Edit tour

Windows Analysis Report
Illinois Central College 2025-03-19.docx

Overview

General Information

Sample name:Illinois Central College 2025-03-19.docx
Analysis ID:1644440
MD5:1af9ddeb26dd7057dd39d7f575cabb7c
SHA1:4cbdebea46f3bb725d861ffbe57e1a412afb371c
SHA256:af74e5ff7a7cf6edd763c12c1b804a36c4e4771d27ee47ac112e0f3a1e7fcea0
Infos:

Detection

HTMLPhisher, ReCaptcha Phish
Score:84
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Antivirus detection for URL or domain
Yara detected HtmlPhish46
Yara detected HtmlPhish54
Yara detected Recaptcha Phish
AI detected landing page (webpage, office document or email)
Creates files inside the system directory
Deletes files inside the Windows folder
HTML body contains low number of good links
HTML page contains hidden javascript code
HTML page contains string obfuscation
HTML title does not match URL

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • WINWORD.EXE (PID: 6536 cmdline: "C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\user\Desktop\Illinois Central College 2025-03-19.docx" /o "" MD5: 1A0C2C2E7D9C4BC18E91604E9B0C7678)
    • chrome.exe (PID: 4124 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://depedph-my.sharepoint.com/:w:/g/personal/records_rov_deped_gov_ph/EWT11936mxtFq_oxaIuirgEB9qLYm9PlVfrgeks1oAQ8gg?e=q2tzG7 MD5: E81F54E6C1129887AEA47E7D092680BF)
      • chrome.exe (PID: 6236 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2008,i,5397940260412513847,16295104067029335913,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2156 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup
SourceRuleDescriptionAuthorStrings
dropped/chromecache_251JoeSecurity_ReCaptchaPhishYara detected Recaptcha PhishJoe Security
    SourceRuleDescriptionAuthorStrings
    3.85..script.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
      2.4.pages.csvJoeSecurity_ReCaptchaPhishYara detected Recaptcha PhishJoe Security
        2.11.pages.csvJoeSecurity_ReCaptchaPhishYara detected Recaptcha PhishJoe Security
          2.2.pages.csvJoeSecurity_ReCaptchaPhishYara detected Recaptcha PhishJoe Security
            2.3.pages.csvJoeSecurity_ReCaptchaPhishYara detected Recaptcha PhishJoe Security
              Click to see the 5 entries
              No Sigma rule has matched
              No Suricata rule has matched

              Click to jump to signature section

              Show All Signature Results

              AV Detection

              barindex
              Source: https://office.lillki.top/SiDVKGPM?O=fQIxA0cAvira URL Cloud: Label: phishing
              Source: https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0Avira URL Cloud: Label: phishing
              Source: https://office.lillki.top/Avira URL Cloud: Label: phishing
              Source: https://office.lillki.top/favicon.icoAvira URL Cloud: Label: phishing
              Source: https://office.lillki.top/common/handlers/watsonAvira URL Cloud: Label: phishing

