626F3C26007066615D80A1FF450509247DAFB066EB139312
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.try_dv.d33b8a6.js
                                                            Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[168],{81929:function(e,a,r){r.r(a),r.d(a,{defaultValues:function(){return o}});var i=[],o={intelligenceAnalyze:{SuggestionId:"1",UserBasedSuggestionId:"2",Contents:[{SuggestionName:"ThemeSuggestionAnalyzer",Suggestions:[{Name:"3",Layout:"LargeTitle",PrimaryImage:{Url:"videos/publish/2de6562d-d65c-491a-8f4e-b04837059ee8/thumbnails/large.jpg",Source:"Hubble"},PrimaryVideo:{Url:"videos/publish/2de6562d-d65c-491a-8f4e-b04837059ee8/640357424.mp4",Source:"Hubble",Thumbnail:"videos/publish/2de6562d-d65c-491a-8f4e-b04837059ee8/previews/large.mp4"},PrimaryMediaType:"Video",Id:"3",RankingValue:-99899.01377234701,Industry:0,GeneratorName:"ThompsonSamplingThemeGenerator"},{Name:"4",Layout:"LargeBackground",PrimaryImage:{Url:"videos/publish/3f0e5d3e-434a-4a86-a024-43a18e9df35b/thumbnails/large.jpg",Source:"Hubble"},PrimaryVideo:{Url:"videos/publish/3f0e5d3e-434a-4a86-a024-43a18e9df35b/884732728.mp4",Source:"Hubble",Thumbnail:"videos/publ

                                                            Chrome Cache Entry: 196

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:HTML document, ASCII text
                                                            Category:downloaded
                                                            Size (bytes):1715
                                                            Entropy (8bit):5.429508187953475
                                                            Encrypted:false
                                                            SSDEEP:48:5UwfTMN9FEbDOv2y50f4wfQOf4wlP1f4wo:5U6oNrQKvv50wcwANwx
                                                            MD5:6BF10D1831A61F0B6B36779F23AA43DE
                                                            SHA1:11E60D7DDBE0CC03B98C580511699B1A4B5C3983
                                                            SHA-256:78233BF9CA7F8B255AAD8A73FDD2C19B043CADA88D5D4DCD089551F6B9A2B007
                                                            SHA-512:8E5DC0F96A2E8332F8093F3B8B82F5F3C300BF322D073C129AC5E811D6850319E6D6850892193DE59D5ABA965F1E12691C72C02B2634281035ECF5CD74DD4D60
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://scanner.topsec.com/?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=179241079d016688075724fcdc7f1607ffd17a7f
                                                            Preview:<!DOCTYPE html>.<html lang="en">.. <head>. .<meta charset="utf-8">. .<meta name="viewport" content="width=device-width, initial-scale=1.0">. .<meta name="description" content="Topsec URL Scanning System">.. .<title>Topsec URL Scanner</title>.. .<link rel="shortcut icon" href="favico.png">. .. <style>. body { text-align: center; padding: 100px; }. h1 { font-size: 40px; }. body { font: 20px Helvetica, sans-serif; color: #333; }. article { display: block; text-align: left; width: 650px; margin: 0 auto; }. a { color: #dc8100; text-decoration: none; }. a:hover { color: #333; text-decoration: none; }. </style>.. </head>..<body>..<article>. <img src='/images/topsec_logo.png' />.. <div>.....<h1>Scan Complete</h1>........<h3>https://forms.microsoft.com/pages/responsepage.aspx?id=uiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u</h3>....<h1 style="color: green; margin-top: 20px">. No Malicious Content Detected

                                                            Chrome Cache Entry: 197

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:Unicode text, UTF-8 text, with very long lines (32404), with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):32428
                                                            Entropy (8bit):4.798729380642712
                                                            Encrypted:false
                                                            SSDEEP:768:KcAkfytMd/I9wjl4pRmQeflWq0C0Nxq1pXOhqRDFef9HyPH02lHlAt8QmXmVYGyu:KZvIA9443aflWq0C0Nxq1pXOwRDFA9Hz
                                                            MD5:65E63BCC5E08B13E2E3DC55AF27ECA07
                                                            SHA1:5B3811F1A2ABA64B65E72C5CD36518D2CA1292DF
                                                            SHA-256:AB5BC23558799AA8538DAE6659AE4B5D4BEC943AD0798756B16E86A98CB7FC47
                                                            SHA-512:C85F8D39EE00D544281ED823B09ED8F17207E82ED9776B6CE7D34C6F5D009B811532AB228F4CBFE6CA25647C2C9A7E3899A817F9187495D2ACA47F40BA286E24
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/ls-response.en-gb.790ccbdfb.js
                                                            Preview:window.FormsLsMap = (window.FormsLsMap || {});window.FormsLsMap["en-gb"]={"mdbicgo":"Required to answer","lbnbnjb":"Please share your comments here","jchpiio":"Help improve phishing detection","hkplpef":"It's not collecting sensitive info","lifjakb":"It needs to collect sensitive info","eackega":"Other","mnpehin":"Did this form trigger a false positive? Click to provide details.","amlalmd":"Why did you unblock this form?","acmngdo":"This user is not currently restricted from using Microsoft Forms. No further action is needed..","pdnfcop":"Correct","pfjnaob":"Required","efmefee":"Your browser settings are preventing an optimal experience with Microsoft 365. Allow access to improve your experience.","jcamdkj":"Allow access to continue","dlogacb":"Pause background music","oancfdj":"Play background music","pjgjcee":"Pause live background","dplcjia":"Play live background","giamlmc":"Please select at least {0} options.","ggbmbok":"Please select at most {0} options.","mbpambh":"Please selec

                                                            Chrome Cache Entry: 198

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:JSON data
                                                            Category:downloaded
                                                            Size (bytes):2
                                                            Entropy (8bit):1.0
                                                            Encrypted:false
                                                            SSDEEP:3:H:H
                                                            MD5:D751713988987E9331980363E24189CE
                                                            SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                            SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                            SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://forms.microsoft.com/formapi/api/e0fb20ba-0e7e-4407-8bcc-a18a6601fe5f/users/49eee182-265d-4c45-b02d-e1199063b33b/forms('uiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u')/localeResource/'en-gb'
                                                            Preview:[]

                                                            Chrome Cache Entry: 199

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (22819)
                                                            Category:downloaded
                                                            Size (bytes):23057
                                                            Entropy (8bit):5.437477667432884
                                                            Encrypted:false
                                                            SSDEEP:384:xPXTZnEgD/LADX6cJxtmiGLVWlFkMAVPSj1:RZdLGGLIlOhU1
                                                            MD5:7BD6FD0A8AA91D14C3813C0284CB1B79
                                                            SHA1:74DA0165D3315D47CABAD83EAF7A4AD721C82395
                                                            SHA-256:B49E2AD022A3AC9BF2BE55A133226A33D8256240CFA4A7631A3C9CEA136D2571
                                                            SHA-512:7267AE08623FE054C8F3E8B94C89117A7D76BC604AC624898DAB9FA9B29C46748F918B1C9E1247B6B8A53FB6C948B38290E770F7B395AD664BB465EE5946FD20
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.284a47f.js
                                                            Preview:"use strict";(self.webpackChunk=self.webpackChunk||[]).push([[824],{14045:function(e,n,t){t.r(n),t.d(n,{initializeTelemetryLogger:function(){return $e}});var i,a=t(92560),o=t(63061),s=t(60211),r=t(5809),_=t(83390),l=t(9754),$=t(5699),u=t(59312),c=t(26261);!function(e){e.DataClassification={EssentialServiceMetadata:1,AccountData:2,SystemMetadata:4,OrganizationIdentifiableInformation:8,EndUserIdentifiableInformation:16,CustomerContent:32,AccessControl:64,PublicNonPersonalData:128,EndUserPseudonymousInformation:256,PublicPersonalData:512,SupportData:1024,DirectMeasurementData:2048,Everything:65535},e.DataFieldType={String:0,Boolean:1,Int64:2,Double:3,Guid:4},e.SamplingPolicy={NotSet:0,Measure:1,Diagnostics:2,CriticalBusinessImpact:191,CriticalCensus:192,CriticalExperimentation:193,CriticalUsage:194},e.PersistencePriority={NotSet:0,Normal:1,High:2},e.CostPriority={NotSet:0,Normal:1,High:2},e.DataCategories={NotSet:0,SoftwareSetup:1,ProductServiceUsage:2,ProductServicePerformance:4,DeviceCo

                                                            Chrome Cache Entry: 200

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with no line terminators
                                                            Category:downloaded
                                                            Size (bytes):88
                                                            Entropy (8bit):3.7796837384914035
                                                            Encrypted:false
                                                            SSDEEP:3:7jZoS8/ZoS8/ZoS8/ZoS8/ZoS8/ZoS8/ZYn:PZoS8/ZoS8/ZoS8/ZoS8/ZoS8/ZoS8/m
                                                            MD5:1E272D55FDFC19B1CD94AA38C84AA8C2
                                                            SHA1:BADF7D6CCCDD37EB4FFA1E8E0297ECBA98B7206F
                                                            SHA-256:82B21293EBEE404F6A5CFF78B536846B416C21AEAAD27299668CE5063F46EC63
                                                            SHA-512:76576AFA0BF8C1C60AA7C76CA92338EE86723FF7D019796A83ABCA92A936F9FB838D33EB7DE4B65A9B2CE946A7627F8BC9A20DC75CA080A551858DF7748A4AF8
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTA0LjAuNTExMi44MRI6CaBovHT9D43LEgUNkWGVThIFDZFhlU4SBQ2RYZVOEgUNkWGVThIFDZFhlU4SBQ2RYZVOEgUNkWGVTg==?alt=proto
                                                            Preview:Cj8KBw2RYZVOGgAKBw2RYZVOGgAKBw2RYZVOGgAKBw2RYZVOGgAKBw2RYZVOGgAKBw2RYZVOGgAKBw2RYZVOGgA=

