Windows Analysis Report
https://nleco-my.sharepoint.com/:u:/p/smartin/EYZSur4py4xKna-WAI8lgIkBS_KVLZwaA2d1wGxZA5Gdvw?e=wwT7sT

• EGA enabled

{
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": true,
    "brand_spoofing_attempt": false,
    "third_party_hosting": false
}

URL: URL: https://nleco-my.sharepoint.com

```json
{
  "contains_trigger_text": true,
  "trigger_text": "PLEASE HOLD CTRL BUTTON ON YOUR KEYBOARD AND CLICK ON VIEW DOCUMENT TO PURCHASE ORDER",
  "prominent_button_name": "VIEW DOCUMENT",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}

```json
{
  "brands": []
}
```

The provided image does not contain any visible brand logos or names. The page appears to be a generic web page with a simple message instructing the user to hold the CTRL button and click on "VIEW DOCUMENT" to purchase an order. There are no brand identifiers present in the header, footer, or main content of the page.

```json
{
  "contains_trigger_text": true,
  "trigger_text": "PLEASE HOLD CTRL BUTTON ON YOUR KEYBOARD AND CLICK ON VIEW DOCUMENT TO PURCHASE ORDER",
  "prominent_button_name": "VIEW DOCUMENT",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": true,
  "has_visible_qrcode": false
}

```json
{
  "brands": [
    "Empire Magnetics"
  ]
}

```json
{
  "contains_trigger_text": true,
  "trigger_text": "Verify you are human by completing the action below.",
  "prominent_button_name": "Verify you are human",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": true,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}

{
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": false,
    "brand_spoofing_attempt": false,
    "third_party_hosting": true
}

URL: URL: https://empiremagnetics.cwodapp.com

```json
{
  "brands": [
    "Cloudflare"
  ]
}

```json
{
  "contains_trigger_text": true,
  "trigger_text": "Sign in",
  "prominent_button_name": "Next",
  "text_input_field_labels": [
    "Email or phone"
  ],
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}

```json
{
  "brands": [
    "Microsoft"
  ]
}

```json{  "legit_domain": "microsoft.com",  "classification": "wellknown",  "reasons": [    "The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'.",    "The URL 'empiremagnetics.cwodapp.com' does not match the legitimate domain for Microsoft.",    "The domain 'cwodapp.com' is not associated with Microsoft and appears to be a third-party domain.",    "The presence of 'empiremagnetics' as a subdomain is unusual and not related to Microsoft.",    "The URL structure suggests a potential phishing attempt as it does not align with Microsoft's typical domain usage."  ],  "riskscore": 9}
Google indexed: False

{
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": true,
    "brand_spoofing_attempt": false,
    "third_party_hosting": false
}

URL: URL: https://sharepoint.com