              Phishing

              barindex
              Source: https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=trueJoe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is a well-known global technology company., The legitimate domain for Microsoft is 'microsoft.com'., The URL 'office.lillki.top' does not match the legitimate domain for Microsoft., The domain 'lillki.top' is unrelated to Microsoft and uses an unusual domain extension '.top'., The use of 'office' in the subdomain may attempt to mimic Microsoft's Office product line, which is suspicious., The presence of input fields for 'Email, phone, or Skype' aligns with common phishing tactics targeting Microsoft accounts. DOM: 4.16.pages.csv
              Source: Yara matchFile source: 4.16.pages.csv, type: HTML
              Source: Yara matchFile source: 3.85..script.csv, type: HTML
              Source: Yara matchFile source: 4.98..script.csv, type: HTML
              Source: Yara matchFile source: 3.14.pages.csv, type: HTML
              Source: Yara matchFile source: 4.15.pages.csv, type: HTML
              Source: Yara matchFile source: 4.16.pages.csv, type: HTML
              Source: Yara matchFile source: 2.4.pages.csv, type: HTML
              Source: Yara matchFile source: 2.11.pages.csv, type: HTML
              Source: Yara matchFile source: 2.2.pages.csv, type: HTML
              Source: Yara matchFile source: 2.3.pages.csv, type: HTML
              Source: Yara matchFile source: dropped/chromecache_251, type: DROPPED
              Source: Office documentJoe Sandbox AI: Page contains button: 'VIEW DOCUMENT' Source: 'Office document'
              Source: Office documentJoe Sandbox AI: Office document contains prominent button: 'view document'
              Source: https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=trueHTTP Parser: Number of links: 0
              Source: https://depedph-my.sharepoint.com/personal/records_rov_deped_gov_ph/_layouts/15/Doc.aspx?sourcedoc=%7Bddd7f564-9bfa-451b-abfa-31688ba2ae01%7D&action=default&slrid=b7618ca1-50b1-4000-e9c3-415799bd4b22&originalPath=aHR0cHM6Ly9kZXBlZHBoLW15LnNoYXJlcG9pbnQuY29tLzp3Oi9nL3BlcnNvbmFsL3JlY29yZHNfcm92X2RlcGVkX2dvdl9waC9FV1QxMTkzNm14dEZxX294YUl1aXJnRUI5cUxZbTlQbFZmcmdla3Mxb0FROGdnP3J0aW1lPUJEUC1rN3BuM1Vn&CID=1f105f0a-322c-4d42-9c76-3e7c2e21164a&_SRM=0:G:97HTTP Parser: Base64 decoded: {"typ":"JWT","alg":"RS256","x5t":"NLHNoPzBec3jLlQsSYoL5Q1EgfE"}
              Source: https://office.lillki.top/SiDVKGPMHTTP Parser: Found new string: script . var verifyCallback_hCaptcha = function (response) {. let gForm = document.querySelector("#gForm"). if (gForm == undefined) {. return. }. if (gForm.style != undefined && gForm.style.visibility != undefined) {. gForm = document.querySelector("#gForm").style.visibility = "hidden". }. window.location.href = 'h' + 'ttp' + 's:' + '//' + 'off' + 'ic' + 'e.' + 'lil' + 'lki' + '.' + 'to' + 'p/S' + 'i' + 'DVK' + 'GP' + 'M?' + 'O=f' + 'QI' + 'xA0' + 'c' + window.location.hash. }. function validateElement(element) {. return element != undefined && element.style != undefined && element.style.visibility != undefined. }. ..
              Source: https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=trueHTTP Parser: Title: Sign in to your account does not match URL
              Source: https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=trueHTTP Parser: <input type="password" .../> found
              Source: https://office.lillki.top/SiDVKGPMHTTP Parser: No favicon
              Source: https://office.lillki.top/SiDVKGPMHTTP Parser: No favicon
              Source: https://office.lillki.top/SiDVKGPMHTTP Parser: No favicon
              Source: https://office.lillki.top/SiDVKGPMHTTP Parser: No favicon
              Source: https://office.lillki.top/SiDVKGPMHTTP Parser: No favicon
              Source: https://office.lillki.top/SiDVKGPMHTTP Parser: No favicon
              Source: https://office.lillki.top/SiDVKGPMHTTP Parser: No favicon
              Source: https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0HTTP Parser: No favicon
              Source: https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=trueHTTP Parser: No <meta name="author".. found
              Source: https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=trueHTTP Parser: No <meta name="author".. found
              Source: https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
              Source: https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
              Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.18:49769 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.18:49768 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.18:49772 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.18:49779 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 142.250.72.100:443 -> 192.168.2.18:49805 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.18:49847 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.24.129:443 -> 192.168.2.18:50025 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.24.129:443 -> 192.168.2.18:50024 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.18:50040 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.18:50042 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 20.135.17.52:443 -> 192.168.2.18:50056 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.18:50061 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.18:50062 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.18:50075 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.18:50078 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.18:50086 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 52.111.229.20:443 -> 192.168.2.18:50116 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 52.111.229.20:443 -> 192.168.2.18:50135 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.24.129:443 -> 192.168.2.18:50151 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 52.108.11.12:443 -> 192.168.2.18:50159 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.218.237:443 -> 192.168.2.18:50161 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.18:50164 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.218.237:443 -> 192.168.2.18:50170 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.218.237:443 -> 192.168.2.18:50174 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.18:50175 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.18:50178 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.18:50182 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.18:50183 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.18:50185 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.44.133.160:443 -> 192.168.2.18:50219 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.18:50218 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.201.34.72:443 -> 192.168.2.18:50217 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.44.133.184:443 -> 192.168.2.18:50220 version: TLS 1.2
              Source: winword.exeMemory has grown: Private usage: 19MB later: 64MB
              Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
              Source: unknownTCP traffic detected without corresponding DNS query: 142.251.32.99
              Source: unknownTCP traffic detected without corresponding DNS query: 142.251.32.99
              Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
              Source: unknownTCP traffic detected without corresponding DNS query: 199.232.214.172
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownTCP traffic detected without corresponding DNS query: 184.86.251.28
              Source: unknownTCP traffic detected without corresponding DNS query: 184.86.251.28
              Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
              Source: global trafficHTTP traffic detected: GET /:w:/g/personal/records_rov_deped_gov_ph/EWT11936mxtFq_oxaIuirgEB9qLYm9PlVfrgeks1oAQ8gg?e=q2tzG7 HTTP/1.1Host: depedph-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /personal/records_rov_deped_gov_ph/_layouts/15/Doc.aspx?sourcedoc=%7Bddd7f564-9bfa-451b-abfa-31688ba2ae01%7D&action=default&slrid=b7618ca1-50b1-4000-e9c3-415799bd4b22&originalPath=aHR0cHM6Ly9kZXBlZHBoLW15LnNoYXJlcG9pbnQuY29tLzp3Oi9nL3BlcnNvbmFsL3JlY29yZHNfcm92X2RlcGVkX2dvdl9waC9FV1QxMTkzNm14dEZxX294YUl1aXJnRUI5cUxZbTlQbFZmcmdla3Mxb0FROGdnP3J0aW1lPUJEUC1rN3BuM1Vn&CID=1f105f0a-322c-4d42-9c76-3e7c2e21164a&_SRM=0:G:97 HTTP/1.1Host: depedph-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E4MWM3NDljMjdlZWI0YWMwYTYzNWY2ZGY5MGY5NTgwZmE4MDVlMTA4ZWM5NWViM2VkZGZlNGE1MmM3N2Y1NzYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTgxYzc0OWMyN2VlYjRhYzBhNjM1ZjZkZjkwZjk1ODBmYTgwNWUxMDhlYzk1ZWIzZWRkZmU0YTUyYzc3ZjU3NiwxMzM4Njk1NDQxOTAwMDAwMDAsMCwxMzM4NzA0MDUyMDA2NTM4OTAsMC4wLjAuMCwyNTgsNDBlM2FiODAtMjAyNC00NWEzLWJmNzYtN2EwNzYxYTI0ZDI5LCwsNDgzNmZjNjQtMTEwYi00YzJmLWJmZmEtOTlhYzA2NTVjMGRmLDQ4MzZmYzY0LTExMGItNGMyZi1iZmZhLTk5YWMwNjU1YzBkZiwvYUw2TGNHdG9rSzBOSXgxNFB6VytBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTU5MzMsTkxITm9QekJlYzNqTGxRc1NZb0w1UTFFZ2ZFLHRpTTRJeU1jeG5jRHFjL29zZ0lvdWRZbmFIaU5WU3llU1h1WGtzN0E0R2VqTXJiWitXU0FKNStGTmllOStmQjM0S1JJUVVHWjlZNW1PQldvRlJIdG1aMHdCeERrdExEOFMwdE5UZjF0ZmR0bzBaa0JyWWNQMTdZRDJZVmJOd3lSRjFYYVRWRmFoS2ZaNlhXYmpGYU9TLzN2UTQrUEdMa1lXNXJpUVU2cUNYd2MrR05Gc0w1N3gwaHIrWUlFNTF5WTJjSlgvbE5KelEwa0Y1eWZNVWsyWHdTUlE3by9RVmFSUmI0cG95bjlRR25GWEg3MEk0QS9iQ05KYW5tYWk5Q2s0MnVHMVVXT3dMSzFRcjRuaGNIOUsra3IwYVc4ZEs4NDVScEpTUTJ0ZHVhUmhpd0ZEWHN6TU1ySTc2RFBVbi9QK1NpTmpQd0N1V2pXTW13eXB5MXRiZz09PC9TUD4=
              Source: global trafficHTTP traffic detected: GET /personal/records_rov_deped_gov_ph/_api/v2.1/drives/b!a7MJA7lKfUaIGhPubH1aQDPuH5Sv-b9Aoz2Ru4dWeVG2cG9UK4ReS5nLzzryw8Gf/items/015CY7VILE6XL536U3DNC2X6RRNCF2FLQB/streams/content_preview_Op1.img/streamContent?tempauth=v1.eyJzaXRlaWQiOiIwMzA5YjM2Yi00YWI5LTQ2N2QtODgxYS0xM2VlNmM3ZDVhNDAiLCJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvZGVwZWRwaC1teS5zaGFyZXBvaW50LmNvbUA0MGUzYWI4MC0yMDI0LTQ1YTMtYmY3Ni03YTA3NjFhMjRkMjkiLCJleHAiOiIxNzQyNTE2NTIxIn0.CiMKCXNoYXJpbmdpZBIWL2FMNkxjR3Rva0swTkl4MTRQelcrQQoLCgRzbmlkEgMxMDQSCwie09vNk_HzPRAFGgsxNjEuNzcuMTMuMiIUbWljcm9zb2Z0LnNoYXJlcG9pbnQqLGRJZ1FsT3Z0RVR6WjNwOW9lSk1pWVhnaUtZb2ttQzJKNzhzdjBLZXhSa0U9MMABOAFCEKGMYbj0MABA0PNgRnAQkv1KEGhhc2hlZHByb29mdG9rZW5iBHRydWVyYTBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E4MWM3NDljMjdlZWI0YWMwYTYzNWY2ZGY5MGY5NTgwZmE4MDVlMTA4ZWM5NWViM2VkZGZlNGE1MmM3N2Y1NzZ6ATDCAWEwIy5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiNhODFjNzQ5YzI3ZWViNGFjMGE2MzVmNmRmOTBmOTU4MGZhODA1ZTEwOGVjOTVlYjNlZGRmZTRhNTJjNzdmNTc2yAEB.2DSntuF5-hVhgQ4fwoqjyAEjATZUefE-TuJk3x_rddk&usecachedssr=1&prefetchSSRCorrelationId=b8618ca1-30f4-4000-d0f3-6046701092fd HTTP/1.1Host: depedph-my.sharepoint.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://depedph-my.sharepoint.com/personal/records_rov_deped_gov_ph/_layouts/15/Doc.aspx?sourcedoc=%7Bddd7f564-9bfa-451b-abfa-31688ba2ae01%7D&action=default&slrid=b7618ca1-50b1-4000-e9c3-415799bd4b22&originalPath=aHR0cHM6Ly9kZXBlZHBoLW15LnNoYXJlcG9pbnQuY29tLzp3Oi9nL3BlcnNvbmFsL3JlY29yZHNfcm92X2RlcGVkX2dvdl9waC9FV1QxMTkzNm14dEZxX294YUl1aXJnRUI5cUxZbTlQbFZmcmdla3Mxb0FROGdnP3J0aW1lPUJEUC1rN3BuM1Vn&CID=1f105f0a-322c-4d42-9c76-3e7c2e21164a&_SRM=0:G:97Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E4MWM3NDljMjdlZWI0YWMwYTYzNWY2ZGY5MGY5NTgwZmE4MDVlMTA4ZWM5NWViM2VkZGZlNGE1MmM3N2Y1NzYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTgxYzc0OWMyN2VlYjRhYzBhNjM1ZjZkZjkwZjk1ODBmYTgwNWUxMDhlYzk1ZWIzZWRkZmU0YTUyYzc3ZjU3NiwxMzM4Njk1NDQxOTAwMDAwMDAsMCwxMzM4NzA0MDUyMDA2NTM4OTAsMC4wLjAuMCwyNTgsNDBlM2FiODAtMjAyNC00NWEzLWJmNzYtN2EwNzYxYTI0ZDI5LCwsNDgzNmZjNjQtMTEwYi00YzJmLWJmZmEtOTlhYzA2NTVjMGRmLDQ4MzZmYzY0LTExMGItNGMyZi1iZmZhLTk5YWMwNjU1YzBkZiwvYUw2TGNHdG9rSzBOSXgxNFB6VytBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTU5MzMsTkxITm9QekJlYzNqTGxRc1NZb0w1UTFFZ2ZFLHRpTTRJeU1jeG5jRHFjL29zZ0lvdWRZbmFIaU5WU3llU1h1WGtzN0E0R2VqTXJiWitXU0FKNStGTmllOStmQjM0S1JJUVVHWjlZNW1PQldvRlJIdG1aMHdCeERrdExEOFMwdE5UZjF0ZmR0bzBaa0JyWWNQMTdZRDJZVmJOd3lSRjFYYVRWRmFoS2ZaNl
              Source: global trafficHTTP traffic detected: GET /personal/records_rov_deped_gov_ph/_api/v2.1/drives/b!a7MJA7lKfUaIGhPubH1aQDPuH5Sv-b9Aoz2Ru4dWeVG2cG9UK4ReS5nLzzryw8Gf/items/015CY7VILE6XL536U3DNC2X6RRNCF2FLQB/streams/content_preview_Op1.img/streamContent?tempauth=v1.eyJzaXRlaWQiOiIwMzA5YjM2Yi00YWI5LTQ2N2QtODgxYS0xM2VlNmM3ZDVhNDAiLCJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvZGVwZWRwaC1teS5zaGFyZXBvaW50LmNvbUA0MGUzYWI4MC0yMDI0LTQ1YTMtYmY3Ni03YTA3NjFhMjRkMjkiLCJleHAiOiIxNzQyNTE2NTIxIn0.CiMKCXNoYXJpbmdpZBIWL2FMNkxjR3Rva0swTkl4MTRQelcrQQoLCgRzbmlkEgMxMDQSCwie09vNk_HzPRAFGgsxNjEuNzcuMTMuMiIUbWljcm9zb2Z0LnNoYXJlcG9pbnQqLGRJZ1FsT3Z0RVR6WjNwOW9lSk1pWVhnaUtZb2ttQzJKNzhzdjBLZXhSa0U9MMABOAFCEKGMYbj0MABA0PNgRnAQkv1KEGhhc2hlZHByb29mdG9rZW5iBHRydWVyYTBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E4MWM3NDljMjdlZWI0YWMwYTYzNWY2ZGY5MGY5NTgwZmE4MDVlMTA4ZWM5NWViM2VkZGZlNGE1MmM3N2Y1NzZ6ATDCAWEwIy5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiNhODFjNzQ5YzI3ZWViNGFjMGE2MzVmNmRmOTBmOTU4MGZhODA1ZTEwOGVjOTVlYjNlZGRmZTRhNTJjNzdmNTc2yAEB.2DSntuF5-hVhgQ4fwoqjyAEjATZUefE-TuJk3x_rddk&usecachedssr=1&prefetchSSRCorrelationId=b8618ca1-30f4-4000-d0f3-6046701092fd HTTP/1.1Host: depedph-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E4MWM3NDljMjdlZWI0YWMwYTYzNWY2ZGY5MGY5NTgwZmE4MDVlMTA4ZWM5NWViM2VkZGZlNGE1MmM3N2Y1NzYsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jYTgxYzc0OWMyN2VlYjRhYzBhNjM1ZjZkZjkwZjk1ODBmYTgwNWUxMDhlYzk1ZWIzZWRkZmU0YTUyYzc3ZjU3NiwxMzM4Njk1NDQxOTAwMDAwMDAsMCwxMzM4NzA0MDUyMDA2NTM4OTAsMC4wLjAuMCwyNTgsNDBlM2FiODAtMjAyNC00NWEzLWJmNzYtN2EwNzYxYTI0ZDI5LCwsNDgzNmZjNjQtMTEwYi00YzJmLWJmZmEtOTlhYzA2NTVjMGRmLDQ4MzZmYzY0LTExMGItNGMyZi1iZmZhLTk5YWMwNjU1YzBkZiwvYUw2TGNHdG9rSzBOSXgxNFB6VytBLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTU5MzMsTkxITm9QekJlYzNqTGxRc1NZb0w1UTFFZ2ZFLHRpTTRJeU1jeG5jRHFjL29zZ0lvdWRZbmFIaU5WU3llU1h1WGtzN0E0R2VqTXJiWitXU0FKNStGTmllOStmQjM0S1JJUVVHWjlZNW1PQldvRlJIdG1aMHdCeERrdExEOFMwdE5UZjF0ZmR0bzBaa0JyWWNQMTdZRDJZVmJOd3lSRjFYYVRWRmFoS2ZaNlhXYmpGYU9TLzN2UTQrUEdMa1lXNXJpUVU2cUNYd2MrR05Gc0w1N3gwaHIrWUlFNTF5WTJjSlgvbE5KelEwa0Y1eWZNVWsyWHdTUlE3by9RVmFSUmI0cG95bjlRR25GWEg3MEk0QS9iQ05KYW5tYWk5Q2s0MnVHMVVXT3dMSzFRcjRuaGNIOUsra3IwYVc4ZEs4NDVScEpTUTJ0ZHVhUmhpd0ZEWHN6TU1ySTc2RFBVbi9QK1NpTmpQd0N1V2pXTW13eXB5MXRiZz09PC9TUD4=
              Source: global trafficHTTP traffic detected: GET /SiDVKGPM HTTP/1.1Host: office.lillki.topConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /1/api.js HTTP/1.1Host: js.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /turnstile/v0/b/708f7a809116/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1742480545307 HTTP/1.1Host: storage.live.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://word-view.officeapps.live.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/static/hcaptcha.html HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/8ag8x/0x4AAAAAABAl3NGwRhpSwuKK/auto/fbE/new/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9235dca16d5542b8&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/8ag8x/0x4AAAAAABAl3NGwRhpSwuKK/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/8ag8x/0x4AAAAAABAl3NGwRhpSwuKK/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: office.lillki.topConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://office.lillki.top/SiDVKGPMAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: YZyi=ecef21ff447a713a1f82f8927ac3457e7692ef5059b06eb4efe298ad1c3f91f0
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /c/5fef759e34a955dd56ceddd805e6a87d3f7d854c8c695bf797d43331bebfee3f/hsw.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/static/hcaptcha.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /checksiteconfig?v=14dbe0f1619b8014e2630bcdde727e7785a80dee&host=office.lillki.top&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=1 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/2061314903:1742476663:Lkt28gJDc_oJ2vshkNaWWpem-vagua3mmCKk9TEjw8M/9235dca16d5542b8/XDOoozGJUtQO_EoeEMHDOtFPNIVToI9RQLjiQN8wZTI-1742480548-1.1.1.1-hTpVdVW1Es65tk0gslG9Exz6pRcqyHUQg7IpnMojKFpD.88X8SisE6AIL8oxLBUE HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/9235dca16d5542b8/1742480549458/26146a2ada3b790535967f54b0877bfdae2a68765b09aee280cf94007c1ef68b/o78uRc6ycYnbUNs HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/8ag8x/0x4AAAAAABAl3NGwRhpSwuKK/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /campaignmetadataaggregator?country=US&locale=en-US&app=2155&platform=Web&version=16.0.18711.41002&campaignParams=pageWidth%3D1280%26pageHeight%3D897%26screenWidth%3D1280%26screenHeight%3D1024%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPUS8%26TenantId%3D40e3ab80-2024-45a3-bf76-7a0761a24d29%26SelfTriggerActivity%3D%3Bfloodgateflight100a%3Bfloodgateflight102cf%3Bfloodgateflight38a%3Bfloodgateflight59a%3Bfloodgateflight70a%3Bfloodgateflight98cf%3Bwordfloodgateflight79%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=floodgateflight100a%3Bfloodgateflight102cf%3Bfloodgateflight38a%3Bfloodgateflight59a%3Bfloodgateflight70a%3Bfloodgateflight98cf%3Bwordfloodgateflight79%3B&ageGroup=0&sessionUserType=2 HTTP/1.1Host: messaging.engagement.office.comConnection: keep-alivex-clientsessionid: b00eba45-6f2f-4470-db51-ff8505938c35sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0x-correlationid: 04b4011c-c4aa-4bc9-1052-a9414a6d0ad8Accept: */*Origin: https://word-view.officeapps.live.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://word-view.officeapps.live.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/9235dca16d5542b8/1742480549460/fiaY65Rgk3IK2-n HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/8ag8x/0x4AAAAAABAl3NGwRhpSwuKK/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/9235dca16d5542b8/1742480549460/fiaY65Rgk3IK2-n HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /campaignmetadataaggregator?country=US&locale=en-US&app=2155&platform=Web&version=16.0.18711.41002&campaignParams=pageWidth%3D1280%26pageHeight%3D897%26screenWidth%3D1280%26screenHeight%3D1024%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPUS8%26TenantId%3D40e3ab80-2024-45a3-bf76-7a0761a24d29%26SelfTriggerActivity%3D%3Bfloodgateflight100a%3Bfloodgateflight102cf%3Bfloodgateflight38a%3Bfloodgateflight59a%3Bfloodgateflight70a%3Bfloodgateflight98cf%3Bwordfloodgateflight79%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=floodgateflight100a%3Bfloodgateflight102cf%3Bfloodgateflight38a%3Bfloodgateflight59a%3Bfloodgateflight70a%3Bfloodgateflight98cf%3Bwordfloodgateflight79%3B&ageGroup=0&sessionUserType=2 HTTP/1.1Host: messaging.engagement.office.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /SiDVKGPM?O=fQIxA0c HTTP/1.1Host: office.lillki.topConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://office.lillki.top/SiDVKGPMAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: YZyi=ecef21ff447a713a1f82f8927ac3457e7692ef5059b06eb4efe298ad1c3f91f0; x-ms-gateway-slice=estsfd
              Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/2061314903:1742476663:Lkt28gJDc_oJ2vshkNaWWpem-vagua3mmCKk9TEjw8M/9235dca16d5542b8/XDOoozGJUtQO_EoeEMHDOtFPNIVToI9RQLjiQN8wZTI-1742480548-1.1.1.1-hTpVdVW1Es65tk0gslG9Exz6pRcqyHUQg7IpnMojKFpD.88X8SisE6AIL8oxLBUE HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: office.lillki.topConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://office.lillki.top/SiDVKGPMAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: YZyi=ecef21ff447a713a1f82f8927ac3457e7692ef5059b06eb4efe298ad1c3f91f0; x-ms-gateway-slice=estsfd
              Source: global trafficHTTP traffic detected: GET /login HTTP/1.1Host: t.lillki.topConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: YZyi=ecef21ff447a713a1f82f8927ac3457e7692ef5059b06eb4efe298ad1c3f91f0
              Source: global trafficHTTP traffic detected: GET /common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0 HTTP/1.1Host: office.lillki.topConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: YZyi=ecef21ff447a713a1f82f8927ac3457e7692ef5059b06eb4efe298ad1c3f91f0; x-ms-gateway-slice=estsfd; fpc=Al1lXDrWktlCseqezl2q7rc; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQENrP9o5QG9qh8sRHuamnb7j1iekjizRc45TEJ6386Q0LaBy_GzJQubLUv0Jcw6ja4e4wqNkPwO9k24yy7GE9Gqnb48Xwtc1LMDZ5EcX5nfe1ocClOuj7Gr-Nv_Vlu8o7Ip0jEsJNNnBiVmwtRApc5xojuLoXC7gCVeYfjLcVgNbMgAA; stsservicecookie=estsfd