                                                            Chrome Cache Entry: 201

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:SVG Scalable Vector Graphics image
                                                            Category:dropped
                                                            Size (bytes):1795
                                                            Entropy (8bit):5.2687859815811
                                                            Encrypted:false
                                                            SSDEEP:24:tO5SRuJ8QTmHOrW5LRqVsL+ek4KKeZvqHsL7ek4KZSY3+1AqHsLsek4KA6lWHxDT:gzE5lLZaLuY3+uLkWH1HMAHnf
                                                            MD5:DF1CD3F2DAAEE5F629C10FBC609CAC35
                                                            SHA1:7C4EADD1001AFA795442C3CA06B645CFC4831BC8
                                                            SHA-256:C04BC4EE3D822B90BA1A8562DF69FC44E199E8E36D2FDAD3F3787FCF9C5163DD
                                                            SHA-512:3F69A1B5B192C741167622A810A9CF59C071674C8014464A29E08E4BFB9546B33246D9E72CFD3E8AB5178FFF91749013B78E4BCD7A044FF309C2255425D578F6
                                                            Malicious:false
                                                            Reputation:low
                                                            Preview:<svg width="1366" height="768" viewBox="0 0 1366 768" fill="none" xmlns="http://www.w3.org/2000/svg">..<g clip-path="url(#clip0_1395_123507)">..<path d="M-30 1060.71V411.179C326.5 316.179 440.5 774.207 852 532.207C1181.2 338.607 1397.5 429.207 1464.5 498.707V1060.71H-30Z" fill="white" fill-opacity="0.15" stroke="url(#paint0_linear_1395_123507)" stroke-opacity="0.4" stroke-width="3"/>..<path d="M-125 1066.76V504.755C53.5 613.255 334 418.255 529 415.755C724 413.255 846 471.255 1069 574.255C1247.4 656.655 1384.33 608.589 1430.5 574.255V1080.76L-125 1066.76Z" fill="white" fill-opacity="0.2" stroke="url(#paint1_linear_1395_123507)" stroke-opacity="0.4" stroke-width="3"/>..<path d="M-81 1256.47V701C277 467 360.5 747.652 683 540.47C1005.5 333.288 1317.67 573.97 1472.5 625.47L1491 1256.47H-81Z" fill="white" fill-opacity="0.2" stroke="url(#paint2_linear_1395_123507)" stroke-opacity="0.4" stroke-width="3"/>..</g>..<defs>..<linearGradient id="paint0_linear_1395_123507" x1="-104.5" y1="895.178" x2

                                                            Chrome Cache Entry: 202

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:PNG image data, 16 x 16, 8-bit colormap, non-interlaced
                                                            Category:downloaded
                                                            Size (bytes):526
                                                            Entropy (8bit):6.592260035215652
                                                            Encrypted:false
                                                            SSDEEP:12:6v/7uU58F8OaRjDq+1S5L+Fmtq2YTzmpg2zS+Dl34WEM3l3Sz:C9DjA+FmtrYTmxzjmWEMm
                                                            MD5:43FCF55E4372221567F0C3962E1C2647
                                                            SHA1:10E3FBC754F74C61E370EAF5FA5AA9074228DF48
                                                            SHA-256:FF0FA7BC7EC81AA93E04BA8F4FDC98473D63D07E59BBF40BD1D33F4CE65F7BBB
                                                            SHA-512:7EA6913F5F329B1754AB2BBC1D29E60977819EDB0799807D5342D1C34CFBDDCD6E7EBC554A0BC4ECCA2A7F2492A004073E0EB17A5F3E4A214C698427C346990D
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://scanner.topsec.com/favico.png
                                                            Preview:.PNG........IHDR.............(-.S....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<...iPLTE....Z..Z..Z..Z..Z.S...Z..Z..Z..Z..Z..Z..m.7..h...k..b.S..h..h...m..b.E...s..Z..Z.._.N...j.U..h..A..4......GCT....tRNS......0..` @..........pY.......bKGD"]e\.....tIME......9.n.g...|IDAT..U.W..0..P%lHL.%.e.....eM...X;.b.v.#(i:.....c}...kv+.....j..j1..m.X.....&i...QX.|........:+%.5.IU...Y.W....S1p/.j`...5....Gm....%tEXtdate:create.2018-04-30T20:06:57+00:00.......%tEXtdate:modify.2018-04-30T20:06:57+00:00i.......IEND.B`.

                                                            Chrome Cache Entry: 203

                                                            Download File
                                                            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            File Type:ASCII text, with very long lines (65409)
                                                            Category:downloaded
                                                            Size (bytes):183854
                                                            Entropy (8bit):5.41424099382019
                                                            Encrypted:false
                                                            SSDEEP:3072:uLrXG1roXq7ty0n1blPmD7MKByZvH0rLjNz//Ae:mXGBM29ZAMK0ZvUj5Ie
                                                            MD5:53B31FE22D1DE600FD73394EC25CC9FF
                                                            SHA1:A1283ED40384D949923FA0C30D2FC8B256C42347
                                                            SHA-256:7F72CA8CD472879DDF75739FC9968F52E9A774E3C4FCAECAB89552FDF2289415
                                                            SHA-512:6C873AFB964D12C8223E6C95DED36B1F6F519DC8EF6A89CD126A1BC189402B5022C7ECBF4DE05DB53D7E3406D44540A17EC850BD4A4C6F6B6C21BA352B231DD8
                                                            Malicious:false
                                                            Reputation:low
                                                            URL:https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
                                                            Preview:/*!. * 1DS JSLL SKU, 3.2.12. * Copyright (c) Microsoft and contributors. All rights reserved.. * (Microsoft Internal Only). */.var e=this,t=function(l){"use strict";var f="function",d="object",fe="undefined",z="prototype",g="hasOwnProperty",m=Object,y=m[z],C=m.assign,b=m.create,e=m.defineProperty,E=y[g],T=null;function j(e){e=!1===(e=void 0===e||e)?null:T;return e||((e=(e=(e=typeof globalThis!==fe?globalThis:e)||typeof self===fe?e:self)||typeof window===fe?e:window)||typeof global===fe||(e=global),T=e),e}function I(e){throw new TypeError(e)}function q(e){var t;return b?b(e):null==e?{}:((t=typeof e)!==d&&t!==f&&I("Object prototype may only be an Object:"+e),n[z]=e,new n);function n(){}}(j()||{}).Symbol,(j()||{}).Reflect;var X=C||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var i in t=arguments[n])y[g].call(t,i)&&(e[i]=t[i]);return e},_=function(e,t){return(_=m.setPrototypeOf||({__proto__:[]}instanceof Array?function(e,t){e.__proto__=t}:function(e,t){for(var n in t)t[g](n)&&(