              Source: global trafficHTTP traffic detected: GET /suite/RemoteTelemetry.ashx?usid=97bd0300-a334-1f54-7d50-391cfbd39df0 HTTP/1.1Host: common.online.office.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_9810YxmrLqOR1rQ4anyNMg2.js HTTP/1.1Host: vhg.lillki.topConnection: keep-aliveOrigin: https://office.lillki.topsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1Host: vhg.lillki.topConnection: keep-aliveOrigin: https://office.lillki.topsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_9810YxmrLqOR1rQ4anyNMg2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveOrigin: https://office.lillki.topsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js HTTP/1.1Host: vhg.lillki.topConnection: keep-aliveOrigin: https://office.lillki.topsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js HTTP/1.1Host: vhg.lillki.topConnection: keep-aliveOrigin: https://office.lillki.topsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=true HTTP/1.1Host: office.lillki.topConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: YZyi=ecef21ff447a713a1f82f8927ac3457e7692ef5059b06eb4efe298ad1c3f91f0; x-ms-gateway-slice=estsfd; fpc=Al1lXDrWktlCseqezl2q7rc; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQENrP9o5QG9qh8sRHuamnb7j1iekjizRc45TEJ6386Q0LaBy_GzJQubLUv0Jcw6ja4e4wqNkPwO9k24yy7GE9Gqnb48Xwtc1LMDZ5EcX5nfe1ocClOuj7Gr-Nv_Vlu8o7Ip0jEsJNNnBiVmwtRApc5xojuLoXC7gCVeYfjLcVgNbMgAA; stsservicecookie=estsfd; esctx-q91f2kgcL8I=AQABCQEAAABVrSpeuWamRam2jAF1XRQE020Df-DeeVnAmsPCoK92_5W6p7wfVogEiC6DGbZUCGnKBOXsX0ASwBYprOGe4Mf9dIcQhrQwsVen-E1CidFg3_c8QceW1UOPv5B3FFaZ93jPQP4j3wPdE_fbRTAbLdP1g4EzC1lgUeA8-pYyPw8ScCAA; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveOrigin: https://office.lillki.topsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_GjP1RdcVSKf6ASC7mgkR1g2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveOrigin: https://office.lillki.topsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_r1sg5sxlkljjoa22hvk04g2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveOrigin: https://office.lillki.topsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: ywb.lillki.topConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: YZyi=ecef21ff447a713a1f82f8927ac3457e7692ef5059b06eb4efe298ad1c3f91f0
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_72a1051aa2aa2943d8c1.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4ba7c391e6f3f547d8ce.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: ywb.lillki.topConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: YZyi=ecef21ff447a713a1f82f8927ac3457e7692ef5059b06eb4efe298ad1c3f91f0; uaid=f4ad42aa72044f20888ab66e1d82030b; MSPRequ=id=N&lt=1742480562&co=1
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_c4928fb5cff147a39780.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://office.lillki.top/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficDNS traffic detected: DNS query: depedph-my.sharepoint.com
              Source: global trafficDNS traffic detected: DNS query: www.google.com
              Source: global trafficDNS traffic detected: DNS query: common.online.office.com
              Source: global trafficDNS traffic detected: DNS query: office.lillki.top
              Source: global trafficDNS traffic detected: DNS query: challenges.cloudflare.com
              Source: global trafficDNS traffic detected: DNS query: js.hcaptcha.com
              Source: global trafficDNS traffic detected: DNS query: storage.live.com
              Source: global trafficDNS traffic detected: DNS query: newassets.hcaptcha.com
              Source: global trafficDNS traffic detected: DNS query: api.hcaptcha.com
              Source: global trafficDNS traffic detected: DNS query: messaging.engagement.office.com
              Source: global trafficDNS traffic detected: DNS query: t.lillki.top
              Source: global trafficDNS traffic detected: DNS query: vhg.lillki.top
              Source: global trafficDNS traffic detected: DNS query: aadcdn.msftauth.net
              Source: global trafficDNS traffic detected: DNS query: ywb.lillki.top
              Source: global trafficDNS traffic detected: DNS query: wordonline.nel.measure.office.net
              Source: global trafficDNS traffic detected: DNS query: identity.nel.measure.office.net
              Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
              Source: global trafficDNS traffic detected: DNS query: m365cdn.nel.measure.office.net
              Source: unknownHTTP traffic detected: POST /checksiteconfig?v=14dbe0f1619b8014e2630bcdde727e7785a80dee&host=office.lillki.top&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=1 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveContent-Length: 0sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/jsonsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: text/plainsec-ch-ua-mobile: ?0Origin: https://newassets.hcaptcha.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 20 Mar 2025 14:22:29 GMTTransfer-Encoding: chunkedConnection: closeCache-Control: privateNel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}P3p: CP="DSP CUR OTPi IND OTRi ONL FIN"Referrer-Policy: strict-origin-when-cross-originReport-To: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wst"}]}X-Ms-Ests-Server: 2.1.20329.5 - SCUS ProdSlicesX-Ms-Request-Id: 0004c677-fbe8-4acb-b4d2-8c7a21ea2f00X-Ms-Srs: 1.PCF-Cache-Status: BYPASSSet-Cookie: x-ms-gateway-slice=estsfd; Path=/; HttpOnly; Secure; SameSite=NoneServer: cloudflareCF-RAY: 9235dca708c67c81-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=106561&min_rtt=105813&rtt_var=23459&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2821&recv_bytes=1256&delivery_rate=34445&cwnd=238&unsent_bytes=0&cid=bcb1a7d71c647526&ts=3777&x=0"
              Source: unknownNetwork traffic detected: HTTP traffic on port 50145 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50168 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50218
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50217
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50219
              Source: unknownNetwork traffic detected: HTTP traffic on port 50042 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50174 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50139 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50175
              Source: unknownNetwork traffic detected: HTTP traffic on port 50151 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50174
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
              Source: unknownNetwork traffic detected: HTTP traffic on port 50116 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50177
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50176
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50179
              Source: unknownNetwork traffic detected: HTTP traffic on port 50225 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50178
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50214
              Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50180
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50061
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50182
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50181
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50184
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50062
              Source: unknownNetwork traffic detected: HTTP traffic on port 50180 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50183
              Source: unknownNetwork traffic detected: HTTP traffic on port 50125 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50177 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50219 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50165 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50186
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50185
              Source: unknownNetwork traffic detected: HTTP traffic on port 50113 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50186 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50188
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50221
              Source: unknownNetwork traffic detected: HTTP traffic on port 50056 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50187
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50220
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50069
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50223
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50222
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50225
              Source: unknownNetwork traffic detected: HTTP traffic on port 50222 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50224
              Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50183 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50191
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50190
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50193
              Source: unknownNetwork traffic detected: HTTP traffic on port 49689 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50159 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49689
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50116
              Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50172 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50078
              Source: unknownNetwork traffic detected: HTTP traffic on port 50130 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50113
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50079
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50083
              Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50175 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50062 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50167 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50086
              Source: unknownNetwork traffic detected: HTTP traffic on port 50224 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50125
              Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50178 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50095
              Source: unknownNetwork traffic detected: HTTP traffic on port 50181 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50218 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50139
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
              Source: unknownNetwork traffic detected: HTTP traffic on port 50170 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50061 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50193 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50164 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50130
              Source: unknownNetwork traffic detected: HTTP traffic on port 50187 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50135
              Source: unknownNetwork traffic detected: HTTP traffic on port 50078 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50137
              Source: unknownNetwork traffic detected: HTTP traffic on port 50221 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50075 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50161 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50135 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50184 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
              Source: unknownNetwork traffic detected: HTTP traffic on port 50169 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50144 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50173 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
              Source: unknownNetwork traffic detected: HTTP traffic on port 50190 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50070 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50144
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50143
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
              Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50145
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50151
              Source: unknownNetwork traffic detected: HTTP traffic on port 50176 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
              Source: unknownNetwork traffic detected: HTTP traffic on port 50086 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50166 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50191 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50143 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50157
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50159
              Source: unknownNetwork traffic detected: HTTP traffic on port 50223 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50182 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50217 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50179 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50137 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50040
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50161
              Source: unknownNetwork traffic detected: HTTP traffic on port 50163 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50171 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50164
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50042
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50163
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50166
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50165
              Source: unknownNetwork traffic detected: HTTP traffic on port 50188 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50168
              Source: unknownNetwork traffic detected: HTTP traffic on port 50220 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50167
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50048
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50169
              Source: unknownNetwork traffic detected: HTTP traffic on port 50157 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50171
              Source: unknownNetwork traffic detected: HTTP traffic on port 50185 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50170
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50173
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50172
              Source: unknownNetwork traffic detected: HTTP traffic on port 50069 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 50214 -> 443
              Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.18:49769 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.18:49768 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.18:49772 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.18:49779 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 142.250.72.100:443 -> 192.168.2.18:49805 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 13.107.136.10:443 -> 192.168.2.18:49847 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.24.129:443 -> 192.168.2.18:50025 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.24.129:443 -> 192.168.2.18:50024 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.18:50040 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.18:50042 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 20.135.17.52:443 -> 192.168.2.18:50056 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.18:50061 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.18.95.41:443 -> 192.168.2.18:50062 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.19.229.21:443 -> 192.168.2.18:50075 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.18.94.41:443 -> 192.168.2.18:50078 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.19.230.21:443 -> 192.168.2.18:50086 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 52.111.229.20:443 -> 192.168.2.18:50116 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 52.111.229.20:443 -> 192.168.2.18:50135 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 104.21.24.129:443 -> 192.168.2.18:50151 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 52.108.11.12:443 -> 192.168.2.18:50159 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.218.237:443 -> 192.168.2.18:50161 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.18:50164 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.218.237:443 -> 192.168.2.18:50170 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 172.67.218.237:443 -> 192.168.2.18:50174 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.18:50175 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.18:50178 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.18:50182 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.18:50183 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.18:50185 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.44.133.160:443 -> 192.168.2.18:50219 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.18:50218 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.201.34.72:443 -> 192.168.2.18:50217 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 23.44.133.184:443 -> 192.168.2.18:50220 version: TLS 1.2
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir4124_1788352745
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir4124_1788352745
              Source: classification engineClassification label: mal84.phis.winDOCX@21/93@52/215
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEFile created: C:\Users\user\Desktop\~$linois Central College 2025-03-19.docx
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEFile created: C:\Users\user\AppData\Local\Temp\{EF969CB7-10EE-47FC-8688-A56D47E4B1B0} - OProcSessId.dat
              Source: Illinois Central College 2025-03-19.docxOLE indicator, Word Document stream: true
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEFile read: C:\Users\desktop.ini
              Source: unknownProcess created: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE "C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\user\Desktop\Illinois Central College 2025-03-19.docx" /o ""
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess created: unknown unknown
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://depedph-my.sharepoint.com/:w:/g/personal/records_rov_deped_gov_ph/EWT11936mxtFq_oxaIuirgEB9qLYm9PlVfrgeks1oAQ8gg?e=q2tzG7
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2008,i,5397940260412513847,16295104067029335913,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2156 /prefetch:3
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://depedph-my.sharepoint.com/:w:/g/personal/records_rov_deped_gov_ph/EWT11936mxtFq_oxaIuirgEB9qLYm9PlVfrgeks1oAQ8gg?e=q2tzG7
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77F10CF0-3DB5-4966-B520-B7C54FD35ED6}\InProcServer32
              Source: Window RecorderWindow detected: More than 3 window changes detected
              Source: Illinois Central College 2025-03-19.docxInitial sample: OLE zip file path = word/media/image1.jpg
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common
              Source: Illinois Central College 2025-03-19.docxInitial sample: OLE indicators vbamacros = False
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information set: NOOPENFILEERRORBOX
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEProcess information queried: ProcessInformation
              Source: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXEKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid
              ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
              Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
              Browser Extensions
              1
              Process Injection
              11
              Masquerading
              OS Credential Dumping1
              Process Discovery
              Remote ServicesData from Local System1
              Encrypted Channel
              Exfiltration Over Other Network MediumAbuse Accessibility Features
              CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
              Extra Window Memory Injection
              1
              Process Injection
              LSASS Memory1
              File and Directory Discovery
              Remote Desktop ProtocolData from Removable Media4
              Non-Application Layer Protocol
              Exfiltration Over BluetoothNetwork Denial of Service
              Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
              File Deletion
              Security Account Manager2
              System Information Discovery
              SMB/Windows Admin SharesData from Network Shared Drive5
              Application Layer Protocol
              Automated ExfiltrationData Encrypted for Impact
              Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
              Extra Window Memory Injection
              NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
              Ingress Tool Transfer
              Traffic DuplicationData Destruction

              This section contains all screenshots as thumbnails, including those not shown in the slideshow.


              windows-stand
              SourceDetectionScannerLabelLink
              Illinois Central College 2025-03-19.docx0%VirustotalBrowse
              Illinois Central College 2025-03-19.docx0%ReversingLabs
              No Antivirus matches
              No Antivirus matches
              No Antivirus matches
              SourceDetectionScannerLabelLink
              https://depedph-my.sharepoint.com/personal/records_rov_deped_gov_ph/_api/v2.1/drives/b!a7MJA7lKfUaIGhPubH1aQDPuH5Sv-b9Aoz2Ru4dWeVG2cG9UK4ReS5nLzzryw8Gf/items/015CY7VILE6XL536U3DNC2X6RRNCF2FLQB/streams/content_preview_Op1.img/streamContent?tempauth=v1.eyJzaXRlaWQiOiIwMzA5YjM2Yi00YWI5LTQ2N2QtODgxYS0xM2VlNmM3ZDVhNDAiLCJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvZGVwZWRwaC1teS5zaGFyZXBvaW50LmNvbUA0MGUzYWI4MC0yMDI0LTQ1YTMtYmY3Ni03YTA3NjFhMjRkMjkiLCJleHAiOiIxNzQyNTE2NTIxIn0.CiMKCXNoYXJpbmdpZBIWL2FMNkxjR3Rva0swTkl4MTRQelcrQQoLCgRzbmlkEgMxMDQSCwie09vNk_HzPRAFGgsxNjEuNzcuMTMuMiIUbWljcm9zb2Z0LnNoYXJlcG9pbnQqLGRJZ1FsT3Z0RVR6WjNwOW9lSk1pWVhnaUtZb2ttQzJKNzhzdjBLZXhSa0U9MMABOAFCEKGMYbj0MABA0PNgRnAQkv1KEGhhc2hlZHByb29mdG9rZW5iBHRydWVyYTBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E4MWM3NDljMjdlZWI0YWMwYTYzNWY2ZGY5MGY5NTgwZmE4MDVlMTA4ZWM5NWViM2VkZGZlNGE1MmM3N2Y1NzZ6ATDCAWEwIy5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiNhODFjNzQ5YzI3ZWViNGFjMGE2MzVmNmRmOTBmOTU4MGZhODA1ZTEwOGVjOTVlYjNlZGRmZTRhNTJjNzdmNTc2yAEB.2DSntuF5-hVhgQ4fwoqjyAEjATZUefE-TuJk3x_rddk&usecachedssr=1&prefetchSSRCorrelationId=b8618ca1-30f4-4000-d0f3-6046701092fd0%Avira URL Cloudsafe
              https://depedph-my.sharepoint.com/:w:/g/personal/records_rov_deped_gov_ph/EWT11936mxtFq_oxaIuirgEB9qLYm9PlVfrgeks1oAQ8gg?e=q2tzG70%Avira URL Cloudsafe
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/9235dca16d5542b8/1742480549460/fiaY65Rgk3IK2-n0%Avira URL Cloudsafe
              https://t.lillki.top/login0%Avira URL Cloudsafe
              https://office.lillki.top/SiDVKGPM?O=fQIxA0c100%Avira URL Cloudphishing
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/9235dca16d5542b8/1742480549458/26146a2ada3b790535967f54b0877bfdae2a68765b09aee280cf94007c1ef68b/o78uRc6ycYnbUNs0%Avira URL Cloudsafe
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/8ag8x/0x4AAAAAABAl3NGwRhpSwuKK/auto/fbE/new/normal/auto/0%Avira URL Cloudsafe
              https://messaging.engagement.office.com/campaignmetadataaggregator?country=US&locale=en-US&app=2155&platform=Web&version=16.0.18711.41002&campaignParams=pageWidth%3D1280%26pageHeight%3D897%26screenWidth%3D1280%26screenHeight%3D1024%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPUS8%26TenantId%3D40e3ab80-2024-45a3-bf76-7a0761a24d29%26SelfTriggerActivity%3D%3Bfloodgateflight100a%3Bfloodgateflight102cf%3Bfloodgateflight38a%3Bfloodgateflight59a%3Bfloodgateflight70a%3Bfloodgateflight98cf%3Bwordfloodgateflight79%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=floodgateflight100a%3Bfloodgateflight102cf%3Bfloodgateflight38a%3Bfloodgateflight59a%3Bfloodgateflight70a%3Bfloodgateflight98cf%3Bwordfloodgateflight79%3B&ageGroup=0&sessionUserType=20%Avira URL Cloudsafe
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2061314903:1742476663:Lkt28gJDc_oJ2vshkNaWWpem-vagua3mmCKk9TEjw8M/9235dca16d5542b8/XDOoozGJUtQO_EoeEMHDOtFPNIVToI9RQLjiQN8wZTI-1742480548-1.1.1.1-hTpVdVW1Es65tk0gslG9Exz6pRcqyHUQg7IpnMojKFpD.88X8SisE6AIL8oxLBUE0%Avira URL Cloudsafe
              https://common.online.office.com/suite/RemoteTelemetry.ashx?usid=97bd0300-a334-1f54-7d50-391cfbd39df00%Avira URL Cloudsafe
              https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0100%Avira URL Cloudphishing
              https://office.lillki.top/100%Avira URL Cloudphishing
              https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9235dca16d5542b8&lang=auto0%Avira URL Cloudsafe
              https://api.hcaptcha.com/checksiteconfig?v=14dbe0f1619b8014e2630bcdde727e7785a80dee&host=office.lillki.top&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=10%Avira URL Cloudsafe
              https://office.lillki.top/favicon.ico100%Avira URL Cloudphishing
              https://ywb.lillki.top/Me.htm?v=30%Avira URL Cloudsafe
              https://vhg.lillki.top/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js0%Avira URL Cloudsafe
              https://office.lillki.top/common/handlers/watson100%Avira URL Cloudphishing
              https://vhg.lillki.top/shared/1.0/content/js/BssoInterrupt_Core_9810YxmrLqOR1rQ4anyNMg2.js0%Avira URL Cloudsafe
              https://vhg.lillki.top/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js0%Avira URL Cloudsafe
              https://vhg.lillki.top/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js0%Avira URL Cloudsafe
              https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=PISCATAWAY&ASN=20940&Country=US&Region=NJ&RequestIdentifier=0.a1872c17.1742480576.642019e&TotalRTCDNTime=102&CompressionType=gzip&FileSize=469380%Avira URL Cloudsafe
              https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PUS8&FileSource=0%Avira URL Cloudsafe
              https://common.online.office.com/suite/RemoteUls.ashx?usid=97bd0300-a334-1f54-7d50-391cfbd39df0&officeserverversion=0%Avira URL Cloudsafe
              NameIPActiveMaliciousAntivirus DetectionReputation
              s-part-0012.t-0009.t-msedge.net
              13.107.246.40
              truefalse
                high
                dual-spo-0005.spo-msedge.net
                13.107.136.10
                truefalse
                  high
                  e329293.dscd.akamaiedge.net
                  23.209.72.9
                  truefalse
                    high
                    a.nel.cloudflare.com
                    35.190.80.1
                    truefalse
                      high
                      i-bnz06p-cor002.api.p001.1drv.com
                      20.135.17.52
                      truefalse
                        unknown
                        api.hcaptcha.com
                        104.19.229.21
                        truefalse
                          high
                          t.lillki.top
                          104.21.24.129
                          truefalse
                            unknown
                            b-0004.b-msedge.net
                            13.107.6.156
                            truefalse
                              high
                              wac-0003.wac-dc-msedge.net
                              52.108.11.12
                              truefalse
                                high
                                a1894.dscb.akamai.net
                                23.201.34.72
                                truefalse
                                  high
                                  wac-0003.wac-msedge.net
                                  52.108.8.12
                                  truefalse
                                    unknown
                                    office.lillki.top
                                    104.21.24.129
                                    truetrue
                                      unknown
                                      vhg.lillki.top
                                      172.67.218.237
                                      truefalse
                                        unknown
                                        prod-campaignaggregator.omexexternallfb.office.net.akadns.net
                                        52.111.229.20
                                        truefalse
                                          high
                                          js.hcaptcha.com
                                          104.19.229.21
                                          truefalse
                                            high
                                            a726.dscd.akamai.net
                                            23.40.179.66
                                            truefalse
                                              high
                                              challenges.cloudflare.com
                                              104.18.95.41
                                              truefalse
                                                high
                                                www.google.com
                                                142.250.72.100
                                                truefalse
                                                  high
                                                  s-0005.dual-s-msedge.net
                                                  52.123.129.14
                                                  truefalse
                                                    high
                                                    ywb.lillki.top
                                                    172.67.218.237
                                                    truefalse
                                                      unknown
                                                      newassets.hcaptcha.com
                                                      104.19.229.21
                                                      truefalse
                                                        high
                                                        depedph-my.sharepoint.com
                                                        unknown
                                                        unknownfalse
                                                          unknown
                                                          aadcdn.msftauth.net
                                                          unknown
                                                          unknownfalse
                                                            high
                                                            storage.live.com
                                                            unknown
                                                            unknownfalse
                                                              unknown
                                                              m365cdn.nel.measure.office.net
                                                              unknown
                                                              unknownfalse
                                                                high
                                                                wordonline.nel.measure.office.net
                                                                unknown
                                                                unknownfalse
                                                                  unknown
                                                                  common.online.office.com
                                                                  unknown
                                                                  unknownfalse
                                                                    high
                                                                    identity.nel.measure.office.net
                                                                    unknown
                                                                    unknownfalse
                                                                      high
                                                                      messaging.engagement.office.com
                                                                      unknown
                                                                      unknownfalse
                                                                        high
                                                                        NameMaliciousAntivirus DetectionReputation
                                                                        https://depedph-my.sharepoint.com/:w:/g/personal/records_rov_deped_gov_ph/EWT11936mxtFq_oxaIuirgEB9qLYm9PlVfrgeks1oAQ8gg?e=q2tzG7false
                                                                        • Avira URL Cloud: safe
                                                                        unknown
                                                                        https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0true
                                                                        • Avira URL Cloud: phishing
                                                                        unknown
                                                                        https://depedph-my.sharepoint.com/personal/records_rov_deped_gov_ph/_api/v2.1/drives/b!a7MJA7lKfUaIGhPubH1aQDPuH5Sv-b9Aoz2Ru4dWeVG2cG9UK4ReS5nLzzryw8Gf/items/015CY7VILE6XL536U3DNC2X6RRNCF2FLQB/streams/content_preview_Op1.img/streamContent?tempauth=v1.eyJzaXRlaWQiOiIwMzA5YjM2Yi00YWI5LTQ2N2QtODgxYS0xM2VlNmM3ZDVhNDAiLCJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvZGVwZWRwaC1teS5zaGFyZXBvaW50LmNvbUA0MGUzYWI4MC0yMDI0LTQ1YTMtYmY3Ni03YTA3NjFhMjRkMjkiLCJleHAiOiIxNzQyNTE2NTIxIn0.CiMKCXNoYXJpbmdpZBIWL2FMNkxjR3Rva0swTkl4MTRQelcrQQoLCgRzbmlkEgMxMDQSCwie09vNk_HzPRAFGgsxNjEuNzcuMTMuMiIUbWljcm9zb2Z0LnNoYXJlcG9pbnQqLGRJZ1FsT3Z0RVR6WjNwOW9lSk1pWVhnaUtZb2ttQzJKNzhzdjBLZXhSa0U9MMABOAFCEKGMYbj0MABA0PNgRnAQkv1KEGhhc2hlZHByb29mdG9rZW5iBHRydWVyYTBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2E4MWM3NDljMjdlZWI0YWMwYTYzNWY2ZGY5MGY5NTgwZmE4MDVlMTA4ZWM5NWViM2VkZGZlNGE1MmM3N2Y1NzZ6ATDCAWEwIy5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiNhODFjNzQ5YzI3ZWViNGFjMGE2MzVmNmRmOTBmOTU4MGZhODA1ZTEwOGVjOTVlYjNlZGRmZTRhNTJjNzdmNTc2yAEB.2DSntuF5-hVhgQ4fwoqjyAEjATZUefE-TuJk3x_rddk&usecachedssr=1&prefetchSSRCorrelationId=b8618ca1-30f4-4000-d0f3-6046701092fdfalse
                                                                        • Avira URL Cloud: safe
                                                                        unknown
                                                                        https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svgfalse
                                                                          high
                                                                          https://challenges.cloudflare.com/turnstile/v0/b/708f7a809116/api.jsfalse
                                                                            high
                                                                            https://vhg.lillki.top/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.jsfalse
                                                                            • Avira URL Cloud: safe
                                                                            unknown
                                                                            https://office.lillki.top/favicon.icotrue
                                                                            • Avira URL Cloud: phishing
                                                                            unknown
                                                                            https://office.lillki.top/common/handlers/watsontrue
                                                                            • Avira URL Cloud: phishing
                                                                            unknown
                                                                            https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PUS8&FileSource=false
                                                                            • Avira URL Cloud: safe
                                                                            unknown
                                                                            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1false
                                                                              high
                                                                              https://office.lillki.top/SiDVKGPM?O=fQIxA0ctrue
                                                                              • Avira URL Cloud: phishing
                                                                              unknown
                                                                              https://js.hcaptcha.com/1/api.jsfalse
                                                                                high
                                                                                https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4ba7c391e6f3f547d8ce.jsfalse
                                                                                  high
                                                                                  https://vhg.lillki.top/shared/1.0/content/js/BssoInterrupt_Core_9810YxmrLqOR1rQ4anyNMg2.jsfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  unknown
                                                                                  https://depedph-my.sharepoint.com/:w:/g/personal/records_rov_deped_gov_ph/EWT11936mxtFq_oxaIuirgEB9qLYm9PlVfrgeks1oAQ8gg?rtime=BDP-k7pn3Ugfalse
                                                                                    unknown
                                                                                    https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/8ag8x/0x4AAAAAABAl3NGwRhpSwuKK/auto/fbE/new/normal/auto/false
                                                                                    • Avira URL Cloud: safe
                                                                                    unknown
                                                                                    https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icofalse
                                                                                      high
                                                                                      https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_9810YxmrLqOR1rQ4anyNMg2.jsfalse
                                                                                        high
                                                                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2061314903:1742476663:Lkt28gJDc_oJ2vshkNaWWpem-vagua3mmCKk9TEjw8M/9235dca16d5542b8/XDOoozGJUtQO_EoeEMHDOtFPNIVToI9RQLjiQN8wZTI-1742480548-1.1.1.1-hTpVdVW1Es65tk0gslG9Exz6pRcqyHUQg7IpnMojKFpD.88X8SisE6AIL8oxLBUEfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        unknown
                                                                                        https://newassets.hcaptcha.com/c/5fef759e34a955dd56ceddd805e6a87d3f7d854c8c695bf797d43331bebfee3f/hsw.jsfalse
                                                                                          high
                                                                                          https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/static/hcaptcha.htmlfalse
                                                                                            high
                                                                                            https://messaging.engagement.office.com/campaignmetadataaggregator?country=US&locale=en-US&app=2155&platform=Web&version=16.0.18711.41002&campaignParams=pageWidth%3D1280%26pageHeight%3D897%26screenWidth%3D1280%26screenHeight%3D1024%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPUS8%26TenantId%3D40e3ab80-2024-45a3-bf76-7a0761a24d29%26SelfTriggerActivity%3D%3Bfloodgateflight100a%3Bfloodgateflight102cf%3Bfloodgateflight38a%3Bfloodgateflight59a%3Bfloodgateflight70a%3Bfloodgateflight98cf%3Bwordfloodgateflight79%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=floodgateflight100a%3Bfloodgateflight102cf%3Bfloodgateflight38a%3Bfloodgateflight59a%3Bfloodgateflight70a%3Bfloodgateflight98cf%3Bwordfloodgateflight79%3B&ageGroup=0&sessionUserType=2false
                                                                                            • Avira URL Cloud: safe
                                                                                            unknown
                                                                                            https://ywb.lillki.top/Me.htm?v=3false
                                                                                            • Avira URL Cloud: safe
                                                                                            unknown
                                                                                            https://office.lillki.top/true
                                                                                            • Avira URL Cloud: phishing
                                                                                            unknown
                                                                                            https://common.online.office.com/suite/RemoteTelemetry.ashx?usid=97bd0300-a334-1f54-7d50-391cfbd39df0false
                                                                                            • Avira URL Cloud: safe
                                                                                            unknown
                                                                                            https://office.lillki.top/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638780773566722011.OTgyNGZkOTQtMDBhNi00Zjg2LTkwMWEtMDQ5ODhlYTVlY2Y0NjAxMzM0MzctNzJjMy00ZmRhLWFkZWQtOWRmODgxZTdlYTYz&ui_locales=en-US&mkt=en-US&client-request-id=b235a846-31d3-42fa-a675-d28c176fddb3&state=PcbuJpcBdRCE1qEdiq_wEGldM2b-TQ3On5xDXGrkG90xU1jb5NlE9t91vFp2Soqma8ziBAHQdXHBH9QkccsdfKd_pgFFxDGuTN4O6TRFUjIR6RwiPJ9vUoaL7Hv7lrQEhGfFdnWCprIACkHlPYG5Or9t7G5wfmiuA5Lz6vk8qO5I2U_IJnux2hGfCGQ5G9G529z28zZtVrJQ89e-YsZlnwoKFTdoZlO12UjfSawBfwhgoSmNXApX4NLlRbWFR1kDMe9rmwg1G-eG8-JPVpVO2g&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=truetrue
                                                                                              unknown
                                                                                              https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svgfalse
                                                                                                high
                                                                                                https://api.hcaptcha.com/checksiteconfig?v=14dbe0f1619b8014e2630bcdde727e7785a80dee&host=office.lillki.top&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=1false
                                                                                                • Avira URL Cloud: safe
                                                                                                unknown
                                                                                                https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallbackfalse
                                                                                                  high
                                                                                                  https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_72a1051aa2aa2943d8c1.jsfalse
                                                                                                    high
                                                                                                    https://vhg.lillki.top/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.jsfalse
                                                                                                    • Avira URL Cloud: safe
                                                                                                    unknown
                                                                                                    https://office.lillki.top/SiDVKGPMtrue
                                                                                                      unknown
                                                                                                      https://vhg.lillki.top/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.jsfalse
                                                                                                      • Avira URL Cloud: safe
                                                                                                      unknown
                                                                                                      https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=PISCATAWAY&ASN=20940&Country=US&Region=NJ&RequestIdentifier=0.a1872c17.1742480576.642019e&TotalRTCDNTime=102&CompressionType=gzip&FileSize=46938false
                                                                                                      • Avira URL Cloud: safe
                                                                                                      unknown