                                                            Static File Info

                                                            No static file info

                                                            Network Behavior

                                                            Download Network PCAP: filteredfull

                                                            Network Port Distribution

                                                            • Total Packets: 136
                                                            • 443 (HTTPS)
                                                            • 53 (DNS)
                                                            TimestampSource PortDest PortSource IPDest IP
                                                            Jul 24, 2023 12:03:46.283459902 CEST49691443192.168.2.4172.217.168.13
                                                            Jul 24, 2023 12:03:46.283508062 CEST44349691172.217.168.13192.168.2.4
                                                            Jul 24, 2023 12:03:46.283584118 CEST49691443192.168.2.4172.217.168.13
                                                            Jul 24, 2023 12:03:46.284456015 CEST49691443192.168.2.4172.217.168.13
                                                            Jul 24, 2023 12:03:46.284482002 CEST44349691172.217.168.13192.168.2.4
                                                            Jul 24, 2023 12:03:46.291820049 CEST49692443192.168.2.4172.217.168.46
                                                            Jul 24, 2023 12:03:46.291867018 CEST44349692172.217.168.46192.168.2.4
                                                            Jul 24, 2023 12:03:46.291944981 CEST49692443192.168.2.4172.217.168.46
                                                            Jul 24, 2023 12:03:46.292236090 CEST49692443192.168.2.4172.217.168.46
                                                            Jul 24, 2023 12:03:46.292254925 CEST44349692172.217.168.46192.168.2.4
                                                            Jul 24, 2023 12:03:46.358959913 CEST44349692172.217.168.46192.168.2.4
                                                            Jul 24, 2023 12:03:46.359488010 CEST49692443192.168.2.4172.217.168.46
                                                            Jul 24, 2023 12:03:46.359529018 CEST44349692172.217.168.46192.168.2.4
                                                            Jul 24, 2023 12:03:46.360865116 CEST44349692172.217.168.46192.168.2.4
                                                            Jul 24, 2023 12:03:46.361005068 CEST49692443192.168.2.4172.217.168.46
                                                            Jul 24, 2023 12:03:46.364115953 CEST44349692172.217.168.46192.168.2.4
                                                            Jul 24, 2023 12:03:46.364289045 CEST49692443192.168.2.4172.217.168.46
                                                            Jul 24, 2023 12:03:46.372617960 CEST44349691172.217.168.13192.168.2.4
                                                            Jul 24, 2023 12:03:46.401738882 CEST49691443192.168.2.4172.217.168.13
                                                            Jul 24, 2023 12:03:46.401796103 CEST44349691172.217.168.13192.168.2.4
                                                            Jul 24, 2023 12:03:46.404827118 CEST44349691172.217.168.13192.168.2.4
                                                            Jul 24, 2023 12:03:46.404978991 CEST49691443192.168.2.4172.217.168.13
                                                            Jul 24, 2023 12:03:46.643353939 CEST49691443192.168.2.4172.217.168.13
                                                            Jul 24, 2023 12:03:46.643659115 CEST49691443192.168.2.4172.217.168.13
                                                            Jul 24, 2023 12:03:46.643663883 CEST44349691172.217.168.13192.168.2.4
                                                            Jul 24, 2023 12:03:46.643937111 CEST49692443192.168.2.4172.217.168.46
                                                            Jul 24, 2023 12:03:46.644068956 CEST49692443192.168.2.4172.217.168.46
                                                            Jul 24, 2023 12:03:46.644088984 CEST44349692172.217.168.46192.168.2.4
                                                            Jul 24, 2023 12:03:46.644238949 CEST44349692172.217.168.46192.168.2.4
                                                            Jul 24, 2023 12:03:46.688304901 CEST44349691172.217.168.13192.168.2.4
                                                            Jul 24, 2023 12:03:46.691086054 CEST44349692172.217.168.46192.168.2.4
                                                            Jul 24, 2023 12:03:46.691154003 CEST49692443192.168.2.4172.217.168.46
                                                            Jul 24, 2023 12:03:46.691168070 CEST44349692172.217.168.46192.168.2.4
                                                            Jul 24, 2023 12:03:46.691303968 CEST44349692172.217.168.46192.168.2.4
                                                            Jul 24, 2023 12:03:46.691353083 CEST49692443192.168.2.4172.217.168.46
                                                            Jul 24, 2023 12:03:46.692038059 CEST49692443192.168.2.4172.217.168.46
                                                            Jul 24, 2023 12:03:46.692056894 CEST44349692172.217.168.46192.168.2.4
                                                            Jul 24, 2023 12:03:46.692476988 CEST49691443192.168.2.4172.217.168.13
                                                            Jul 24, 2023 12:03:46.692509890 CEST44349691172.217.168.13192.168.2.4
                                                            Jul 24, 2023 12:03:46.694509983 CEST44349691172.217.168.13192.168.2.4
                                                            Jul 24, 2023 12:03:46.694606066 CEST49691443192.168.2.4172.217.168.13
                                                            Jul 24, 2023 12:03:46.694628000 CEST44349691172.217.168.13192.168.2.4
                                                            Jul 24, 2023 12:03:46.694742918 CEST44349691172.217.168.13192.168.2.4
                                                            Jul 24, 2023 12:03:46.694793940 CEST49691443192.168.2.4172.217.168.13
                                                            Jul 24, 2023 12:03:46.701780081 CEST49691443192.168.2.4172.217.168.13
                                                            Jul 24, 2023 12:03:46.701811075 CEST44349691172.217.168.13192.168.2.4
                                                            Jul 24, 2023 12:03:48.023602009 CEST49694443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.023658991 CEST4434969435.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.023739100 CEST49694443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.029562950 CEST49694443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.029598951 CEST4434969435.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.030365944 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.030452013 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.030694008 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.030829906 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.030858040 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.191500902 CEST4434969435.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.192145109 CEST49694443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.192183018 CEST4434969435.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.192878962 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.193152905 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.193224907 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.194410086 CEST4434969435.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.194492102 CEST49694443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.194643974 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.194744110 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.308187962 CEST49694443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.308446884 CEST4434969435.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.308469057 CEST49694443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.312304974 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.312551022 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.352313042 CEST4434969435.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.359467030 CEST49694443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.359507084 CEST4434969435.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.433557034 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.433589935 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.459494114 CEST49694443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.494672060 CEST4434969435.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.494705915 CEST4434969435.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.494826078 CEST49694443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.494841099 CEST4434969435.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.494888067 CEST49694443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.631546021 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.657079935 CEST49694443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.657129049 CEST4434969435.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.707156897 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.752295971 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.779510021 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.779563904 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.779580116 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.779591084 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.779616117 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.779628992 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.779723883 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.779771090 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.779788971 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.779824018 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.779844999 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.779879093 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.792103052 CEST49695443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.792150021 CEST4434969535.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.993362904 CEST49696443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.993422985 CEST4434969635.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:48.993526936 CEST49696443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.993828058 CEST49696443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:48.993844986 CEST4434969635.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:49.113009930 CEST4434969635.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:49.124226093 CEST49696443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:49.124258041 CEST4434969635.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:49.124938011 CEST4434969635.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:49.259143114 CEST49696443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:49.259392977 CEST4434969635.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:49.260104895 CEST49696443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:49.293761015 CEST4434969635.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:49.293884039 CEST4434969635.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:49.293979883 CEST49696443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:49.402093887 CEST49696443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:49.402129889 CEST4434969635.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:49.893306017 CEST49697443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:49.893383980 CEST4434969735.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:49.897567034 CEST49697443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:49.898720980 CEST49697443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:49.898750067 CEST4434969735.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.023441076 CEST4434969735.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.025199890 CEST49697443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.025227070 CEST4434969735.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.025996923 CEST4434969735.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.029220104 CEST49697443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.029400110 CEST4434969735.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.029419899 CEST49697443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.072299957 CEST4434969735.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.075964928 CEST49699443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.076042891 CEST4434969935.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.076312065 CEST49699443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.076641083 CEST49699443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.076661110 CEST4434969935.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.086430073 CEST49700443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:03:50.086489916 CEST44349700172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:03:50.087050915 CEST49700443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:03:50.087404966 CEST49700443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:03:50.087424040 CEST44349700172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:03:50.120578051 CEST4434969735.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.120606899 CEST4434969735.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.121056080 CEST49697443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.121088982 CEST4434969735.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.122014999 CEST49697443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.142168999 CEST49697443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.142210960 CEST4434969735.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.145117998 CEST44349700172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:03:50.146255970 CEST49700443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:03:50.146297932 CEST44349700172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:03:50.147653103 CEST44349700172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:03:50.149427891 CEST49700443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:03:50.152709961 CEST49700443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:03:50.152930021 CEST44349700172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:03:50.197189093 CEST4434969935.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.201275110 CEST49699443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.201308966 CEST4434969935.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.201891899 CEST4434969935.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.202708960 CEST49699443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.202812910 CEST4434969935.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.202924967 CEST49699443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.244304895 CEST4434969935.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.262113094 CEST4434969935.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.269361973 CEST49699443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.273538113 CEST49700443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:03:50.273597002 CEST44349700172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:03:50.328280926 CEST49699443192.168.2.435.210.200.138
                                                            Jul 24, 2023 12:03:50.328344107 CEST4434969935.210.200.138192.168.2.4
                                                            Jul 24, 2023 12:03:50.373291016 CEST49700443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:03:54.107954025 CEST49714443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.108043909 CEST4434971413.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.108376026 CEST49714443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.113586903 CEST49714443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.113629103 CEST4434971413.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.190944910 CEST4434971413.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.204736948 CEST49714443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.204770088 CEST4434971413.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.206861973 CEST4434971413.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.207386017 CEST49714443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.221335888 CEST49714443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.221641064 CEST4434971413.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.221728086 CEST49714443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.268294096 CEST4434971413.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.359380007 CEST49714443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.359440088 CEST4434971413.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.459405899 CEST49714443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.731786966 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.731889963 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.732388020 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.732651949 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.732675076 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.794889927 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.795615911 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.795661926 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.797029972 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.797377110 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.799366951 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.799525976 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.799545050 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.799573898 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.840333939 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.840373039 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.841392994 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.841424942 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.841444016 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.841495991 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.842385054 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.843403101 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.856749058 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.856790066 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.857395887 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.857448101 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.857496023 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.857511997 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.857707977 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.857739925 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.858391047 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.859405994 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.859428883 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.860384941 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.873332024 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.873378038 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.873759985 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.873802900 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.874098063 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.874124050 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.874387980 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.874411106 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.874557972 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.875365973 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.875385046 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.876379967 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.876404047 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.877372980 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.877391100 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.878377914 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.879389048 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.880388021 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.883503914 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.889765978 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.889925003 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:54.890455008 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.891017914 CEST49728443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:54.891052008 CEST4434972813.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:58.249665022 CEST4434971413.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:58.254595041 CEST4434971413.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:03:58.254663944 CEST49714443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:59.647938967 CEST49714443192.168.2.413.107.246.60
                                                            Jul 24, 2023 12:03:59.648010969 CEST4434971413.107.246.60192.168.2.4
                                                            Jul 24, 2023 12:04:00.128886938 CEST44349700172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:04:00.128988981 CEST44349700172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:04:00.129106998 CEST49700443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:04:01.534898043 CEST49700443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:04:01.534959078 CEST44349700172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:04:50.394459009 CEST49783443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:04:50.394516945 CEST44349783172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:04:50.394627094 CEST49783443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:04:50.395333052 CEST49783443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:04:50.395356894 CEST44349783172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:04:50.446609020 CEST44349783172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:04:50.447345018 CEST49783443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:04:50.447376013 CEST44349783172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:04:50.449026108 CEST44349783172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:04:50.450135946 CEST49783443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:04:50.450339079 CEST44349783172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:04:50.492614031 CEST49783443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:05:00.439241886 CEST44349783172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:05:00.439363956 CEST44349783172.217.168.4192.168.2.4
                                                            Jul 24, 2023 12:05:00.439435959 CEST49783443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:05:02.148448944 CEST49783443192.168.2.4172.217.168.4
                                                            Jul 24, 2023 12:05:02.148499012 CEST44349783172.217.168.4192.168.2.4
                                                            TimestampSource PortDest PortSource IPDest IP
                                                            Jul 24, 2023 12:03:46.248605967 CEST6416753192.168.2.48.8.8.8
                                                            Jul 24, 2023 12:03:46.248780966 CEST5856553192.168.2.48.8.8.8
                                                            Jul 24, 2023 12:03:46.276735067 CEST53641678.8.8.8192.168.2.4
                                                            Jul 24, 2023 12:03:46.289695978 CEST53585658.8.8.8192.168.2.4
                                                            Jul 24, 2023 12:03:47.990031004 CEST6068653192.168.2.48.8.8.8
                                                            Jul 24, 2023 12:03:48.016709089 CEST53606868.8.8.8192.168.2.4
                                                            Jul 24, 2023 12:03:50.030704021 CEST5557053192.168.2.48.8.8.8
                                                            Jul 24, 2023 12:03:50.050173044 CEST53555708.8.8.8192.168.2.4
                                                            Jul 24, 2023 12:03:50.062798023 CEST6490653192.168.2.48.8.8.8
                                                            Jul 24, 2023 12:03:50.082581997 CEST53649068.8.8.8192.168.2.4
                                                            Jul 24, 2023 12:03:52.517102957 CEST6108853192.168.2.48.8.8.8
                                                            Jul 24, 2023 12:03:54.494548082 CEST4975053192.168.2.48.8.8.8
                                                            Jul 24, 2023 12:03:54.586575985 CEST6055053192.168.2.48.8.8.8
                                                            Jul 24, 2023 12:04:50.346494913 CEST5992653192.168.2.48.8.8.8
                                                            Jul 24, 2023 12:04:50.366260052 CEST53599268.8.8.8192.168.2.4
                                                            Jul 24, 2023 12:04:50.372370958 CEST6170953192.168.2.48.8.8.8
                                                            Jul 24, 2023 12:04:50.392366886 CEST53617098.8.8.8192.168.2.4