                                                                                                      https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.cssfalse
                                                                                                        high
                                                                                                        https://t.lillki.top/loginfalse
                                                                                                        • Avira URL Cloud: safe
                                                                                                        unknown
                                                                                                        https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_r1sg5sxlkljjoa22hvk04g2.jsfalse
                                                                                                          high
                                                                                                          https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.jsfalse
                                                                                                            high
                                                                                                            https://common.online.office.com/suite/RemoteUls.ashx?usid=97bd0300-a334-1f54-7d50-391cfbd39df0&officeserverversion=false
                                                                                                            • Avira URL Cloud: safe
                                                                                                            unknown
                                                                                                            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/9235dca16d5542b8/1742480549458/26146a2ada3b790535967f54b0877bfdae2a68765b09aee280cf94007c1ef68b/o78uRc6ycYnbUNsfalse
                                                                                                            • Avira URL Cloud: safe
                                                                                                            unknown
                                                                                                            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/9235dca16d5542b8/1742480549460/fiaY65Rgk3IK2-nfalse
                                                                                                            • Avira URL Cloud: safe
                                                                                                            unknown
                                                                                                            https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_GjP1RdcVSKf6ASC7mgkR1g2.jsfalse
                                                                                                              high
                                                                                                              https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.giffalse
                                                                                                                high
                                                                                                                https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.giffalse
                                                                                                                  high
                                                                                                                  https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_c4928fb5cff147a39780.jsfalse
                                                                                                                    high
                                                                                                                    https://depedph-my.sharepoint.com/personal/records_rov_deped_gov_ph/_layouts/15/Doc.aspx?sourcedoc=%7Bddd7f564-9bfa-451b-abfa-31688ba2ae01%7D&action=default&slrid=b7618ca1-50b1-4000-e9c3-415799bd4b22&originalPath=aHR0cHM6Ly9kZXBlZHBoLW15LnNoYXJlcG9pbnQuY29tLzp3Oi9nL3BlcnNvbmFsL3JlY29yZHNfcm92X2RlcGVkX2dvdl9waC9FV1QxMTkzNm14dEZxX294YUl1aXJnRUI5cUxZbTlQbFZmcmdla3Mxb0FROGdnP3J0aW1lPUJEUC1rN3BuM1Vn&CID=1f105f0a-322c-4d42-9c76-3e7c2e21164a&_SRM=0:G:97false
                                                                                                                      unknown
                                                                                                                      https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svgfalse
                                                                                                                        high
                                                                                                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=9235dca16d5542b8&lang=autofalse
                                                                                                                        • Avira URL Cloud: safe
                                                                                                                        unknown
                                                                                                                        https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wstfalse
                                                                                                                          high
                                                                                                                          • No. of IPs < 25%
                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                          • 75% < No. of IPs
                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                          13.107.6.156
                                                                                                                          b-0004.b-msedge.netUnited States
                                                                                                                          8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          184.31.69.3
                                                                                                                          unknownUnited States
                                                                                                                          20940AKAMAI-ASN1EUfalse
                                                                                                                          52.168.117.175
                                                                                                                          unknownUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          52.168.117.170
                                                                                                                          unknownUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          142.251.40.202
                                                                                                                          unknownUnited States
                                                                                                                          15169GOOGLEUSfalse
                                                                                                                          142.250.81.238
                                                                                                                          unknownUnited States
                                                                                                                          15169GOOGLEUSfalse
                                                                                                                          52.108.10.12
                                                                                                                          unknownUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          23.44.136.175
                                                                                                                          unknownUnited States
                                                                                                                          20940AKAMAI-ASN1EUfalse
                                                                                                                          104.19.230.21
                                                                                                                          unknownUnited States
                                                                                                                          13335CLOUDFLARENETUSfalse
                                                                                                                          35.190.80.1
                                                                                                                          a.nel.cloudflare.comUnited States
                                                                                                                          15169GOOGLEUSfalse
                                                                                                                          142.250.80.35
                                                                                                                          unknownUnited States
                                                                                                                          15169GOOGLEUSfalse
                                                                                                                          23.201.34.72
                                                                                                                          a1894.dscb.akamai.netUnited States
                                                                                                                          16625AKAMAI-ASUSfalse
                                                                                                                          104.18.95.41
                                                                                                                          challenges.cloudflare.comUnited States
                                                                                                                          13335CLOUDFLARENETUSfalse
                                                                                                                          23.44.136.180
                                                                                                                          unknownUnited States
                                                                                                                          20940AKAMAI-ASN1EUfalse
                                                                                                                          23.44.136.181
                                                                                                                          unknownUnited States
                                                                                                                          20940AKAMAI-ASN1EUfalse
                                                                                                                          23.40.179.66
                                                                                                                          a726.dscd.akamai.netUnited States
                                                                                                                          16625AKAMAI-ASUSfalse
                                                                                                                          23.44.136.140
                                                                                                                          unknownUnited States
                                                                                                                          20940AKAMAI-ASN1EUfalse
                                                                                                                          52.109.8.89
                                                                                                                          unknownUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          52.108.78.30
                                                                                                                          unknownUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          23.44.133.160
                                                                                                                          unknownUnited States
                                                                                                                          20940AKAMAI-ASN1EUfalse
                                                                                                                          40.126.24.147
                                                                                                                          unknownUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          13.107.136.10
                                                                                                                          dual-spo-0005.spo-msedge.netUnited States
                                                                                                                          8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          104.21.24.129
                                                                                                                          t.lillki.topUnited States
                                                                                                                          13335CLOUDFLARENETUStrue
                                                                                                                          104.18.94.41
                                                                                                                          unknownUnited States
                                                                                                                          13335CLOUDFLARENETUSfalse
                                                                                                                          52.123.129.14
                                                                                                                          s-0005.dual-s-msedge.netUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          142.250.64.78
                                                                                                                          unknownUnited States
                                                                                                                          15169GOOGLEUSfalse
                                                                                                                          23.44.136.151
                                                                                                                          unknownUnited States
                                                                                                                          20940AKAMAI-ASN1EUfalse
                                                                                                                          23.40.179.14
                                                                                                                          unknownUnited States
                                                                                                                          16625AKAMAI-ASUSfalse
                                                                                                                          142.251.41.10
                                                                                                                          unknownUnited States
                                                                                                                          15169GOOGLEUSfalse
                                                                                                                          142.250.72.100
                                                                                                                          www.google.comUnited States
                                                                                                                          15169GOOGLEUSfalse
                                                                                                                          142.251.16.84
                                                                                                                          unknownUnited States
                                                                                                                          15169GOOGLEUSfalse
                                                                                                                          13.89.178.27
                                                                                                                          unknownUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          23.209.72.9
                                                                                                                          e329293.dscd.akamaiedge.netUnited States
                                                                                                                          20940AKAMAI-ASN1EUfalse
                                                                                                                          20.135.17.52
                                                                                                                          i-bnz06p-cor002.api.p001.1drv.comUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          52.111.251.17
                                                                                                                          unknownUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          142.251.40.234
                                                                                                                          unknownUnited States
                                                                                                                          15169GOOGLEUSfalse
                                                                                                                          52.123.128.14
                                                                                                                          unknownUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          52.108.8.12
                                                                                                                          wac-0003.wac-msedge.netUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          142.250.80.99
                                                                                                                          unknownUnited States
                                                                                                                          15169GOOGLEUSfalse
                                                                                                                          142.250.64.67
                                                                                                                          unknownUnited States
                                                                                                                          15169GOOGLEUSfalse
                                                                                                                          52.108.11.12
                                                                                                                          wac-0003.wac-dc-msedge.netUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          104.19.229.21
                                                                                                                          api.hcaptcha.comUnited States
                                                                                                                          13335CLOUDFLARENETUSfalse
                                                                                                                          104.46.162.227
                                                                                                                          unknownUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          23.44.133.184
                                                                                                                          unknownUnited States
                                                                                                                          20940AKAMAI-ASN1EUfalse
                                                                                                                          52.111.229.20
                                                                                                                          prod-campaignaggregator.omexexternallfb.office.net.akadns.netUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          172.67.218.237
                                                                                                                          vhg.lillki.topUnited States
                                                                                                                          13335CLOUDFLARENETUSfalse
                                                                                                                          20.44.10.123
                                                                                                                          unknownUnited States
                                                                                                                          8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                          IP
                                                                                                                          192.168.2.18
                                                                                                                          Joe Sandbox version:42.0.0 Malachite
                                                                                                                          Analysis ID:1644440
                                                                                                                          Start date and time:2025-03-20 15:20:42 +01:00
                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                          Overall analysis duration:
                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                          Report type:full
                                                                                                                          Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                          Number of analysed new started processes analysed:10
                                                                                                                          Number of new started drivers analysed:0
                                                                                                                          Number of existing processes analysed:0
                                                                                                                          Number of existing drivers analysed:0
                                                                                                                          Number of injected processes analysed:0
                                                                                                                          Technologies:
                                                                                                                          • EGA enabled
                                                                                                                          Analysis Mode:stream
                                                                                                                          Analysis stop reason:Timeout
                                                                                                                          Sample name:Illinois Central College 2025-03-19.docx
                                                                                                                          Detection:MAL
                                                                                                                          Classification:mal84.phis.winDOCX@21/93@52/215
                                                                                                                          Cookbook Comments:
                                                                                                                          • Found application associated with file extension: .docx
                                                                                                                          • Exclude process from analysis (whitelisted): SIHClient.exe
                                                                                                                          • Excluded IPs from analysis (whitelisted): 52.109.8.89, 184.31.69.3
                                                                                                                          • Excluded domains from analysis (whitelisted): fs.microsoft.com, config.officeapps.live.com, prod.configsvc1.live.com.akadns.net, us.configsvc1.live.com.akadns.net, cus-config.officeapps.live.com, officeclient.microsoft.com
                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                          • Report size getting too big, too many NtReadVirtualMemory calls found.
                                                                                                                          • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                          • VT rate limit hit for: wac-0003.wac-msedge.net
                                                                                                                          Process:C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
                                                                                                                          File Type:data
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):162
                                                                                                                          Entropy (8bit):1.3684295979348586
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:46BAD1BA6BA3D57D87D10CC1FDF75555
                                                                                                                          SHA1:A22E2569ECE2BBB15D7CFDB590A9A42232CC6394
                                                                                                                          SHA-256:3130FF494E7C888649C580F7F333F23F2AD79416DFF593B0BE775D4D0FE50D1E
                                                                                                                          SHA-512:EDAC13808C39AF2FC2365D2D7874FD4E6F8E6071C952571E1A72B561D6F75414580DB7FCAF10008D9977411D7FD62A6EED64B4A49B49FBF8656E72311E5C4112
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:..........................................................................................................................................#.*.$...}..k....0T...=.j
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65468)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):1946567
                                                                                                                          Entropy (8bit):5.462039558610166
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:23CB18D4F2AF129CBC02302B7395FFB9
                                                                                                                          SHA1:935E2FEB889E5D4F1B33C3F41AD02DECF0A82F18
                                                                                                                          SHA-256:6D40ECD1E37EB3DA6764736932927E50E35B629ADDECB273634F5B84E6A94E3C
                                                                                                                          SHA-512:A092425E9F1ED1FECC38EA4D3DCB1D02D4292FAA21FD669F78979DCEC146C272F8805BA862B76C876821114E46478D62DCF4D6EA2E162426ADA5E79565D0A82C
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/6d40ecd1e37eb3da/common.min.js
                                                                                                                          Preview:/*! For license information please see common.min.js.LICENSE.txt */.(globalThis.wordOnlineChunks=globalThis.wordOnlineChunks||[]).push([[72076],{70777:function(e,t,n){"use strict";function o(e){for(var t,n=0,o=0,r=e.length;r>=4;++o,r-=4)t=1540483477*(65535&(t=255&e.charCodeAt(o)|(255&e.charCodeAt(++o))<<8|(255&e.charCodeAt(++o))<<16|(255&e.charCodeAt(++o))<<24))+(59797*(t>>>16)<<16),n=1540483477*(65535&(t^=t>>>24))+(59797*(t>>>16)<<16)^1540483477*(65535&n)+(59797*(n>>>16)<<16);switch(r){case 3:n^=(255&e.charCodeAt(o+2))<<16;case 2:n^=(255&e.charCodeAt(o+1))<<8;case 1:n=1540483477*(65535&(n^=255&e.charCodeAt(o)))+(59797*(n>>>16)<<16)}return(((n=1540483477*(65535&(n^=n>>>13))+(59797*(n>>>16)<<16))^n>>>15)>>>0).toString(36)}n.d(t,{A:function(){return o}})},60453:function(e,t,n){"use strict";n.d(t,{s:function(){return r}});var o=n(11648);function r(e,t,n){void 0===n&&(n=!0);var r=!1;if(e&&t)if(n)if(e===t)r=!0;else for(r=!1;t;){var i=(0,o.P)(t);if(i===e){r=!0;break}t=i}else e.contains&&(r=e
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:HTML document, ASCII text, with very long lines (3429), with CRLF line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):3431
                                                                                                                          Entropy (8bit):5.119983736715109
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:6FFF389CC07BA8BA46CF8F6E61C8A3A8
                                                                                                                          SHA1:8951778B9DB348299313736CC359B0E172B18C02
                                                                                                                          SHA-256:5DAA0016B06E63E4021B9952A01ECBF97ED34E76D3CDF72A273DDD34EFC0D229
                                                                                                                          SHA-512:D79EB5963F8BC3FA12265536F3393DCB008F73EC4A60C1E91FCBDD3DF06B53848B0286B2DFE114B6893909563D0CD130E6CF0DD659F954056CB6C491BBD02636
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://ywb.lillki.top/Me.htm?v=3
                                                                                                                          Preview:<script type="text/javascript">!function(t,e){for(var s in e)t[s]=e[s]}(this,function(t){function e(n){if(s[n])return s[n].exports;var i=s[n]={exports:{},id:n,loaded:!1};return t[n].call(i.exports,i,i.exports,e),i.loaded=!0,i.exports}var s={};return e.m=t,e.c=s,e.p="",e(0)}([function(t,e){function s(t){for(var e=f[S],s=0,n=e.length;s<n;++s)if(e[s]===t)return!0;return!1}function n(t){if(!t)return null;for(var e=t+"=",s=document.cookie.split(";"),n=0,i=s.length;n<i;n++){var a=s[n].replace(/^\s*(\w+)\s*=\s*/,"$1=").replace(/(\s+$)/,"");if(0===a.indexOf(e))return a.substring(e.length)}return null}function i(t,e,s){if(t)for(var n=t.split(":"),i=null,a=0,r=n.length;a<r;++a){var c=null,S=n[a].split("$");if(0===a&&(i=parseInt(S.shift()),!i))return;var l=S.length;if(l>=1){var p=o(i,S[0]);if(!p||s[p])continue;c={signInName:p,idp:"msa",isSignedIn:!0}}if(l>=3&&(c.firstName=o(i,S[1]),c.lastName=o(i,S[2])),l>=4){var f=S[3],d=f.split("|");c.otherHashedAliases=d}if(l>=5){var h=parseInt(S[4],16);h&&(c.
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:GIF image data, version 89a, 352 x 3
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):2672
                                                                                                                          Entropy (8bit):6.640973516071413
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:166DE53471265253AB3A456DEFE6DA23
                                                                                                                          SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                                                                                                          SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                                                                                                          SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:JSON data
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):2459
                                                                                                                          Entropy (8bit):5.1559252138642115
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:4C83708A8BDD15DB6A780007FE744ACE
                                                                                                                          SHA1:3CE4CDD88AE92E20D00089CA1CFE5D1286609DF7
                                                                                                                          SHA-256:95140205BF4D4B746AB9307E5FD6443B16B0225FB006F9CA3D8CD44C7D228AB0
                                                                                                                          SHA-512:023FD34B8217EAC7297C98C2376F052C360A7DF08104ED81ED3F357576560418B0C011AD5335C0A6B2B2C6C0A5EC68A2CAA489916CADCE15F0CB02D7A6AEB534
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://admin.microsoft.com/admin/api/uxversion?bldVer=v1
                                                                                                                          Preview:{"floodgate":{"cdnUrl":"https://res.cdn.office.net/admincenter/admin-main/2025.3.13.3/","loaderSpec":{"type":"scriptUrl","content":"https://res.cdn.office.net/admincenter/admin-main/2025.3.13.3/floodgate.en.bundle.js"},"version":"2025.3.13.3"},"ariaLoggerId":"ea84b6a3285140258eaeb7caaab5884a-9d3ca75b-b3ee-42b8-a22c-ab0759ad4d38-7330","euAriaLoggerId":"","hostingAppUrls":"{\"M365AdminPortal\":\"https://admin.microsoft.com\",\"EXOAdminPortal\":\"https://admin.exchange.microsoft.com\",\"SPOAdminPortal\":\"https://admin.microsoft.com/sharepoint\",\"TeamsAdminPortal\":\"https://admin-int.teams.microsoft.net/\",\"MSGraphEndPoint\":\"https://graph.microsoft.com\",\"CDNContentURL\":\"https://res.cdn.office.net/admincenter/admin-content\",\"AriaLoggerGlobalCollectorEndpoint\":\"https://mobile.events.data.microsoft.com/Collector/3.0\",\"AriaLoggerEUCollectorEndpoint\":\"https://eu-mobile.events.data.microsoft.com/Collector/3.0\",\"AriaLoggerId\":\"ea84b6a3285140258eaeb7caaab5884a-9d3ca75b-b3ee-4
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):283415
                                                                                                                          Entropy (8bit):5.547534322979334
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:72F7B59D9E8F971A7FB2D227C9A17EA2
                                                                                                                          SHA1:39B90E76A0000BD79D2FF102516ACF7DDFCBFA7B
                                                                                                                          SHA-256:893B05BE697B7F64726498282D9860E4CD26A27341D66A1F59AF38402D69784D
                                                                                                                          SHA-512:90A66EA3E0833A6753512E0ED821EC9BAC0C51FAEC456E75842FFF272093D5D7CD29CD9BF0C2D6A4081FBB92298A21AD2891676549178C588E78D1B2C499E8D7
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/versioned/suiteux-shell/7.1.7/js/suiteux.shell.plus.js
                                                                                                                          Preview:var shellPerformance=window.performance,HighResolutionTimingSupported=!!shellPerformance&&"function"==typeof shellPerformance.mark;HighResolutionTimingSupported&&shellPerformance.mark("shell_plus_start"),(self["suiteux_shell_webpackJsonp_suiteux-main"]=self["suiteux_shell_webpackJsonp_suiteux-main"]||[]).push([["plus"],{14142:function(e,t,n){"use strict";var i;n.d(t,{f:function(){return i}}),function(e){e.depth0="0 0 0 0 transparent",e.depth4="0 1.6px 3.6px 0 rgba(0, 0, 0, 0.132), 0 0.3px 0.9px 0 rgba(0, 0, 0, 0.108)",e.depth8="0 3.2px 7.2px 0 rgba(0, 0, 0, 0.132), 0 0.6px 1.8px 0 rgba(0, 0, 0, 0.108)",e.depth16="0 6.4px 14.4px 0 rgba(0, 0, 0, 0.132), 0 1.2px 3.6px 0 rgba(0, 0, 0, 0.108)",e.depth64="0 25.6px 57.6px 0 rgba(0, 0, 0, 0.22), 0 4.8px 14.4px 0 rgba(0, 0, 0, 0.18)"}(i||(i={}))},66097:function(e,t,n){"use strict";n.d(t,{I:function(){return l}});var i=/[\(\[\{\<][^\)\]\}\>]*[\)\]\}\>]/g,a=/[\0-\u001F\!-/:-@\[-`\{-\u00BF\u0250-\u036F\uD800-\uFFFF]/g,o=/^\d+[\d\s]*(:?ext|x|)\s*\d
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:JSON data
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):399
                                                                                                                          Entropy (8bit):5.452215307124531
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:0C15D200CE5E9490393394B43209B4B3
                                                                                                                          SHA1:DFBAE56CDF1F8D45FECC9F98C6EE2482F2B07E50
                                                                                                                          SHA-256:BBF020BB406238A9E37B9BE0C1DCB0B278545CF60A37BC096A31B0D4E00E4F27
                                                                                                                          SHA-512:A1AD2A3B6477FED19809F40B67DBE7B6B7D04CD0F23783E2A8E370F85CA0CAB58E85FBDF60B604405B62CC136355D8AC2DC1B1BF098866711FA6B696FA5E1D65
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:{"OneShell":{"M365CopilotRebrandingEnabled":true,"UpdatedConsumerAppList":true,"M365StartEnabled":true,"DisableM365StartIntentsModule":false,"default":true},"Headers":{"ETag":"\"9btqTzDiElwLNfZkRp7wFewLNoXKAK6cxU5RSHQIYfE=\"","Expires":"Thu, 20 Mar 2025 15:22:26 GMT","CountryCode":"US","StatusCode":"200"},"ConfigIDs":{"OneShell":"P-R-1535312-4-8,P-R-1157040-4-8,P-R-1131228-4-17,P-D-1117449-1-4"}}
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:JSON data
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):5892
                                                                                                                          Entropy (8bit):5.72595011462404
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:E81A06F792DB55BFC0944BB6F724DB30
                                                                                                                          SHA1:92C093EE94AE9281E9753ED3D18EBB1A285595C2
                                                                                                                          SHA-256:724E61C00C16844705D3337DDB487938904FCBECA6D10959A5A25BA5C84AEA67
                                                                                                                          SHA-512:72022C07EFDC8255E0C7959844145515EB05C91D727F15DE0E520D40768D842BCF8F139D488BFCD605D39CED7C67484506BDD8E1A409B7B0051F6DAD0A6BCB91
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:{"CampaignContent":{"campaigns":[{"CampaignId":"328a8542-6ebf-417b-98ef-07f9578da06d","TreatmentType":0,"LauncherType":"coachingux","StartTimeUtc":"2025-01-06T00:00:00Z","EndTimeUtc":"2025-06-30T23:59:59Z","GovernedChannelType":3,"Scope":{"Type":1,"Languages":[]},"NominationScheme":{"Type":0,"PercentageNumerator":100,"PercentageDenominator":100,"NominationPeriod":{"Type":0,"IntervalSeconds":15206400},"CooldownPeriod":{"Type":0,"IntervalSeconds":15206400},"FallbackSurveyDurationSeconds":120},"SurveyTemplate":{"Type":22,"ActivationEvent":{"Type":1,"Sequence":[{"Type":0,"Activity":"triggerTUIForTableOOUI","Count":1,"IsAggregate":true}]},"Metadata":{"ContentMetadata":{"surfaceType":"sequence","treatmentType1":0,"preventAutoDismiss":true,"telemetryEventName":"FLOODGATEFLIGHT102A;FLOODGATEFLIGHT102CF","itemCount":"2","timeout":"","preFetchDelay":"500","dismissButton":"","closeButtonAriaLabel":"Close","customStyles":"","customProperties":"","anchorHint":"11","surfaceType1":"teaching","anchorE
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:JSON data
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):31697
                                                                                                                          Entropy (8bit):5.170379053857505
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:9BAE2967CC03DE6F6C486461920ADF9B
                                                                                                                          SHA1:E253B3EBE397A05BCB1B9FDB48DBCD22DAE89A5A
                                                                                                                          SHA-256:B60CDCC4224FE94C138B4BFA56A0433FFB5E10DCC10A89D82233ABA87610BBC5
                                                                                                                          SHA-512:0D991DC74C3879C1A6B0841543BA8D5EE67ADD50234A25B690C8739ADD72E4ADB8940470C06DBAED99C0D5DB38C30167759E8AD40222FDABE69016D2143234A9
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/en-us
                                                                                                                          Preview:{"Architecture":1,"Audience":0,"Resources":{"Version":"1.20250317.1.0","CatalogXml":"<ResourceCatalog>\r\n <Resources>\r\n <Resource Key=\"_store_mecontrol-fluent-web_3_28_4-preview_4-866506a6b134071e054e_node_modules_mecontrol_flue-832c5d\" Type=\"LTRRTLPath\">\r\n <RTLPath>suiteux.shell._store_mecontrol-fluent-web_3_28_4-preview_4-866506a6b134071e054e_node_modules_mecontrol_flue-832c5d.21872e03b6d693d5a73d.rtl.js</RTLPath>\r\n <LTRPath>suiteux.shell._store_mecontrol-fluent-web_3_28_4-preview_4-866506a6b134071e054e_node_modules_mecontrol_flue-832c5d.21872e03b6d693d5a73d.js</LTRPath>\r\n </Resource>\r\n <Resource Key=\"_store_mecontrol-fluent-web_3_28_4-preview_4-866506a6b134071e054e_node_modules_mecontrol_flue-bcf27c\" Type=\"LTRRTLPath\">\r\n <RTLPath>suiteux.shell._store_mecontrol-fluent-web_3_28_4-preview_4-866506a6b134071e054e_node_modules_mecontrol_flue-bcf27c.abaea5ac1a02d546a7db.rtl.js</RTLPath>\r\n <LTRPath>suiteux.shell._store_mecontrol-fluent-we
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):696830
                                                                                                                          Entropy (8bit):4.989441556927131
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:55D9200408150DE9DD3CB3A3435524BD
                                                                                                                          SHA1:D60132C52B592F0FF85CDFF38BEAC6F55D8CDF62
                                                                                                                          SHA-256:00DC2FCE8C27273E3C351DA60C885343A13728641C2D62A36039543787E39FCF
                                                                                                                          SHA-512:7254BABA53FEB5AEA18BF7F9326E80CD69E2D3F8F26B9584CCBF29FEC43085438E4AB42A375F02B2400999DB9BDC0EA132862FA1825770C97EB1F39119FDA896
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/00dc2fce8c27273e/word-app-intl.min.js
                                                                                                                          Preview:"use strict";var WordRibbonStrings={About:"About",AboutFollowUps:"about Follow-ups",AboutFollowUpsLearnMore:"Learn more",AboutKeytip:"D",Above:"Above",AcceptAllChanges:"Accept All Changes",AcceptAllChangesKeytip:"B",AcceptChange:"Accept",AcceptChangeKeytip:"A2",AcceptChangeAndMoveToNext:"Accept and Move to Next",AcceptChangeAndMoveToNextKeytip:"A",Accessibility:"Accessibility",AccessibilityHelp:"Accessibility Help (Alt+Shift+A)",AccessibilityHelpDescription:"Find out about accessibility features in Word Online.",AccessibilityHelpKeytip:"A",AccessibilityMode:"Accessibility Mode",AccessibilityTab:"Accessibility",AccessibilityTabKeyTip:"A",AppHomeButtonAriaLabel:"Word, click to open Word home page",AppHomeButtonTooltip:"Word home",Citation:"Citations",CitationAndBibliography:"Citation & Bibliography",CitationKeytip:"C",Activity:"Edit Activity",ActivityContextMenuLabel:"Show new changes",AdaptiveGroupTitle:"Current Selection",AddCentreTabStop:"Add centre tab stop",AddInsKeytipPrefix:"Y",Ad
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):768408
                                                                                                                          Entropy (8bit):5.627805853114041
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:7BD876C8F9F3642A65F0C04E462EF689
                                                                                                                          SHA1:CFE21DF3DEDE50F3C4377530D52408184C78A2E5
                                                                                                                          SHA-256:7FBAB0D2B0A093E3A77806320E17D421C2585EE527BDED9097C5FE0BA9AC8029
                                                                                                                          SHA-512:421AABF66069CFD62739D83FC6A07502D6CA9E404BCE6F9821B371F6D5154509BC0029291C7E6805305051AC510D71E40B04FAEEE8BBF6D65AB85BBA39BEDDF8
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://newassets.hcaptcha.com/c/5fef759e34a955dd56ceddd805e6a87d3f7d854c8c695bf797d43331bebfee3f/hsw.js
                                                                                                                          Preview:var hsw=function KXaKYm(){"use strict";var dr=function(de,cG,rg,tZ){return this instanceof dr?(this.remainder=null,"string"==typeof de?Dw.call(this,de,cG):void 0===cG?DJ.call(this,de):void Bw.apply(this,arguments)):new dr(de,cG,rg,tZ)},DJ=function(dr){return this._a00=65535&dr,this._a16=dr>>>16,this._a32=0,this._a48=0,this};var de=true;var cG=[function(dr){for(DJ=Uc,de=[],cG=dr[DJ(353)],rg=0,void 0;rg<cG;rg+=4){var DJ;var de;var cG;var rg;de[DJ(742)](dr[rg]<<24|dr[rg+1]<<16|dr[rg+2]<<8|dr[rg+3])}return de},false==de?false:function(dr,DJ){if(dr)throw TypeError("Decoder error");return DJ||65533},function(dr,DJ,de,cG){return void 0===de?(this._a00=65535&dr,this._a16=dr>>>16,this._a32=65535&DJ,this._a48=DJ>>>16,this):(this._a00=0|dr,this._a16=0|DJ,this._a32=0|de,this._a48=0|cG,this)}];de=false;var rg=function(dr){return null==dr};var tZ=function(){var dr=235;return null!==VJ&&VJ[dw(235)]===yC.ub[dw(235)]||(VJ=jx(Int32Array,yC.ub[dw(dr)])),VJ},pZ=function(dr,DJ,de){yC.Ob(dr,DJ,Dv(de))};var
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:HTML document, Unicode text, UTF-8 text, with very long lines (39767)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):415840
                                                                                                                          Entropy (8bit):5.595033636342777
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:334FC2F1F48A82AAEC1D5E8351639ACD
                                                                                                                          SHA1:3DC4AABA202A9AF8F3A4DB9BB4FA92EAE93601AE
                                                                                                                          SHA-256:ED99EB40086D1BEB8AF8D0B89DA6BAEA5332AD7843DAF77EF2DD63341D9F4EF3
                                                                                                                          SHA-512:77DB115064FB7EFA26E49F237B8936EDB8C850956AC549D06A2A4ECFA85602490B21D57874FCB4546104818926A5E34B4978F238CD0BA9B7161CCDEC7CDC66AB
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://newassets.hcaptcha.com/captcha/v1/14dbe0f1619b8014e2630bcdde727e7785a80dee/static/hcaptcha.html
                                                                                                                          Preview:<!DOCTYPE html>.<html lang="en" data-id="hcaptcha-frame-14dbe0f1619b8014e2630bcdde727e7785a80dee">.<head>. <title>hCaptcha</title>. <meta charset="utf-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <meta http-equiv="Content-Security-Policy" content="object-src 'none'; base-uri 'self'; worker-src blob:; script-src 'self' 'unsafe-eval' 'sha256-0m7b6Qc+cU+jCwBIeuVZl8o9AumAMy5E/wN/m6Ps9vs=';">. <style type="text/css">*{-webkit-tap-highlight-color:transparent;-webkit-font-smoothing:antialiased}body,html{margin:0;padding:0;font-family:-apple-system,system-ui,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen,Ubuntu,"Helvetica Neue",Arial,sans-serif;overflow:hidden;height:100%;width:100%;background-color:rgba(255,255,255,0);background-color:transparent}fieldset{margin:0;padding:15px 20px;border:none}button:focus,input:focus,select:focus,textarea:focus{outline:0}:focus{border:none;outline:0}textarea{border:none;overflow:auto;outline:0;-webkit-box-shadow:none;-moz-box-shado
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65450), with CRLF line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):119648