                                                            DNS Queries

                                                            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                            Jul 24, 2023 12:03:46.248605967 CEST192.168.2.48.8.8.80xb076Standard query (0)accounts.google.comA (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:46.248780966 CEST192.168.2.48.8.8.80xa2d9Standard query (0)clients2.google.comA (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:47.990031004 CEST192.168.2.48.8.8.80xcecbStandard query (0)scanner.topsec.comA (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:50.030704021 CEST192.168.2.48.8.8.80x11c3Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:50.062798023 CEST192.168.2.48.8.8.80x735aStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:52.517102957 CEST192.168.2.48.8.8.80x20ceStandard query (0)cdn.forms.office.netA (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:54.494548082 CEST192.168.2.48.8.8.80x65d3Standard query (0)lists.office.comA (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:54.586575985 CEST192.168.2.48.8.8.80xd30aStandard query (0)js.monitor.azure.comA (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:04:50.346494913 CEST192.168.2.48.8.8.80x2cdeStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:04:50.372370958 CEST192.168.2.48.8.8.80x5beaStandard query (0)www.google.comA (IP address)IN (0x0001)false

                                                            DNS Answers

                                                            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                            Jul 24, 2023 12:03:46.276735067 CEST8.8.8.8192.168.2.40xb076No error (0)accounts.google.com172.217.168.13A (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:46.289695978 CEST8.8.8.8192.168.2.40xa2d9No error (0)clients2.google.comclients.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                            Jul 24, 2023 12:03:46.289695978 CEST8.8.8.8192.168.2.40xa2d9No error (0)clients.l.google.com172.217.168.46A (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:48.016709089 CEST8.8.8.8192.168.2.40xcecbNo error (0)scanner.topsec.com35.210.200.138A (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:50.050173044 CEST8.8.8.8192.168.2.40x11c3No error (0)www.google.com172.217.168.4A (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:50.082581997 CEST8.8.8.8192.168.2.40x735aNo error (0)www.google.com172.217.168.4A (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:52.172396898 CEST8.8.8.8192.168.2.40xd21fNo error (0)forms.office.comforms.office.com.b-0039.b-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                            Jul 24, 2023 12:03:52.544469118 CEST8.8.8.8192.168.2.40x20ceNo error (0)cdn.forms.office.netcdn.forms.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                            Jul 24, 2023 12:03:54.073982954 CEST8.8.8.8192.168.2.40x6470No error (0)csp-afd-prod.azurefd.netstar-azurefd-prod.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                            Jul 24, 2023 12:03:54.073982954 CEST8.8.8.8192.168.2.40x6470No error (0)dual.part-0032.t-0009.t-msedge.netpart-0032.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                            Jul 24, 2023 12:03:54.073982954 CEST8.8.8.8192.168.2.40x6470No error (0)part-0032.t-0009.t-msedge.net13.107.246.60A (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:54.073982954 CEST8.8.8.8192.168.2.40x6470No error (0)part-0032.t-0009.t-msedge.net13.107.213.60A (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:54.482670069 CEST8.8.8.8192.168.2.40xe445No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                            Jul 24, 2023 12:03:54.549884081 CEST8.8.8.8192.168.2.40x65d3No error (0)lists.office.comprod.lists.office.com.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                            Jul 24, 2023 12:03:54.619663954 CEST8.8.8.8192.168.2.40xd30aNo error (0)js.monitor.azure.comaijscdn2.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                                            Jul 24, 2023 12:03:54.619663954 CEST8.8.8.8192.168.2.40xd30aNo error (0)dual.part-0032.t-0009.t-msedge.netpart-0032.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                            Jul 24, 2023 12:03:54.619663954 CEST8.8.8.8192.168.2.40xd30aNo error (0)part-0032.t-0009.t-msedge.net13.107.246.60A (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:03:54.619663954 CEST8.8.8.8192.168.2.40xd30aNo error (0)part-0032.t-0009.t-msedge.net13.107.213.60A (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:04:50.366260052 CEST8.8.8.8192.168.2.40x2cdeNo error (0)www.google.com172.217.168.4A (IP address)IN (0x0001)false
                                                            Jul 24, 2023 12:04:50.392366886 CEST8.8.8.8192.168.2.40x5beaNo error (0)www.google.com172.217.168.4A (IP address)IN (0x0001)false

                                                            HTTP Request Dependency Graph

                                                            • accounts.google.com
                                                            • clients2.google.com
                                                            • scanner.topsec.com
                                                            • https:
                                                              • js.monitor.azure.com

                                                            HTTPS Proxied Packets

                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                            0192.168.2.449691172.217.168.13443C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            TimestampkBytes transferredDirectionData
                                                            2023-07-24 10:03:46 UTC0OUTPOST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1
                                                            Host: accounts.google.com
                                                            Connection: keep-alive
                                                            Content-Length: 1
                                                            Origin: https://www.google.com
                                                            Content-Type: application/x-www-form-urlencoded
                                                            Sec-Fetch-Site: none
                                                            Sec-Fetch-Mode: no-cors
                                                            Sec-Fetch-Dest: empty
                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                                                            Accept-Encoding: gzip, deflate, br
                                                            Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                            2023-07-24 10:03:46 UTC0OUTData Raw: 20
                                                            Data Ascii:
                                                            2023-07-24 10:03:46 UTC2INHTTP/1.1 200 OK
                                                            Content-Type: application/json; charset=utf-8
                                                            Access-Control-Allow-Origin: https://www.google.com
                                                            Access-Control-Allow-Credentials: true
                                                            X-Content-Type-Options: nosniff
                                                            Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                            Pragma: no-cache
                                                            Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                            Date: Mon, 24 Jul 2023 10:03:46 GMT
                                                            Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                            Cross-Origin-Opener-Policy: same-origin
                                                            Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/IdentityListAccountsHttp/cspreport
                                                            Content-Security-Policy: script-src 'report-sample' 'nonce-B3bZij1sgOJ6BA_Pj9ViQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityListAccountsHttp/cspreport;worker-src 'self'
                                                            Content-Security-Policy: script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdentityListAccountsHttp/cspreport/allowlist
                                                            Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
                                                            Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                            Server: ESF
                                                            X-XSS-Protection: 0
                                                            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                            Accept-Ranges: none
                                                            Vary: Accept-Encoding
                                                            Connection: close
                                                            Transfer-Encoding: chunked
                                                            2023-07-24 10:03:46 UTC4INData Raw: 31 31 0d 0a 5b 22 67 61 69 61 2e 6c 2e 61 2e 72 22 2c 5b 5d 5d 0d 0a
                                                            Data Ascii: 11["gaia.l.a.r",[]]
                                                            2023-07-24 10:03:46 UTC4INData Raw: 30 0d 0a 0d 0a
                                                            Data Ascii: 0


                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                            1192.168.2.449692172.217.168.46443C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            TimestampkBytes transferredDirectionData
                                                            2023-07-24 10:03:46 UTC0OUTGET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=104.0.5112.81&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1
                                                            Host: clients2.google.com
                                                            Connection: keep-alive
                                                            X-Goog-Update-Interactivity: fg
                                                            X-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda
                                                            X-Goog-Update-Updater: chromecrx-104.0.5112.81
                                                            Sec-Fetch-Site: none
                                                            Sec-Fetch-Mode: no-cors
                                                            Sec-Fetch-Dest: empty
                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                                                            Accept-Encoding: gzip, deflate, br
                                                            Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                            2023-07-24 10:03:46 UTC1INHTTP/1.1 200 OK
                                                            Content-Security-Policy: script-src 'report-sample' 'nonce-7cM8wZtS_qvp8h1XVPIMXA' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
                                                            Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                            Pragma: no-cache
                                                            Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                            Date: Mon, 24 Jul 2023 10:03:46 GMT
                                                            Content-Type: text/xml; charset=UTF-8
                                                            X-Daynum: 6048
                                                            X-Daystart: 11026
                                                            X-Content-Type-Options: nosniff
                                                            X-Frame-Options: SAMEORIGIN
                                                            X-XSS-Protection: 1; mode=block
                                                            Server: GSE
                                                            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                            Accept-Ranges: none
                                                            Vary: Accept-Encoding
                                                            Connection: close
                                                            Transfer-Encoding: chunked
                                                            2023-07-24 10:03:46 UTC1INData Raw: 32 63 39 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 67 75 70 64 61 74 65 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 75 70 64 61 74 65 32 2f 72 65 73 70 6f 6e 73 65 22 20 70 72 6f 74 6f 63 6f 6c 3d 22 32 2e 30 22 20 73 65 72 76 65 72 3d 22 70 72 6f 64 22 3e 3c 64 61 79 73 74 61 72 74 20 65 6c 61 70 73 65 64 5f 64 61 79 73 3d 22 36 30 34 38 22 20 65 6c 61 70 73 65 64 5f 73 65 63 6f 6e 64 73 3d 22 31 31 30 32 36 22 2f 3e 3c 61 70 70 20 61 70 70 69 64 3d 22 6e 6d 6d 68 6b 6b 65 67 63 63 61 67 64 6c 64 67 69 69 6d 65 64 70 69 63 63 6d 67 6d 69 65 64 61 22 20 63 6f 68 6f 72 74 3d 22 31 3a 3a 22 20 63 6f 68 6f 72 74 6e 61 6d 65 3d 22 22
                                                            Data Ascii: 2c9<?xml version="1.0" encoding="UTF-8"?><gupdate xmlns="http://www.google.com/update2/response" protocol="2.0" server="prod"><daystart elapsed_days="6048" elapsed_seconds="11026"/><app appid="nmmhkkegccagdldgiimedpiccmgmieda" cohort="1::" cohortname=""
                                                            2023-07-24 10:03:46 UTC2INData Raw: 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 68 61 73 68 5f 73 68 61 32 35 36 3d 22 38 31 65 33 61 34 64 34 33 61 37 33 36 39 39 65 31 62 37 37 38 31 37 32 33 66 35 36 62 38 37 31 37 31 37 35 63 35 33 36 36 38 35 63 35 34 35 30 31 32 32 62 33 30 37 38 39 34 36 34 61 64 38 32 22 20 70 72 6f 74 65 63 74 65 64 3d 22 30 22 20 73 69 7a 65 3d 22 32 34 38 35 33 31 22 20 73 74 61 74 75 73 3d 22 6f 6b 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 2e 30 2e 36 22 2f 3e 3c 2f 61 70 70 3e 3c 2f 67 75 70 64 61 74 65 3e 0d 0a
                                                            Data Ascii: 723f56b8717175c536685c5450122b30789464ad82" hash_sha256="81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82" protected="0" size="248531" status="ok" version="1.0.0.6"/></app></gupdate>
                                                            2023-07-24 10:03:46 UTC2INData Raw: 30 0d 0a 0d 0a
                                                            Data Ascii: 0