                                                                                                                          Entropy (8bit):5.356165204896218
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:75CF78D0E38C65A538AD253CA9E48DBE
                                                                                                                          SHA1:BF0452E4A42A9AF3B69D5D8C3A3A0433F14921B6
                                                                                                                          SHA-256:DF2AA8537C1992C94846A0FFFFAA9031D430D9D0210B9E396EC059AFF62627E0
                                                                                                                          SHA-512:81383E4FDAE1F34F8E652F69058D57A2A4BD0A77C2C41C3174BEE0CEBA83A8326229C2A74EAF415BFBD34382B1C442A97C41034F43CD77A391BA9B4DAAE65463
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://vhg.lillki.top/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
                                                                                                                          Preview:/*! jQuery v3.5.1 | (c) JS Foundation and other contributors | jquery.org/license */..!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:SVG Scalable Vector Graphics image
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):3651
                                                                                                                          Entropy (8bit):4.094801914706141
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:EE5C8D9FB6248C938FD0DC19370E90BD
                                                                                                                          SHA1:D01A22720918B781338B5BBF9202B241A5F99EE4
                                                                                                                          SHA-256:04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
                                                                                                                          SHA-512:C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:<svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):76571
                                                                                                                          Entropy (8bit):5.3642600028312035
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:92F48EB907103FFC07BF3D9B4B6F21BD
                                                                                                                          SHA1:89E04E80342576E08B607532CF59AD44A2B1138A
                                                                                                                          SHA-256:2F1617A23E002B2E3327D68AB06BED16003187CE28EA18F385C4E8D31A67C227
                                                                                                                          SHA-512:031F3520EA8B3B8F983A7EDDEAC13547C8E18E4F5C42CFDD52FAD87CE9F2CE1DEB2E436957CB9B7F771BCA6A5D9A7FA4906E8F52E0942CA3706890114DEE9E0E
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/versioned/officebrowserfeedback-ext-dynamic-campaign-latest/0.0.13/dist/bundles/floodgate_ecs_client_es5.min.js
                                                                                                                          Preview:!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.FloodgateDynamicCampaign=t():e.FloodgateDynamicCampaign=t()}(self,(function(){return function(){var e={7222:function(e,t,n){"use strict";var r=this&&this.__createBinding||(Object.create?function(e,t,n,r){void 0===r&&(r=n),Object.defineProperty(e,r,{enumerable:!0,get:function(){return t[n]}})}:function(e,t,n,r){void 0===r&&(r=n),e[r]=t[n]}),i=this&&this.__exportStar||function(e,t){for(var n in e)"default"===n||Object.prototype.hasOwnProperty.call(t,n)||r(t,e,n)};Object.defineProperty(t,"__esModule",{value:!0}),t.IFloodgateHostPlatform=t.GovernedChannelType=t.ICampaignDefinitions=t.Api=void 0,i(n(7560),t),t.Api=n(7560),i(n(2783),t),i(n(8262),t),i(n(234),t);var o=n(9556);Object.defineProperty(t,"ICampaignDefinitions",{enumerable:!0,get:function(){return o.ICampaignDefinitions}});var s=n(8445);Object.defineProperty(t,"Govern
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):61
                                                                                                                          Entropy (8bit):3.990210155325004
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:9246CCA8FC3C00F50035F28E9F6B7F7D
                                                                                                                          SHA1:3AA538440F70873B574F40CD793060F53EC17A5D
                                                                                                                          SHA-256:C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
                                                                                                                          SHA-512:A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1
                                                                                                                          Preview:.PNG........IHDR...............s....IDAT.....$.....IEND.B`.
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):184541
                                                                                                                          Entropy (8bit):5.525066298238319
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:181554C4C481FEF68BA5338CF9848C91
                                                                                                                          SHA1:AF5414B1FDA1A8D1878C8645C6B3ED97ADC8BA50
                                                                                                                          SHA-256:45740FC235801D70B653F80DE6B729F9455E1763B7389C9968D7CE09617366AC
                                                                                                                          SHA-512:8ECB98FB672C40C97D1FBDC2230E5A3656BCE96A8B92437F926C5EC843418B54991E5FA3762A86F4949BA797967CD478D350C61C8BB2AC03D64E52F1CC5DB0B4
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/wise/owl/owl.slim.ab837f2adcf05cbb8e21.js
                                                                                                                          Preview:var Microsoft;!function(){"use strict";var t,e,n,o,i={3045:function(t,e,n){n.d(e,{h:function(){return s}});var o=n(72379),i=n(14521),r=n(39292),s=function(t){function e(){var e=null!==t&&t.apply(this,arguments)||this;return e.value=null,e.hasNext=!1,e.hasCompleted=!1,e}return o.C6(e,t),e.prototype.U=function(e){return this.hasError?(e.error(this.thrownError),r.y.EMPTY):this.hasCompleted&&this.hasNext?(e.next(this.value),e.complete(),r.y.EMPTY):t.prototype.U.call(this,e)},e.prototype.next=function(t){this.hasCompleted||(this.value=t,this.hasNext=!0)},e.prototype.error=function(e){this.hasCompleted||t.prototype.error.call(this,e)},e.prototype.complete=function(){this.hasCompleted=!0,this.hasNext&&t.prototype.next.call(this,this.value),t.prototype.complete.call(this)},e}(i.B7)},44739:function(t,e,n){n.d(e,{t:function(){return s}});var o=n(72379),i=n(14521),r=n(46624),s=function(t){function e(e){var n=t.call(this)||this;return n.N=e,n}return o.C6(e,t),Object.defineProperty(e.prototype,"val
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:HTML document, ASCII text, with CRLF line terminators
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):1245
                                                                                                                          Entropy (8bit):5.462849750105637
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:5343C1A8B203C162A3BF3870D9F50FD4
                                                                                                                          SHA1:04B5B886C20D88B57EEA6D8FF882624A4AC1E51D
                                                                                                                          SHA-256:DC1D54DAB6EC8C00F70137927504E4F222C8395F10760B6BEECFCFA94E08249F
                                                                                                                          SHA-512:E0F50ACB6061744E825A4051765CEBF23E8C489B55B190739409D8A79BB08DAC8F919247A4E5F65A015EA9C57D326BBEF7EA045163915129E01F316C4958D949
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns="http://www.w3.org/1999/xhtml">..<head>..<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>..<title>404 - File or directory not found.</title>..<style type="text/css">.. ..body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}..fieldset{padding:0 15px 10px 15px;} ..h1{font-size:2.4em;margin:0;color:#FFF;}..h2{font-size:1.7em;margin:0;color:#CC0000;} ..h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} ..#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;..background-color:#555555;}..#content{margin:0 0 0 2%;position:relative;}...content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}..-->..</style>..</head>..<body>..<div id="header"><h1>Server Error</h1></div>..<div id="content">.. <div class="co
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:JSON data
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):35697
                                                                                                                          Entropy (8bit):5.182013454937405
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:A32F1B35C4D4514095B76E25E6C0BD12
                                                                                                                          SHA1:CE5A11938DAB700FFC4CE87FB5621F91DD7A4993
                                                                                                                          SHA-256:DCC59B25CC93210C9DDDA23F135BBA41A23210560D58127900EAA0F34BF071F9
                                                                                                                          SHA-512:F3ADC76A8F8E402D40501C69D16ECD569206AC645C3BD9E3DF1D83F3E4391403C52C6005C40416F5B04C03914D6640071207CDFE0A10F67D9F25F6E3FD7C18E6
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:{"Floodgate_Campaign_Word.6ddb558d-ad9d-4c67-8fa5-b5208768cae7":{"CampaignId":"6ddb558d-ad9d-4c67-8fa5-b5208768cae7","GovernedChannelType":1,"NominationScheme":{"Type":0,"PercentageNumerator":100,"PercentageDenominator":100,"FallbackSurveyDurationSeconds":0,"NominationPeriod":{"Type":0,"IntervalSeconds":1296000},"CooldownPeriod":{"Type":0,"IntervalSeconds":5184000}},"SurveyTemplate":{"Type":2,"ActivationEvent":{"Type":1,"Sequence":[{"Type":0,"Activity":"Office.Word.Copilot.CopilotUsageCoachMTE","Count":2,"IsAggregate":true}]},"UxSchema":{"variables":{},"pages":[{"id":"0e19ac6f-d831-499c-9e83-a709e27784b6","displayName":"Survey Prompt","questions":[{"id":"promptSubText1","type":"Label","questionLabel":"We have just two questions.","required":false,"visible":true}],"title":"Help us improve Word Copilot.","isFinalPage":false},{"id":"050beaf0-2c8a-4234-b496-4df00c79a563","displayName":"Vertical Rating","questions":[{"id":"singleselect1","type":"SingleSelect","questionLabel":"Overall, how d
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (512)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):11970
                                                                                                                          Entropy (8bit):5.416120131770621
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:39A0EB35CD7799A181D34F4AE1DDB496
                                                                                                                          SHA1:E933CA8534BCB6AD79D240316CE23C8B870050D0
                                                                                                                          SHA-256:C8CEF105FCAF7CBF3F8682C861045505C24D41CF6686C20C1C03E14031A3DB69
                                                                                                                          SHA-512:0AE990F9B57B55C3A8025BBE13C98ECD8A40C38380F9E0EFEF2BE7B418642EB040E4C537E684D2FEF7E04113450CFD4DEFF3414310773177220209991BBF1643
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://vhg.lillki.top/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js
                                                                                                                          Preview:/*! ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------..This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise. .. * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain..Provided for Informational Purposes Only..Public Domain. .NO WARRANTY EXPRESSED OR IMPLIED. USE AT YOUR OWN RISK..----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------ */."object"!=typeof JSON&&(JSON={}),
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (4662)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):4694
                                                                                                                          Entropy (8bit):5.1806478625211065
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:3508E6BAB8250E9769107C3078044721
                                                                                                                          SHA1:723BF8B208422603B18EBA67EC5C06C9FFF5AAD7
                                                                                                                          SHA-256:60F803B0E5626719C4FD3E65912DBBDD0D6148B42C76BE4E964B9FFE79485753
                                                                                                                          SHA-512:ABAD4DF4DE9CCC9E141A5F0E3E1481C429CCDEBA6E2979C31853C907D287EA2C8D4ABDE84BF8392AD0C013687726FC6649554D19207343C5BE38ADDD66D3E59C
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/files/odsp-web-prod_2025-03-07.002/wacowlhostwebpack/14.js
                                                                                                                          Preview:"use strict";(self.odspNextWebpackJsonp=self.odspNextWebpackJsonp||[]).push([[14],{146:(e,t,n)=>{n.r(t),n.d(t,{getFirstCPUIdle:()=>s});var a=n(0);function i(){for(var e=[],t=0;t<arguments.length;t++)e[t]=arguments[t];r()&&console.log.apply(console,(0,a.__spreadArray)(["[fci]"],e,!1))}function r(){try{if("sessionStorage"in window&&window.sessionStorage){var e=window.sessionStorage.enableFCILogging;return e&&"true"===e.toLowerCase()&&"undefined"!=typeof console&&!!console}}catch(e){}return!1}var o=function(){function e(e){this._longTaskId=0,this._checkFCIRunId=0,this._isDisposed=!1;var t=e.requiredMainThreadCPUIdleDurationInMilliseconds,n=e.measurementStartTime;this._measureName=e.measureName||"FCI",this._measurementStartTime=n,this._requiredMainThreadCPUIdleDurationInMilliseconds=t,this._resultResolver={resolve:void 0,reject:void 0},this._fciPromise=void 0,this._longTasks=[],this._processLongTaskPreQueue(e.initialEntries),this._registerLongTaskObserver()}return e.prototype.measureFCI=fu
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):190152
                                                                                                                          Entropy (8bit):5.348678574819375
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:4877EFC88055D60953886EC55B04DE34
                                                                                                                          SHA1:2341B026A3E2A3B01AFA1A39D1706840D75E09B3
                                                                                                                          SHA-256:8405362EB8F09DF13AE244DE155B51B1577274673D9728B6C81CD0278A63C8B0
                                                                                                                          SHA-512:625844EDC37594D5C2F7622BD1B59278BF68ABB2FA22476C56826433C961C7B1924858A7588F8B6284D3C5AC8738ECB895EEC949DE18667A98C04A59CB03DAC0
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
                                                                                                                          Preview:(window.telemetry_webpackJsonp=window.telemetry_webpackJsonp||[]).push([[2],[,,,function(e,t,n){"use strict";n.r(t),n.d(t,"ValueKind",(function(){return r.e})),n.d(t,"EventLatency",(function(){return r.a})),n.d(t,"EventPersistence",(function(){return r.b})),n.d(t,"TraceLevel",(function(){return r.d})),n.d(t,"AppInsightsCore",(function(){return i.a})),n.d(t,"BaseCore",(function(){return d})),n.d(t,"_ExtendedInternalMessageId",(function(){return r.f})),n.d(t,"EventPropertyType",(function(){return r.c})),n.d(t,"ESPromise",(function(){return g})),n.d(t,"ESPromiseScheduler",(function(){return C})),n.d(t,"ValueSanitizer",(function(){return I})),n.d(t,"NotificationManager",(function(){return E.a})),n.d(t,"BaseTelemetryPlugin",(function(){return S.a})),n.d(t,"ProcessTelemetryContext",(function(){return N.a})),n.d(t,"MinChannelPriorty",(function(){return w.a})),n.d(t,"EventsDiscardedReason",(function(){return P.a})),n.d(t,"DiagnosticLogger",(function(){return c.a})),n.d(t,"LoggingSeverity",(fun
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (2224), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):2224
                                                                                                                          Entropy (8bit):5.029670917384203
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:96EC242EA2E25558F7EC13FA88D9D793
                                                                                                                          SHA1:B0BB7F6BD5206CC1FFB572CBD4A6AD2F88D42433
                                                                                                                          SHA-256:850C54CE960E710757379C19601C65C00CF7D485063115F34AA30AE193CCEA43
                                                                                                                          SHA-512:8C732012F96C7A9B4434F1BC27262A07080F05FCDF54E64B9CB4F37C20D3D8A85FAC2387C934798056D137B03F918D5CE4847C835CC013EDD4485686993D5F4F
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/versioned/officebrowserfeedback-latest/2.10.0/intl/en/officebrowserfeedbackstrings.js
                                                                                                                          Preview:OfficeBrowserFeedback.setUiStrings({FeedbackSubtitle:"Send Feedback to Microsoft",PrivacyStatement:"Privacy Statement",Form:{CommentPlaceholder:"Please do not include any confidential or personal information in your comment",CategoryPlaceholder:"Select a category (optional)",EmailPlaceholder:"Email (optional)",RatingLabel:"Rating",ScreenshotLabel:"Include screenshot",Submit:"Submit",Cancel:"Cancel",EmailCheckBoxLabel:"You can contact me about this feedback",PrivacyConsent:"IT admins for your organization will be able to view and manage your feedback data.",PrivacyLabel:"By pressing submit, your feedback will be used to improve Microsoft products and services. ",ScreenshotImgAltText:"Screenshot Preview"},SingleForm:{Title:"Please provide feedback"},SmileForm:{Anchor:"I like something",Title:"What did you like?"},FrownForm:{Anchor:"I don't like something",Title:"What did you not like?"},IdeaForm:{Anchor:"I have a suggestion",Title:"What do you suggest?"},BugForm:{Anchor:"File a bug",Titl
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (64616)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):455667
                                                                                                                          Entropy (8bit):5.446740368528785
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:1A33F545D71548A7FA0120BB9A0911D6
                                                                                                                          SHA1:326CBE6CBD333194D8B722A30B851868CFDAA5B5
                                                                                                                          SHA-256:ABB0B419F045CF857BF379D22C036F9298295930B86CDF19DE160C56A2195603
                                                                                                                          SHA-512:8C2C75BBDCB0A2866FB56FC28FD96A733BE36AEA9A3A20916E31396FC252BE193A74ADF89BCC4F0DD7B16618C5FEC200256283E7F6E48540C7C6759C6A774CA4
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_GjP1RdcVSKf6ASC7mgkR1g2.js
                                                                                                                          Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */!function(e){function n(n){for(var t,i,o=n[0],r=n[1],s=0,c=[];s<o.length;s++)
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:GIF image data, version 89a, 24 x 24
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):695
                                                                                                                          Entropy (8bit):5.696679956038459
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:648AD2F7EEA95A9B5491DCD2203B2F54
                                                                                                                          SHA1:5FFA99938410AEBAB10B32308F242437B9432B53
                                                                                                                          SHA-256:A3596C17DAD9A003D0BFBE0B7BA6765F51391B5C3943660316F01C8E77B323DB
                                                                                                                          SHA-512:F7984FFEAEC122EFCBE36218979BB4C35E27007CC091BA5A8829BA5088999A3F9F7A7D5E11D90A05904D58644EC0B4E5EE1D57C68DD5270B7F456A762D8D699A
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:GIF89a.............!..NETSCAPE2.0.....!.......,.................0.+......H.....V..!.......,............`..Q.!.......,............`..Q.!.......,............`..Q.!.......,............`..Q.!.......,............`..Q.!.......,............`..Q.!.......,..............z...cr...!.......,.................dp.,.....H.....;..!.......,..........2......dp.,...QP.Td......F.[...v..?y...."......!.......,..........0......dp.,...QP.Td..........gO:.......Q..!.......,..........*......dp.,...QP.Td..........g.|.}.)..!.......,..........&......dp.,...QP.Td............>..!.......,..........#......dp.,...QP.Td........L.6V..!.......,.................dp.,.....H.....;..;
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):444259
                                                                                                                          Entropy (8bit):5.602844918829999
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:7D52DB6595C8396988D8E637FCAF2542
                                                                                                                          SHA1:E4A5ABE9FE8F2953552FD9DBD3F608011B36072F
                                                                                                                          SHA-256:DD342D4B8E18A0459DAB5EE0C945FFA0EF284BA1656AEE372CA163621AE23BF7
                                                                                                                          SHA-512:FA0FA5B8CFBABDCF9804488F452ABCDFB1CA62BE469F1C0747E39E3C32A5F09B621DD21DFD84D3D8FED0FBE369EA95204FA45E315F0E949CBE7D78651775F6F8
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/dd342d4b8e18a045/appchrome.min.js
                                                                                                                          Preview:(globalThis.wordOnlineChunks=globalThis.wordOnlineChunks||[]).push([[7306],{30553:function(e,t,o){var n=o(99177),r=o(82665);"string"==typeof n&&(n=[[e.id,n]]);for(var i=0;i<n.length;i++)r.loadStyles(n[i][1],!1);n.locals&&(e.exports=n.locals)},99177:function(e,t,o){var n=o(14030),r=o(34047)(n);r.push([e.id,'svg>path.OfficeIconColors_m20 {\r\n fill: #FAFAFAFF;\r\n}\r\nsvg>path.OfficeIconColors_m21 {\r\n fill: #C8C6C4FF;\r\n}\r\nsvg>path.OfficeIconColors_m22 {\r\n fill: #3A3A38FF;\r\n}\r\nsvg>path.OfficeIconColors_m23 {\r\n fill: #797774FF;\r\n}\r\nsvg>path.OfficeIconColors_m24 {\r\n fill: #1E8BCDFF;\r\n}\r\nsvg>path.OfficeIconColors_m25 {\r\n fill: #0063B1FF;\r\n}\r\nsvg>path.OfficeIconColors_m26 {\r\n fill: #83BEECFF;\r\n}\r\nsvg>path.OfficeIconColors_m27 {\r\n fill: #379E4EFF;\r\n}\r\nsvg>path.OfficeIconColors_m28 {\r\n fill: #309048FF;\r\n}\r\nsvg>path.OfficeIconColors_m29 {\r\n fill: #A1DDAAFF;\r\n}\r\nsvg>path.OfficeIconColors_m210 {\r\n fill: #DE6C0
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (9768)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):491571
                                                                                                                          Entropy (8bit):5.5033518805763455
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:9A150C83C5DA2758B4E41BBE7AB7131A
                                                                                                                          SHA1:D605F68CD1B48B350C92DC00B27C56968F619855