                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                            2192.168.2.44969435.210.200.138443C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            TimestampkBytes transferredDirectionData
                                                            2023-07-24 10:03:48 UTC4OUTGET /?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=179241079d016688075724fcdc7f1607ffd17a7f HTTP/1.1
                                                            Host: scanner.topsec.com
                                                            Connection: keep-alive
                                                            sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                                                            sec-ch-ua-mobile: ?0
                                                            sec-ch-ua-platform: "Windows"
                                                            Upgrade-Insecure-Requests: 1
                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                                                            Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                            Sec-Fetch-Site: none
                                                            Sec-Fetch-Mode: navigate
                                                            Sec-Fetch-User: ?1
                                                            Sec-Fetch-Dest: document
                                                            Accept-Encoding: gzip, deflate, br
                                                            Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                            2023-07-24 10:03:48 UTC5INHTTP/1.1 200 OK
                                                            Server: nginx/1.18.0
                                                            Date: Mon, 24 Jul 2023 10:03:48 GMT
                                                            Content-Type: text/html; charset=utf-8
                                                            Content-Length: 1715
                                                            Connection: close
                                                            2023-07-24 10:03:48 UTC5INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 0a 20 20 3c 68 65 61 64 3e 0a 20 20 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 20 20 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 54 6f 70 73 65 63 20 55 52 4c 20 53 63 61 6e 6e 69 6e 67 20 53 79 73 74 65 6d 22 3e 0a 0a 20 20 09 3c 74 69 74 6c 65 3e 54 6f 70 73 65 63 20 55 52 4c 20 53 63 61 6e 6e 65 72 3c 2f 74 69 74 6c 65 3e 0a 0a 20 20 09 3c
                                                            Data Ascii: <!DOCTYPE html><html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content="Topsec URL Scanning System"> <title>Topsec URL Scanner</title> <


                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                            3192.168.2.44969535.210.200.138443C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            TimestampkBytes transferredDirectionData
                                                            2023-07-24 10:03:48 UTC6OUTGET /images/topsec_logo.png HTTP/1.1
                                                            Host: scanner.topsec.com
                                                            Connection: keep-alive
                                                            sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                                                            sec-ch-ua-mobile: ?0
                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                                                            sec-ch-ua-platform: "Windows"
                                                            Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                            Sec-Fetch-Site: same-origin
                                                            Sec-Fetch-Mode: no-cors
                                                            Sec-Fetch-Dest: image
                                                            Referer: https://scanner.topsec.com/?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=179241079d016688075724fcdc7f1607ffd17a7f
                                                            Accept-Encoding: gzip, deflate, br
                                                            Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                            2023-07-24 10:03:48 UTC7INHTTP/1.1 200 OK
                                                            Server: nginx/1.18.0
                                                            Date: Mon, 24 Jul 2023 10:03:48 GMT
                                                            Content-Type: image/png
                                                            Content-Length: 15571
                                                            Last-Modified: Fri, 20 Sep 2019 11:43:12 GMT
                                                            Connection: close
                                                            ETag: "5d84bb50-3cd3"
                                                            Expires: Thu, 31 Dec 2037 23:55:55 GMT
                                                            Cache-Control: max-age=315360000
                                                            Pragma: public
                                                            Cache-control: public, must-validate, proxy-revalidate
                                                            Accept-Ranges: bytes
                                                            2023-07-24 10:03:48 UTC8INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 28 00 00 00 62 08 02 00 00 00 6c d1 d9 f0 00 00 0a 4f 69 43 43 50 50 68 6f 74 6f 73 68 6f 70 20 49 43 43 20 70 72 6f 66 69 6c 65 00 00 78 da 9d 53 67 54 53 e9 16 3d f7 de f4 42 4b 88 80 94 4b 6f 52 15 08 20 52 42 8b 80 14 91 26 2a 21 09 10 4a 88 21 a1 d9 15 51 c1 11 45 45 04 1b c8 a0 88 03 8e 8e 80 8c 15 51 2c 0c 8a 0a d8 07 e4 21 a2 8e 83 a3 88 8a ca fb e1 7b a3 6b d6 bc f7 e6 cd fe b5 d7 3e e7 ac f3 9d b3 cf 07 c0 08 0c 96 48 33 51 35 80 0c a9 42 1e 11 e0 83 c7 c4 c6 e1 e4 2e 40 81 0a 24 70 00 10 08 b3 64 21 73 fd 23 01 00 f8 7e 3c 3c 2b 22 c0 07 be 00 01 78 d3 0b 08 00 c0 4d 9b c0 30 1c 87 ff 0f ea 42 99 5c 01 80 84 01 c0 74 91 38 4b 08 80 14 00 40 7a 8e 42 a6 00 40 46 01 80 9d 98 26 53 00 a0 04
                                                            Data Ascii: PNGIHDR(blOiCCPPhotoshop ICC profilexSgTS=BKKoR RB&*!J!QEEQ,!{k>H3Q5B.@$pd!s#~<<+"xM0B\t8K@zB@F&S


                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                            4192.168.2.44969635.210.200.138443C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            TimestampkBytes transferredDirectionData
                                                            2023-07-24 10:03:49 UTC23OUTGET /favico.png HTTP/1.1
                                                            Host: scanner.topsec.com
                                                            Connection: keep-alive
                                                            sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                                                            sec-ch-ua-mobile: ?0
                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                                                            sec-ch-ua-platform: "Windows"
                                                            Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                            Sec-Fetch-Site: same-origin
                                                            Sec-Fetch-Mode: no-cors
                                                            Sec-Fetch-Dest: image
                                                            Referer: https://scanner.topsec.com/?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=179241079d016688075724fcdc7f1607ffd17a7f
                                                            Accept-Encoding: gzip, deflate, br
                                                            Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                            2023-07-24 10:03:49 UTC24INHTTP/1.1 200 OK
                                                            Server: nginx/1.18.0
                                                            Date: Mon, 24 Jul 2023 10:03:49 GMT
                                                            Content-Type: image/png
                                                            Content-Length: 526
                                                            Last-Modified: Mon, 08 Jul 2019 14:07:28 GMT
                                                            Connection: close
                                                            ETag: "5d234e20-20e"
                                                            Expires: Thu, 31 Dec 2037 23:55:55 GMT
                                                            Cache-Control: max-age=315360000
                                                            Pragma: public
                                                            Cache-control: public, must-validate, proxy-revalidate
                                                            Accept-Ranges: bytes
                                                            2023-07-24 10:03:49 UTC24INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 10 00 00 00 10 08 03 00 00 00 28 2d 0f 53 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 69 50 4c 54 45 00 00 00 00 5a 9c 00 5a 9c 00 5a 9c 00 5a 9c 00 5a 9c 53 9d d2 00 5a 9c 00 5a 9c 00 5a 9c 00 5a 9c 00 5a 9c 00 5a 9c 18 6d ac 37 87 c0 68 ae e0 15 6b aa 09 62 a2 53 9d d2 68 ae e0 68 ae e0 17 6d ab 0a 62 a3 45 92 c9 1f 73 b0 00 5a 9c 00 5a 9c 07 5f a0 4e 99 cf 14 6a a9 55 9e d3 68 ae e0 41 8f c7 34 84 be ff ff ff cd 47 43 54 00 00 00 1a 74 52 4e 53 00 10 af bf 8f cf 9f 30 9f ef 60 20 40 cf ef cf ef af ef ef df 8f 9f 8f 9f 70 59 19 f0 0a 00 00 00 01 62 4b 47
                                                            Data Ascii: PNGIHDR(-SgAMAa cHRMz&u0`:pQ<iPLTEZZZZZSZZZZZZm7hkbShhmbEsZZ_NjUhA4GCTtRNS0` @pYbKG


                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                            5192.168.2.44969735.210.200.138443C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            TimestampkBytes transferredDirectionData
                                                            2023-07-24 10:03:50 UTC25OUTGET /images/topsec_logo.png HTTP/1.1
                                                            Host: scanner.topsec.com
                                                            Connection: keep-alive
                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                                                            Accept: */*
                                                            Sec-Fetch-Site: none
                                                            Sec-Fetch-Mode: cors
                                                            Sec-Fetch-Dest: empty
                                                            Accept-Encoding: gzip, deflate, br
                                                            Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                            2023-07-24 10:03:50 UTC25INHTTP/1.1 200 OK
                                                            Server: nginx/1.18.0
                                                            Date: Mon, 24 Jul 2023 10:03:50 GMT
                                                            Content-Type: image/png
                                                            Content-Length: 15571
                                                            Last-Modified: Fri, 20 Sep 2019 11:43:12 GMT
                                                            Connection: close
                                                            ETag: "5d84bb50-3cd3"
                                                            Expires: Thu, 31 Dec 2037 23:55:55 GMT
                                                            Cache-Control: max-age=315360000
                                                            Pragma: public
                                                            Cache-control: public, must-validate, proxy-revalidate
                                                            Accept-Ranges: bytes
                                                            2023-07-24 10:03:50 UTC25INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 28 00 00 00 62 08 02 00 00 00 6c d1 d9 f0 00 00 0a 4f 69 43 43 50 50 68 6f 74 6f 73 68 6f 70 20 49 43 43 20 70 72 6f 66 69 6c 65 00 00 78 da 9d 53 67 54 53 e9 16 3d f7 de f4 42 4b 88 80 94 4b 6f 52 15 08 20 52 42 8b 80 14 91 26 2a 21 09 10 4a 88 21 a1 d9 15 51 c1 11 45 45 04 1b c8 a0 88 03 8e 8e 80 8c 15 51 2c 0c 8a 0a d8 07 e4 21 a2 8e 83 a3 88 8a ca fb e1 7b a3 6b d6 bc f7 e6 cd fe b5 d7 3e e7 ac f3 9d b3 cf 07 c0 08 0c 96 48 33 51 35 80 0c a9 42 1e 11 e0 83 c7 c4 c6 e1 e4 2e 40 81 0a 24 70 00 10 08 b3 64 21 73 fd 23 01 00 f8 7e 3c 3c 2b 22 c0 07 be 00 01 78 d3 0b 08 00 c0 4d 9b c0 30 1c 87 ff 0f ea 42 99 5c 01 80 84 01 c0 74 91 38 4b 08 80 14 00 40 7a 8e 42 a6 00 40 46 01 80 9d 98 26 53 00 a0 04
                                                            Data Ascii: PNGIHDR(blOiCCPPhotoshop ICC profilexSgTS=BKKoR RB&*!J!QEEQ,!{k>H3Q5B.@$pd!s#~<<+"xM0B\t8K@zB@F&S


                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                            6192.168.2.44969935.210.200.138443C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            TimestampkBytes transferredDirectionData
                                                            2023-07-24 10:03:50 UTC40OUTGET /favico.png HTTP/1.1
                                                            Host: scanner.topsec.com
                                                            Connection: keep-alive
                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                                                            Accept: */*
                                                            Sec-Fetch-Site: none
                                                            Sec-Fetch-Mode: cors
                                                            Sec-Fetch-Dest: empty
                                                            Accept-Encoding: gzip, deflate, br
                                                            Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                            2023-07-24 10:03:50 UTC41INHTTP/1.1 200 OK
                                                            Server: nginx/1.18.0
                                                            Date: Mon, 24 Jul 2023 10:03:50 GMT
                                                            Content-Type: image/png
                                                            Content-Length: 526
                                                            Last-Modified: Mon, 08 Jul 2019 14:07:28 GMT
                                                            Connection: close
                                                            ETag: "5d234e20-20e"
                                                            Expires: Thu, 31 Dec 2037 23:55:55 GMT
                                                            Cache-Control: max-age=315360000
                                                            Pragma: public
                                                            Cache-control: public, must-validate, proxy-revalidate
                                                            Accept-Ranges: bytes
                                                            2023-07-24 10:03:50 UTC41INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 10 00 00 00 10 08 03 00 00 00 28 2d 0f 53 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 69 50 4c 54 45 00 00 00 00 5a 9c 00 5a 9c 00 5a 9c 00 5a 9c 00 5a 9c 53 9d d2 00 5a 9c 00 5a 9c 00 5a 9c 00 5a 9c 00 5a 9c 00 5a 9c 18 6d ac 37 87 c0 68 ae e0 15 6b aa 09 62 a2 53 9d d2 68 ae e0 68 ae e0 17 6d ab 0a 62 a3 45 92 c9 1f 73 b0 00 5a 9c 00 5a 9c 07 5f a0 4e 99 cf 14 6a a9 55 9e d3 68 ae e0 41 8f c7 34 84 be ff ff ff cd 47 43 54 00 00 00 1a 74 52 4e 53 00 10 af bf 8f cf 9f 30 9f ef 60 20 40 cf ef cf ef af ef ef df 8f 9f 8f 9f 70 59 19 f0 0a 00 00 00 01 62 4b 47
                                                            Data Ascii: PNGIHDR(-SgAMAa cHRMz&u0`:pQ<iPLTEZZZZZSZZZZZZm7hkbShhmbEsZZ_NjUhA4GCTtRNS0` @pYbKG


                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                            7192.168.2.44971413.107.246.60443C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            TimestampkBytes transferredDirectionData
                                                            2023-07-24 10:03:54 UTC42OUTOPTIONS /report/Forms-PROD HTTP/1.1
                                                            Host: csp.microsoft.com
                                                            Connection: keep-alive
                                                            Origin: https://forms.microsoft.com
                                                            Access-Control-Request-Method: POST
                                                            Access-Control-Request-Headers: content-type
                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                                                            Accept-Encoding: gzip, deflate, br
                                                            Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                            2023-07-24 10:03:58 UTC223INHTTP/1.1 504 Gateway Time-out
                                                            Date: Mon, 24 Jul 2023 10:03:58 GMT
                                                            Content-Type: text/html
                                                            Content-Length: 1379
                                                            Connection: close
                                                            Cache-Control: no-store
                                                            x-azure-ref: 20230724T100354Z-kkcnhp3wqd7sb4mhaywwe3r10n00000003r00000000059y1
                                                            X-Cache: CONFIG_NOCACHE
                                                            2023-07-24 10:03:58 UTC223INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 27 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 27 20 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 27 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 27 3e 0a 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 27 20 68 74 74 70 2d 65 71 75 69 76 3d 27 63 6f 6e 74 65 6e 74 2d 74 79 70 65 27 20 2f 3e 0a 20 20 20 20 3c 73 74
                                                            Data Ascii: <!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'><html xmlns='http://www.w3.org/1999/xhtml'><head> <meta content='text/html; charset=utf-8' http-equiv='content-type' /> <st


                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                            8192.168.2.44972813.107.246.60443C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            TimestampkBytes transferredDirectionData
                                                            2023-07-24 10:03:54 UTC42OUTGET /scripts/c/ms.jsll-3.min.js HTTP/1.1
                                                            Host: js.monitor.azure.com
                                                            Connection: keep-alive
                                                            sec-ch-ua: "Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104"
                                                            sec-ch-ua-mobile: ?0
                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
                                                            sec-ch-ua-platform: "Windows"
                                                            Accept: */*
                                                            Sec-Fetch-Site: cross-site
                                                            Sec-Fetch-Mode: no-cors
                                                            Sec-Fetch-Dest: script
                                                            Referer: https://forms.microsoft.com/
                                                            Accept-Encoding: gzip, deflate, br
                                                            Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                            2023-07-24 10:03:54 UTC43INHTTP/1.1 200 OK
                                                            Date: Mon, 24 Jul 2023 10:03:54 GMT
                                                            Content-Type: text/javascript; charset=utf-8
                                                            Content-Length: 183854
                                                            Connection: close
                                                            Vary: Accept-Encoding
                                                            Vary: Accept-Encoding
                                                            Vary: Accept-Encoding
                                                            Vary: Accept-Encoding
                                                            Cache-Control: public, max-age=1800, immutable, no-transform
                                                            Last-Modified: Thu, 01 Jun 2023 18:03:06 GMT
                                                            ETag: 0x8DB62CA73C6BBDB
                                                            x-ms-request-id: 289cf4f3-901e-000f-65c9-b51194000000
                                                            x-ms-version: 2009-09-19
                                                            x-ms-meta-jssdkver: 3.2.12
                                                            x-ms-meta-jssdksrc: [cdn]/scripts/c/ms.jsll-3.2.12.min.js
                                                            Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                            Access-Control-Allow-Origin: *
                                                            x-azure-ref: 20230724T100354Z-nhdcrgzn5p3z1csgf21grks2vc00000001ug00000002kbkv
                                                            X-Cache: TCP_HIT
                                                            Accept-Ranges: bytes
                                                            2023-07-24 10:03:54 UTC44INData Raw: 2f 2a 21 0a 20 2a 20 31 44 53 20 4a 53 4c 4c 20 53 4b 55 2c 20 33 2e 32 2e 31 32 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 4d 69 63 72 6f 73 6f 66 74 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0a 20 2a 20 28 4d 69 63 72 6f 73 6f 66 74 20 49 6e 74 65 72 6e 61 6c 20 4f 6e 6c 79 29 0a 20 2a 2f 0a 76 61 72 20 65 3d 74 68 69 73 2c 74 3d 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 66 3d 22 66 75 6e 63 74 69 6f 6e 22 2c 64 3d 22 6f 62 6a 65 63 74 22 2c 66 65 3d 22 75 6e 64 65 66 69 6e 65 64 22 2c 7a 3d 22 70 72 6f 74 6f 74 79 70 65 22 2c 67 3d 22 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 22 2c 6d 3d 4f 62 6a 65 63 74 2c 79 3d 6d 5b 7a
                                                            Data Ascii: /*! * 1DS JSLL SKU, 3.2.12 * Copyright (c) Microsoft and contributors. All rights reserved. * (Microsoft Internal Only) */var e=this,t=function(l){"use strict";var f="function",d="object",fe="undefined",z="prototype",g="hasOwnProperty",m=Object,y=m[z
                                                            2023-07-24 10:03:54 UTC59INData Raw: 6e 21 65 7c 7c 65 2e 69 73 45 6e 61 62 6c 65 64 28 29 7d 66 75 6e 63 74 69 6f 6e 20 67 69 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 74 26 26 65 26 26 46 28 65 2e 69 67 6e 6f 72 65 43 6f 6f 6b 69 65 73 29 26 26 2d 31 21 3d 3d 65 2e 69 67 6e 6f 72 65 43 6f 6f 6b 69 65 73 5b 6b 5d 28 74 29 7d 66 75 6e 63 74 69 6f 6e 20 76 69 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3b 72 65 74 75 72 6e 20 65 3f 6e 3d 65 2e 67 65 74 43 6f 6f 6b 69 65 4d 67 72 28 29 3a 74 26 26 28 6e 3d 74 5b 41 5d 5b 6f 69 5d 7c 7c 68 69 28 74 29 29 2c 6e 7c 7c 28 65 3d 28 65 7c 7c 7b 7d 29 5b 79 65 5d 2c 28 72 3d 68 69 5b 6f 69 5d 7c 7c 64 69 5b 6f 69 5d 29 7c 7c 28 72 3d 68 69 5b 6f 69 5d 3d 68 69 28 74 2c 65 29 2c 64 69 5b 6f 69 5d 3d 72 29 2c 6e 3d 72 29 2c 6e 7d 66 75 6e 63 74 69 6f 6e 20 68
                                                            Data Ascii: n!e||e.isEnabled()}function gi(e,t){return t&&e&&F(e.ignoreCookies)&&-1!==e.ignoreCookies[k](t)}function vi(e,t){var n,r;return e?n=e.getCookieMgr():t&&(n=t[A][oi]||hi(t)),n||(e=(e||{})[ye],(r=hi[oi]||di[oi])||(r=hi[oi]=hi(t,e),di[oi]=r),n=r),n}function h
                                                            2023-07-24 10:03:54 UTC75INData Raw: 26 76 5b 76 65 5d 28 29 3f 6d 28 29 5b 56 5d 28 65 29 3a 72 5b 4c 5d 28 65 29 7d 2c 76 5b 62 65 5d 3d 6d 2c 76 5b 70 65 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3b 72 65 74 75 72 6e 20 69 7c 7c 28 69 3d 71 28 28 28 65 3d 7b 7d 29 5b 54 65 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 7d 2c 65 5b 49 65 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 7d 2c 65 5b 72 74 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 7d 2c 65 5b 69 74 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 7d 2c 65 5b 61 74 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 7d 2c 65 29 29 2c 76 5b 4c 61 5d 3d 69 29 2c 69 7d 2c 76 5b 54 65 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 26 26 69 5b 54 65 5d 28 65 29 7d 2c 76 5b 49 65 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 26 26 69 5b 49
                                                            Data Ascii: &v[ve]()?m()[V](e):r[L](e)},v[be]=m,v[pe]=function(){var e;return i||(i=q(((e={})[Te]=function(e){},e[Ie]=function(e){},e[rt]=function(e){},e[it]=function(e,t){},e[at]=function(e,t){},e)),v[La]=i),i},v[Te]=function(e){i&&i[Te](e)},v[Ie]=function(e){i&&i[I
                                                            2023-07-24 10:03:54 UTC91INData Raw: 6e 28 65 2c 74 2c 6e 2c 72 2c 69 2c 61 2c 6f 2c 73 29 7b 76 61 72 20 63 3d 4b 73 28 69 7c 7c 61 7c 7c 65 29 2c 75 3d 7b 7d 3b 72 65 74 75 72 6e 20 75 5b 4d 6f 5d 3d 71 73 28 65 2c 63 29 2c 75 2e 75 72 6c 3d 74 2c 75 2e 6c 69 6e 65 4e 75 6d 62 65 72 3d 6e 2c 75 2e 63 6f 6c 75 6d 6e 4e 75 6d 62 65 72 3d 72 2c 75 2e 65 72 72 6f 72 3d 57 73 28 69 7c 7c 61 7c 7c 65 29 2c 75 2e 65 76 74 3d 57 73 28 61 7c 7c 65 29 2c 75 5b 6a 6f 5d 3d 63 2c 75 2e 73 74 61 63 6b 44 65 74 61 69 6c 73 3d 6a 73 28 6f 7c 7c 69 7c 7c 61 29 2c 75 2e 65 72 72 6f 72 53 72 63 3d 73 2c 75 7d 2c 58 73 2e 43 72 65 61 74 65 46 72 6f 6d 49 6e 74 65 72 66 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 2c 72 29 7b 76 61 72 20 69 3d 65 5b 48 6f 5d 26 26 4b 74 28 65 5b 48 6f 5d 2c 66 75 6e
                                                            Data Ascii: n(e,t,n,r,i,a,o,s){var c=Ks(i||a||e),u={};return u[Mo]=qs(e,c),u.url=t,u.lineNumber=n,u.columnNumber=r,u.error=Ws(i||a||e),u.evt=Ws(a||e),u[jo]=c,u.stackDetails=js(o||i||a),u.errorSrc=s,u},Xs.CreateFromInterface=function(t,e,n,r){var i=e[Ho]&&Kt(e[Ho],fun
                                                            2023-07-24 10:03:54 UTC107INData Raw: 7b 74 72 79 7b 76 61 72 20 74 3b 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 26 26 28 65 3d 28 74 3d 6f 65 28 29 29 26 26 74 2e 74 69 74 6c 65 7c 7c 22 22 29 2c 41 2e 73 74 61 72 74 28 65 29 7d 63 61 74 63 68 28 6e 29 7b 64 28 31 2c 33 31 2c 22 73 74 61 72 74 54 72 61 63 6b 50 61 67 65 20 66 61 69 6c 65 64 2c 20 70 61 67 65 20 76 69 65 77 20 6d 61 79 20 6e 6f 74 20 62 65 20 63 6f 6c 6c 65 63 74 65 64 3a 20 22 2b 68 28 6e 29 2c 7b 65 78 63 65 70 74 69 6f 6e 3a 73 65 28 6e 29 7d 29 7d 7d 2c 53 2e 73 74 6f 70 54 72 61 63 6b 50 61 67 65 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 29 7b 74 72 79 7b 76 61 72 20 69 2c 61 3b 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 26 26 28 65 3d 28 69 3d 6f 65 28 29 29 26 26 69 2e 74 69 74 6c 65 7c
                                                            Data Ascii: {try{var t;"string"!=typeof e&&(e=(t=oe())&&t.title||""),A.start(e)}catch(n){d(1,31,"startTrackPage failed, page view may not be collected: "+h(n),{exception:se(n)})}},S.stopTrackPage=function(e,t,n,r){try{var i,a;"string"!=typeof e&&(e=(i=oe())&&i.title|
                                                            2023-07-24 10:03:54 UTC123INData Raw: 65 74 43 6f 6e 74 65 6e 74 46 6f 72 6d 61 74 74 65 64 28 73 29 2c 6e 2e 74 69 6d 65 54 6f 41 63 74 69 6f 6e 3d 74 68 69 73 2e 5f 67 65 74 54 69 6d 65 54 6f 43 6c 69 63 6b 28 29 2c 6e 2e 72 65 66 55 72 69 3d 75 65 28 74 2e 72 65 66 55 72 69 29 3f 74 2e 72 65 66 55 72 69 3a 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2e 63 6f 72 65 44 61 74 61 2e 72 65 66 65 72 72 65 72 55 72 69 2c 58 75 28 74 68 69 73 2e 5f 63 6f 6e 66 69 67 2c 74 68 69 73 2e 5f 74 72 61 63 65 4c 6f 67 67 65 72 29 29 3b 72 26 26 28 6e 2e 63 6f 6f 6b 69 65 73 3d 72 29 2c 74 68 69 73 2e 74 72 61 63 6b 50 61 67 65 41 63 74 69 6f 6e 28 61 2c 6e 29 7d 2c 61 6c 2e 70 72 6f 74 6f 74 79 70 65 2e 5f 67 65 74 43 75 73 74 6f 6d 54 61 67 73 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 2c
                                                            Data Ascii: etContentFormatted(s),n.timeToAction=this._getTimeToClick(),n.refUri=ue(t.refUri)?t.refUri:this._config.coreData.referrerUri,Xu(this._config,this._traceLogger));r&&(n.cookies=r),this.trackPageAction(a,n)},al.prototype._getCustomTags=function(e){for(var t,
                                                            2023-07-24 10:03:54 UTC139INData Raw: 30 2c 6d 2e 74 72 61 63 6b 50 61 67 65 55 6e 6c 6f 61 64 28 65 2c 74 29 29 7d 2c 66 2e 63 61 70 74 75 72 65 50 61 67 65 55 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 7c 7c 28 69 3d 21 30 2c 6d 2e 63 61 70 74 75 72 65 50 61 67 65 55 6e 6c 6f 61 64 28 65 2c 74 29 29 7d 2c 66 2e 5f 70 6f 70 75 6c 61 74 65 50 61 67 65 56 69 65 77 50 65 72 66 6f 72 6d 61 6e 63 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 66 2e 5f 70 61 67 65 56 69 65 77 50 65 72 66 6f 72 6d 61 6e 63 65 4d 61 6e 61 67 65 72 3b 74 26 26 74 2e 70 6f 70 75 6c 61 74 65 50 61 67 65 56 69 65 77 50 65 72 66 6f 72 6d 61 6e 63 65 45 76 65 6e 74 28 65 29 7d 2c 66 2e 73 65 74 43 6f 6e 74 65 6e 74 48 61 6e 64 6c 65 72 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 45 3d 65 7d 2c
                                                            Data Ascii: 0,m.trackPageUnload(e,t))},f.capturePageUnload=function(e,t){i||(i=!0,m.capturePageUnload(e,t))},f._populatePageViewPerformance=function(e){var t=f._pageViewPerformanceManager;t&&t.populatePageViewPerformanceEvent(e)},f.setContentHandler=function(e){E=e},
                                                            2023-07-24 10:03:54 UTC155INData Raw: 65 6e 64 28 65 2e 64 61 74 61 29 3a 78 2e 73 65 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 2e 73 65 6e 64 28 65 2e 64 61 74 61 29 7d 2c 30 29 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 65 2c 69 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 65 2e 75 72 6c 53 74 72 69 6e 67 2c 61 3d 21 31 2c 6f 3d 21 31 3b 28 6e 3d 7b 62 6f 64 79 3a 65 2e 64 61 74 61 2c 6d 65 74 68 6f 64 3a 47 6c 7d 29 2e 4d 69 63 72 6f 73 6f 66 74 5f 41 70 70 6c 69 63 61 74 69 6f 6e 49 6e 73 69 67 68 74 73 5f 42 79 70 61 73 73 41 6a 61 78 49 6e 73 74 72 75 6d 65 6e 74 61 74 69 6f 6e 3d 21 30 3b 74 26 26 28 6e 2e 6b 65 65 70 61 6c 69 76 65 3d 21 30 2c 32 3d 3d 3d 65 2e 5f 73 65 6e 64 52 65 61 73 6f 6e 29 26 26 28 61 3d 21 30 2c 52 29 26 26 28 72 2b 3d 77 66 29 2c 73 26 26 28 6e 2e 63 72 65 64 65 6e 74 69 61
                                                            Data Ascii: end(e.data):x.set(function(){r.send(e.data)},0)}function o(e,i,t){var n,r=e.urlString,a=!1,o=!1;(n={body:e.data,method:Gl}).Microsoft_ApplicationInsights_BypassAjaxInstrumentation=!0;t&&(n.keepalive=!0,2===e._sendReason)&&(a=!0,R)&&(r+=wf),s&&(n.credentia
                                                            2023-07-24 10:03:54 UTC171INData Raw: 74 72 61 63 65 22 5d 2c 57 65 62 45 78 74 3a 5b 33 2c 22 77 65 62 22 5d 2c 41 70 70 45 78 74 3a 5b 34 2c 22 61 70 70 22 5d 2c 4f 53 45 78 74 3a 5b 35 2c 22 6f 73 22 5d 2c 53 64 6b 45 78 74 3a 5b 36 2c 22 73 64 6b 22 5d 2c 49 6e 74 57 65 62 45 78 74 3a 5b 37 2c 22 69 6e 74 77 65 62 22 5d 2c 55 74 63 45 78 74 3a 5b 38 2c 22 75 74 63 22 5d 2c 4c 6f 63 45 78 74 3a 5b 39 2c 22 6c 6f 63 22 5d 2c 43 6c 6f 75 64 45 78 74 3a 5b 31 30 2c 22 63 6c 6f 75 64 22 5d 2c 44 74 45 78 74 3a 5b 31 31 2c 22 64 74 22 5d 7d 29 2c 24 66 3d 63 6e 28 7b 69 64 3a 5b 30 2c 22 69 64 22 5d 2c 76 65 72 3a 5b 31 2c 22 76 65 72 22 5d 2c 61 70 70 4e 61 6d 65 3a 5b 32 2c 68 63 5d 2c 6c 6f 63 61 6c 65 3a 5b 33 2c 22 6c 6f 63 61 6c 65 22 5d 2c 65 78 70 49 64 3a 5b 34 2c 22 65 78 70 49 64 22
                                                            Data Ascii: trace"],WebExt:[3,"web"],AppExt:[4,"app"],OSExt:[5,"os"],SdkExt:[6,"sdk"],IntWebExt:[7,"intweb"],UtcExt:[8,"utc"],LocExt:[9,"loc"],CloudExt:[10,"cloud"],DtExt:[11,"dt"]}),$f=cn({id:[0,"id"],ver:[1,"ver"],appName:[2,hc],locale:[3,"locale"],expId:[4,"expId"
                                                            2023-07-24 10:03:54 UTC187INData Raw: 65 78 74 22 2c 59 70 3d 22 70 65 72 66 4d 61 72 6b 22 2c 24 70 3d 22 6e 61 6d 65 22 2c 5a 70 3d 22 70 65 72 66 54 69 6d 69 6e 67 22 2c 65 67 3d 22 61 6a 61 78 54 6f 74 61 6c 44 75 72 61 74 69 6f 6e 22 2c 74 67 3d 22 65 76 65 6e 74 54 72 61 63 65 43 74 78 22 3b 66 75 6e 63 74 69 6f 6e 20 6e 67 28 65 2c 74 2c 6e 29 7b 74 3d 65 5b 74 5d 2c 6e 3d 65 5b 6e 5d 3b 72 65 74 75 72 6e 20 74 26 26 6e 3f 41 73 28 74 2c 6e 29 3a 30 7d 66 75 6e 63 74 69 6f 6e 20 72 67 28 65 2c 74 2c 6e 2c 72 2c 69 29 7b 6e 3d 6e 67 28 6e 2c 72 2c 69 29 3b 72 65 74 75 72 6e 20 6e 3f 69 67 28 65 2c 74 2c 6f 73 28 6e 29 29 3a 30 7d 66 75 6e 63 74 69 6f 6e 20 69 67 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3d 30 3b 72 65 74 75 72 6e 20 65 26 26 74 26 26 6e 26 26 28 28 65 2e 61 6a 61 78 50 65
                                                            Data Ascii: ext",Yp="perfMark",$p="name",Zp="perfTiming",eg="ajaxTotalDuration",tg="eventTraceCtx";function ng(e,t,n){t=e[t],n=e[n];return t&&n?As(t,n):0}function rg(e,t,n,r,i){n=ng(n,r,i);return n?ig(e,t,os(n)):0}function ig(e,t,n){var r=0;return e&&t&&n&&((e.ajaxPe
                                                            2023-07-24 10:03:54 UTC203INData Raw: 68 65 61 64 65 72 73 7c 7c 74 20 69 6e 73 74 61 6e 63 65 6f 66 20 52 65 71 75 65 73 74 26 26 74 2e 68 65 61 64 65 72 73 7c 7c 7b 7d 29 29 2c 65 2e 68 65 61 64 65 72 73 2e 61 70 70 65 6e 64 28 22 4d 53 2d 43 56 22 2c 72 29 29 3a 65 2e 73 65 74 52 65 71 75 65 73 74 48 65 61 64 65 72 28 22 4d 53 2d 43 56 22 2c 72 29 29 2c 65 7d 2c 75 2e 69 6e 69 74 69 61 6c 69 7a 65 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 2c 69 2c 61 2c 6f 2c 73 3d 65 2e 65 78 74 65 6e 73 69 6f 6e 43 6f 6e 66 69 67 3d 65 2e 65 78 74 65 6e 73 69 6f 6e 43 6f 6e 66 69 67 7c 7c 5b 5d 2c 63 3d 28 73 5b 75 2e 69 64 65 6e 74 69 66 69 65 72 5d 3d 73 5b 75 2e 69 64 65 6e 74 69 66 69 65 72 5d 7c 7c 7b 7d 2c 70 3d 75 2e 5f 71 6f 73 43 6f 6e 66 69 67 3d 28 63 3d 73 5b 75 2e 69
                                                            Data Ascii: headers||t instanceof Request&&t.headers||{})),e.headers.append("MS-CV",r)):e.setRequestHeader("MS-CV",r)),e},u.initialize=function(e,t,n){var r,i,a,o,s=e.extensionConfig=e.extensionConfig||[],c=(s[u.identifier]=s[u.identifier]||{},p=u._qosConfig=(c=s[u.i
                                                            2023-07-24 10:03:54 UTC219INData Raw: 2c 6c 76 2e 70 72 6f 74 6f 74 79 70 65 2e 64 6f 4e 6f 74 43 68 61 6e 67 65 53 75 70 70 6f 72 74 43 6f 72 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6f 28 22 64 6f 4e 6f 74 43 68 61 6e 67 65 53 75 70 70 6f 72 74 43 6f 72 73 22 29 2c 21 30 7d 2c 6c 76 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 54 61 72 67 65 74 55 72 69 4f 76 65 72 72 69 64 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6f 28 22 73 65 74 54 61 72 67 65 74 55 72 69 4f 76 65 72 72 69 64 65 22 29 7d 3b 76 61 72 20 75 76 3d 6c 76 3b 66 75 6e 63 74 69 6f 6e 20 6c 76 28 29 7b 7d 64 76 2e 70 72 6f 74 6f 74 79 70 65 2e 72 65 63 6f 72 64 54 69 6d 65 53 70 61 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 6f 28 22 72 65 63 6f 72 64 54 69 6d 65 53 70 61 6e 22 29 2c 2d
                                                            Data Ascii: ,lv.prototype.doNotChangeSupportCors=function(){return o("doNotChangeSupportCors"),!0},lv.prototype.setTargetUriOverride=function(e){o("setTargetUriOverride")};var uv=lv;function lv(){}dv.prototype.recordTimeSpan=function(e,t){return o("recordTimeSpan"),-


                                                            Statistics

                                                            CPU Usage

                                                            020406080s020406080100

                                                            Click to jump to process

                                                            Memory Usage

                                                            020406080s0.0050100MB

                                                            Click to jump to process

                                                            Behavior

                                                            Click to jump to process

                                                            System Behavior

                                                            General

                                                            Target ID:0
                                                            Start time:12:03:43
                                                            Start date:24/07/2023
                                                            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            Wow64 process (32bit):false
                                                            Commandline:C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
                                                            Imagebase:0x7ff683680000
                                                            File size:2'851'656 bytes
                                                            MD5 hash:0FEC2748F363150DC54C1CAFFB1A9408
                                                            Has elevated privileges:true
                                                            Has administrator privileges:true
                                                            Programmed in:C, C++ or other language
                                                            Reputation:low
                                                            Show Windows behavior

                                                            File Activities

                                                            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                            Show Windows behavior

                                                            Process Activities

                                                            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                            Show Windows behavior

                                                            Memory Activities

                                                            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                            Show Windows behavior

                                                            Process Token Activities


                                                            General

                                                            Target ID:1
                                                            Start time:12:03:44
                                                            Start date:24/07/2023
                                                            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            Wow64 process (32bit):false
                                                            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1824 --field-trial-handle=1716,i,15612289687564200168,11251115336804718916,131072 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
                                                            Imagebase:0x7ff683680000
                                                            File size:2'851'656 bytes
                                                            MD5 hash:0FEC2748F363150DC54C1CAFFB1A9408
                                                            Has elevated privileges:true
                                                            Has administrator privileges:true
                                                            Programmed in:C, C++ or other language
                                                            Reputation:low
                                                            Show Windows behavior

                                                            File Activities

                                                            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                            Show Windows behavior

                                                            Memory Activities


                                                            General

                                                            Target ID:3
                                                            Start time:12:03:47
                                                            Start date:24/07/2023
                                                            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            Wow64 process (32bit):false
                                                            Commandline:C:\Program Files\Google\Chrome\Application\chrome.exe" "https://scanner.topsec.com/?d=1464&r=show&u=https%3A%2F%2Fforms.microsoft.com%2Fpages%2Fresponsepage.aspx%3Fid%3DuiD74H4OB0SLzKGKZgH-X4Lh7kldJkVMsC3hGZBjsztUQzFGWE1MSExKVUEyMzNCTUdNRTBVUVFSRi4u&t=179241079d016688075724fcdc7f1607ffd17a7f
                                                            Imagebase:0x7ff683680000
                                                            File size:2'851'656 bytes
                                                            MD5 hash:0FEC2748F363150DC54C1CAFFB1A9408
                                                            Has elevated privileges:true
                                                            Has administrator privileges:true
                                                            Programmed in:C, C++ or other language
                                                            Reputation:low
                                                            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                            There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                            Disassembly

                                                            No disassembly