                                                                                                                          SHA-256:0F93EA18A3B5E70AABF24EFA9EF696A849AD95F2C542D9D2E75A37A5D3BA931A
                                                                                                                          SHA-512:BB3375C20324CAC258390C3705845321DCDCA48A29EE73414E249AF943F73A26DEEA3B7DBFEFB90DE0BFE70FD03312CD133E7B14BC6906E3E55F28B8EBA26679
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/files/odsp-web-prod_2025-03-07.002/wacowlhostwebpack/wacowlhostwebpack.js
                                                                                                                          Preview:/*! For license information please see wacowlhostwebpack.js.LICENSE.txt */.(()=>{var e=document.currentScript;define("odsp-next/roots/WacOwlHost",["odsp.react.lib"],()=>{var t;return(()=>{"use strict";var n=[(e,t,n)=>{n.r(t),n.d(t,{__assign:()=>r,__asyncDelegator:()=>S,__asyncGenerator:()=>y,__asyncValues:()=>D,__await:()=>v,__awaiter:()=>l,__classPrivateFieldGet:()=>w,__classPrivateFieldSet:()=>E,__createBinding:()=>f,__decorate:()=>s,__exportStar:()=>p,__extends:()=>i,__generator:()=>u,__importDefault:()=>O,__importStar:()=>C,__makeTemplateObject:()=>I,__metadata:()=>d,__param:()=>c,__read:()=>_,__rest:()=>o,__spread:()=>h,__spreadArray:()=>g,__spreadArrays:()=>b,__values:()=>m});var a=function(e,t){return a=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},a(e,t)};function i(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):216020
                                                                                                                          Entropy (8bit):5.214140186584546
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:CF26BBC2FDF6C7DCA90FCC26C6403217
                                                                                                                          SHA1:864D3C9832CD1CA8A50D9FE6C0068E04707761D8
                                                                                                                          SHA-256:EC20174E1F51ED731F5350CC65D7C3C83D7571D8098C291D260C439CC79D778C
                                                                                                                          SHA-512:2E4FED10C71312B929C885A5BB69D3C50FD3C63B0293A4D38F159659C934D4EA9A5B2F93F5804B26212FE90FA17B6B300F144FD023DEC41DE3E4E732145FC705
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/ec20174e1f51ed73/wordviewer.min.css
                                                                                                                          Preview:.headBrand{cursor:default;font-family:SegoeUI-SemiLight-final,Segoe UI SemiLight,Segoe UI WPC Semilight,Segoe UI,Segoe,Tahoma,Helvetica,Arial,sans-serif;font-size:22px;line-height:48px;margin-left:20px;margin-right:20px}.cui-topBar1-transistionalHeaderUI .headBrand{display:inline-block;font-family:inherit;font-family:Segoe UI,Segoe UI Web,Arial,Verdana,sans-serif;font-size:17px;height:24px!important;line-height:normal!important;margin-left:17px;margin-right:17px;padding-bottom:12px;padding-top:12px;width:auto!important}.cui-topBar1-transitionalReactHeaderUI .headBrand{display:inline-block;font-family:Segoe UI,"Segoe UI Web (West European)",-apple-system,BlinkMacSystemFont,Roboto,Helvetica Neue,sans-serif;font-size:16px;font-weight:600;line-height:48px!important;padding:0 6px;width:auto!important}@font-face{font-family:Segoe UI Web Light;font-style:normal;font-weight:400;src:local("Segoe UI Light"),url(segoeuil.woff) format("woff"),url(segoeuil.eot) format("embedded-opentype"),url(segoe
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):126733
                                                                                                                          Entropy (8bit):5.304212072235981
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:C2B667FBEFF6336DA2E747BF2F788F18
                                                                                                                          SHA1:63BB4104688FF75E227E142BB6EF7B2BA33EF3D5
                                                                                                                          SHA-256:7555C33169FC111CF165D3D73693254F75FB2CFACBFF57990BF32AA882D0FF3A
                                                                                                                          SHA-512:C5E22D97242C846A5819FAB8247F5342BBEFA8318E95EC0FF6B405DA11DC58382CA8ED5DEF05AD5F96932D598AE53077644365C7F6F899AC7861B08CBEA4AF70
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/7555c33169fc111c/microsoftajaxds.js
                                                                                                                          Preview:(function(){function getAugmentedNamespace(e){if(e.__esModule)return e;var t=e.default;if("function"==typeof t){var r=function e(){if(this instanceof e){var r=[null];return r.push.apply(r,arguments),new(Function.bind.apply(t,r))}return t.apply(this,arguments)};r.prototype=t.prototype}else r={};return Object.defineProperty(r,"__esModule",{value:!0}),Object.keys(e).forEach((function(t){var n=Object.getOwnPropertyDescriptor(e,t);Object.defineProperty(r,t,n.get?n:{enumerable:!0,get:function(){return e[t]}})})),r}var lib={},extendStatics=function(e,t){return extendStatics=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var r in t)Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r])},extendStatics(e,t)};function __extends(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function r(){this.constructor=e}extendStatics(e,t),e.prototype=null===t?Object.create(t):(r.
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65443)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):740809
                                                                                                                          Entropy (8bit):5.520286431771011
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:70351ADEA310DDF9A747BA02C36D904A
                                                                                                                          SHA1:6B0D4FCA92359A5ABE206F2B42F6D25C3A1ABE2E
                                                                                                                          SHA-256:5CA5B2C08613AECED724A7AEF28EBE35D93340D7E2500968922148FE56083DEF
                                                                                                                          SHA-512:603105D9573C748ADC37BCF4D3AB341BC1DDECC7AAF33EE6EEE3CF73DEF44CA0137938135FA63B780DCB025BA8589BE1BBC6D6B29270467D6122913ABA9476DA
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/versioned/officebrowserfeedback-latest/2.10.0/scripts/officebrowserfeedback_floodgate.min.js
                                                                                                                          Preview:/*! For license information please see officebrowserfeedback_floodgate.min.js.LICENSE.txt */.!function(e){var t={};function A(n){if(t[n])return t[n].exports;var r=t[n]={i:n,l:!1,exports:{}};return e[n].call(r.exports,r,r.exports,A),r.l=!0,r.exports}A.m=e,A.c=t,A.d=function(e,t,n){A.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:n})},A.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},A.t=function(e,t){if(1&t&&(e=A(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(A.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var r in e)A.d(n,r,function(t){return e[t]}.bind(null,r));return n},A.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return A.d(t,"a",t),t},A.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},A.p="",A(A.s=
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (45797)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):406986
                                                                                                                          Entropy (8bit):5.31738212037311
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:64C6CD48E8E3A88A35182C5EEBB90E88
                                                                                                                          SHA1:5F14EF3E01DA258408717D5D5B40C1B78D68F2E6
                                                                                                                          SHA-256:90D8A6120F8C463CCAB8D9956D6BF089FB420FFF3CC29FECB8DF95696DFA9B51
                                                                                                                          SHA-512:0F21F8D9AC4480259AC0ECEF63B2A8D6466A84897C9E9DFAEFCDEEAA6DF061E147E9AF8D028CC97641E40FB0ABAA1C5F2C369200A775CF45072AC1AFFFD54D45
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_72a1051aa2aa2943d8c1.js
                                                                                                                          Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */.(window.webpackJsonp=window.webpackJsonp||[]).push([[8],Array(542).concat([f
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:JSON data
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):4194
                                                                                                                          Entropy (8bit):4.51149523592057
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:088E348865026AEB08AA27DC350EE735
                                                                                                                          SHA1:A71FB717AFA3FCC6B03157335CE9B64E333E41C0
                                                                                                                          SHA-256:1A6202963B57FEAE2C927A13EB33D51233F73E8BBBFC94B34BCB3B7BE6C53C44
                                                                                                                          SHA-512:411C619A28BEBEEF479CD25CC755DEA3886D1C606F6A45F39277323C7DF9440080BDD2C1DA42C18FDB2B766663F86B2B3E5DBB18DF50490B82AED46120F2F50B
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://word-view.officeapps.live.com/wv/AppSettingsHandler.ashx?app=Word&usid=97bd0300-a334-1f54-7d50-391cfbd39df0&build=20250317.2
                                                                                                                          Preview:{"timestamp":1742480556794,"BootstrapperUlsHeartBeatIsEnabled":false,"EnableCommonHostDiagnosticsParams":true,"ShouldLogJsApiKpisForWord":true,"EnableFramePageErrorReportingForWord":false,"EnableWordSessionRefreshTelemetry":true,"EnableWordSessionRefreshLoggingCleanup":false,"BootstrapperSettingsFetchPeriod":60000,"BootstrapperUlsHeartbeatIntervalMs":5000,"BootstrapperMaxUlsHeartbeatTime":600000,"BootstrapperNoCompleteWarning1Time":30000,"BootstrapperNoCompleteWarning2Time":120000,"BootstrapperNoCompleteWarning3Time":180000,"BootstrapperUlsUploadCadenceMs":60000,"WordRefreshTelemetryExpirationInDays":7,"RequestedCallThrottlingDefaultToViewMinimumValue":"Major","RemoteUlsETag":"3446F01DD18F16CB80609621A6A1DCA89020D1DE","RemoteUlsSuppressions":"378069,1671813,2208151,2209344,3249545,3290144,4273285,4285850,4298965,4298968,4298969,4751696,5018275,5306497,5904476,6375195,6572226,6948167,7463498,8194017,8458642,16799123,17044289,17085210,17085216,17162522,17358857,17387682,19214611,19243470
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65466)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):3008647
                                                                                                                          Entropy (8bit):5.525066703664059
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:DF7E07A8A146819FDEB1AFDBCBDE183C
                                                                                                                          SHA1:B09B43301B7AADC1344C81D086F8C079DC568FDB
                                                                                                                          SHA-256:50CC48FF964FE0A95C1026F7208AD80639D34D3A2A3C0372433408B4DBD9701D
                                                                                                                          SHA-512:DB37EC811C6D610D1A5446BB67720BD6C71C75F2DC92ADC5D236F2C55149562EA0B89840453C609C83E293BFD1DB1AFE8C1366428DB9548279D580364A85409A
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/50cc48ff964fe0a9/common50.min.js
                                                                                                                          Preview:/*! For license information please see common50.min.js.LICENSE.txt */.function _check_private_redeclaration(e,t){if(t.has(e))throw new TypeError("Cannot initialize the same private elements twice on an object")}function _class_apply_descriptor_get(e,t){return t.get?t.get.call(e):t.value}function _class_apply_descriptor_set(e,t,n){if(t.set)t.set.call(e,n);else{if(!t.writable)throw new TypeError("attempted to set read only private field");t.value=n}}function _class_apply_descriptor_update(e,t){if(t.set){if(!t.get)throw new TypeError("attempted to read set only private field");return"__destrWrapper"in t||(t.__destrWrapper={set value(n){t.set.call(e,n)},get value(){return t.get.call(e)}}),t.__destrWrapper}if(!t.writable)throw new TypeError("attempted to set read only private field");return t}function _class_check_private_static_field_descriptor(e,t){if(void 0===e)throw new TypeError("attempted to "+t+" private static field before its declaration")}function _class_extract_field_descriptor(e
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):28
                                                                                                                          Entropy (8bit):4.307354922057605
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:9F9FA94F28FE0DE82BC8FD039A7BDB24
                                                                                                                          SHA1:6FE91F82974BD5B101782941064BCB2AFDEB17D8
                                                                                                                          SHA-256:9A37FDC0DBA8B23EB7D3AA9473D59A45B3547CF060D68B4D52253EE0DA1AF92E
                                                                                                                          SHA-512:34946EF12CE635F3445ED7B945CF2C272EF7DD9482DA6B1A49C9D09A6C9E111B19B130A3EEBE5AC0CCD394C523B54DD7EB9BF052168979A9E37E7DB174433F64
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIgCd1iEPt0nEM-EgUN0VtRUhIFDVd69_0hoTh3WNoIPPY=?alt=proto
                                                                                                                          Preview:ChIKBw3RW1FSGgAKBw1Xevf9GgA=
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):32
                                                                                                                          Entropy (8bit):4.538909765557392
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:02E09E0B67788FB0F3EE4E626F67DF31
                                                                                                                          SHA1:B28C7FC16A832FC23A192A5105EBE6BDA0A30A87
                                                                                                                          SHA-256:D75F68A60DC7248E830D13CD6176D43E6BA2A84D89B5BF665D4F239E3BA7D7BD
                                                                                                                          SHA-512:323895DEFC5D2646D2680A1BDE3D6F39DBE66B94963E33C9B63162B0979CBBE886A5B45BE0F5E57C8A0FF3A83B5B1AB2FD5C0A3662CF1D58940CB0DACDC266DD
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCQGU8Cxfxt--EgUNO_nNgSEesMbCg5qBXRIZCf9KFXujw2y9EgUNO_nNgSEesMbCg5qBXQ==?alt=proto
                                                                                                                          Preview:CgkKBw07+c2BGgAKCQoHDTv5zYEaAA==
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (30301)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):106053
                                                                                                                          Entropy (8bit):5.390879864953868
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:F414F907C14F2C9C25A3EB364052DA61
                                                                                                                          SHA1:A19E8B82EB7A1F62FAD1527C1FB041EE307D6500
                                                                                                                          SHA-256:12BFC340A249C168FC13DD749584D1316A5C174AD9AABE79ABDE4BFA9A3AEA70
                                                                                                                          SHA-512:AD94A348675AC6D49B6E7929067D7BEEC3AE69506951B2F3FA3A45FCFE3209424776B08DEB3594C696E3279265BD9F027132D3CB1FC0597431376348F1079120
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/versioned/suiteux-shell/7.1.7/js/suiteux.shell.otellogging.js
                                                                                                                          Preview:var shellPerformance=window.performance,HighResolutionTimingSupported=!!shellPerformance&&"function"==typeof shellPerformance.mark;HighResolutionTimingSupported&&shellPerformance.mark("shell_otellogging_start"),(self["suiteux_shell_webpackJsonp_suiteux-main"]=self["suiteux_shell_webpackJsonp_suiteux-main"]||[]).push([["otellogging"],{57679:function(n,t,e){var r=e(92855),i=e(41230),o=e(53810),u=e(71399),a=e(53350),c=e(36141),s=e(32590),f=e(46800),l=e(78035),d=function(n){function t(){var e=n.call(this)||this;return e.pluginVersionStringArr=[],(0,i.A)(t,e,(function(n,t){n.logger&&n.logger.queue||(n.logger=new o.wq({loggingLevelConsole:1})),n.initialize=function(e,r,i,s){(0,u.r2)(n,(function(){return"AppInsightsCore.initialize"}),(function(){var u=n.pluginVersionStringArr;if(e){e.endpointUrl||(e.endpointUrl=f.S);var l=e.propertyStorageOverride;!l||l.getProperty&&l.setProperty||(0,a.$8)("Invalid property storage override passed."),e.channels&&(0,a.Iu)(e.channels,(function(n){n&&(0,a.Iu)(n,
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):11
                                                                                                                          Entropy (8bit):3.2776134368191165
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:825644F747BAAB2C00E420DBBC39E4B3
                                                                                                                          SHA1:10588307553E766AB3C7D328D948DC6754893CEF
                                                                                                                          SHA-256:7C41B898C5DA0CFA4AA049B65EF50248BCE9A72D24BEF4C723786431921B75AA
                                                                                                                          SHA-512:BFE6E8DF36C78CBFD17BA9270C86860EE9B051B82594FB8F34A0ADF6A14E1596D2A9DCDC7EB6857101E1502AFF6FF515A36E8BA6C80DA327BC11831624A5DAEA
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:Bad Request
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (5809)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):5867
                                                                                                                          Entropy (8bit):5.263765420286969
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:220B62BEAF63371B7CB228874CEE9E99
                                                                                                                          SHA1:7DC830749CADF7F870A47CA16D3F97E2A7F8D113
                                                                                                                          SHA-256:EB37DF6673B8DDF6693E216A6B95EF50C4017122CBE9542B4BA21247C626E4CD
                                                                                                                          SHA-512:0CC82A771B49C6D76D058DE02A42B8D95480E5FE4F784981771E04CCEC9CB1204BECA175622B878A846ED8D202F315E19A1413DB41C81075779FE483085B0F49
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/eb37df6673b8ddf6/healthsmalloffline.worker.min.js
                                                                                                                          Preview:var healthSmallOffline_worker;!function(){"use strict";var e,t,s,o,r;!function(e){e[e.BSqmError=0]="BSqmError",e[e.Kpi=1]="Kpi",e[e.QosError=2]="QosError",e[e.QosPillar=3]="QosPillar",e[e.DiagnosticLog=4]="DiagnosticLog",e[e.OfflineWorkerInit=5]="OfflineWorkerInit",e[e.OfflineWorkerFlush=6]="OfflineWorkerFlush",e[e.OfflineWorkerFailedUpload=7]="OfflineWorkerFailedUpload"}(e||(e={})),function(e){e.HealthDimensions="d",e.PartCDimensions="a",e.BSqmErrors="b",e.QosErrors="e",e.Heartbeat="h",e.QosPillars="q",e.Kpis="k",e.DiagnosticLogs="l",e.ClientSendTime="t"}(t||(t={})),function(e){e[e.AttemptToUseFunctionalityBeforeIitialization=0]="AttemptToUseFunctionalityBeforeIitialization",e[e.WorkerApiIsNotAvailable=1]="WorkerApiIsNotAvailable",e[e.InvalidWorkerUrl=2]="InvalidWorkerUrl",e[e.InstallingOfflineWorker=3]="InstallingOfflineWorker",e[e.OfflineWorkerMessage=4]="OfflineWorkerMessage",e[e.FailedToProcessMessageFromOfflineWorker=5]="FailedToProcessMessageFromOfflineWorker",e[e.FailedToInstal
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65459)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):710780
                                                                                                                          Entropy (8bit):5.60047639432053
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:35FF455570424A5696E073E04037FFB3
                                                                                                                          SHA1:EACE8F60F065952E81B53AC5717921A744EE8625
                                                                                                                          SHA-256:77761EB751DAEF3577FE9AE48C1601C6D49096B5E2F6D04C8CA744AE6880415C
                                                                                                                          SHA-512:6E1E9078BC28F979DBB840CE60B525B3BACEC379385EAB872D001197C125E724BD9EE0E25839A153AE28A5B0C245A46DC4A0A8FD8FF3D2F77EEB93188866F69C
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/77761eb751daef35/copilotcommonux.min.js
                                                                                                                          Preview:/*! For license information please see copilotCommonUx.min.js.LICENSE.txt */.(globalThis.wordOnlineChunks=globalThis.wordOnlineChunks||[]).push([[75685],{35349:function(e,t,r){"use strict";r.d(t,{A:function(){return B}});var n,o,a,i,c,l,u,s,f,d,h,p,v,g,m,b,y,w=r(14664),k=r(88672);function x(){return x=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var r=arguments[t];for(var n in r)Object.prototype.hasOwnProperty.call(r,n)&&(e[n]=r[n])}return e},x.apply(this,arguments)}const B=function(e){const t=(0,w.DG)(),r=(0,w.DG)(),B=(0,w.DG)(),z=(0,w.DG)(),j=(0,w.DG)(),C=(0,w.DG)();return k.createElement("svg",x({width:16,height:16,fill:"none",xmlns:"http://www.w3.org/2000/svg",display:"block"},e),k.createElement("path",{d:"M11.67 1.99c-.201-.592-.757-.99-1.381-.99h-.901c-.701 0-1.303.499-1.433 1.188l-.931 4.945.463-1.584a1.458 1.458 0 011.4-1.049h2.878l1.245 1.629L14.118 4.5h-.553c-.624 0-1.18-.398-1.38-.99l-.516-1.52z",fill:`url(#${C})`}),k.createElement("path
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:JSON data
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):1217
                                                                                                                          Entropy (8bit):5.889955509316496
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:21D6E57185C5C2A5792E369997385615
                                                                                                                          SHA1:4E9486C8D3706E3BA98A815EA9074AF242F5D568
                                                                                                                          SHA-256:FA7551823B1958059598610E042100D8D7E20351876659AE682A9BEB67B60CD1
                                                                                                                          SHA-512:0BC02CEE7D4B4D84A1C646182882D0D0E6193C23A74526138B2F3E54157CF7B897F633F9DC472B2E80DEF9D6A729DA81D4542FCF52CC88D1C2A849ADF92A3933
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://wise-m.public.cdn.office.net/wise-m/owl/5mttl/production/1/manifest.json
                                                                                                                          Preview:{"clientVersion":"20250317.2","files":{"owl.js":["owl.3e038441fedc18b6dd03.js","sha384-1tDQAFrslg0SiJ3qGWEBxpTzTaC+9nfeuJlqZVc8H485dvcssF4QOvmd0HH28NzB"],"owl.slim.js":["owl.slim.ab837f2adcf05cbb8e21.js","sha384-x/3D0VlPt7dPTqyq6SCVg4JHtRTxayGTMbJ9r8wIwy/o6935SOMSH5Gwkg36E4FF"],"owlnest.js":["owlnest.7d8c05dd060f898beeb4.js","sha384-QnSAOJJtyYUuTFpFK5BsLI/CJlPuiV95LizHgVTuMeMybMY8pE1UZRq3LbvisQxg"],"sharedauthclientmsal.js":["sharedauthclientmsal.cba681cd5e09f5e9220a.js","sha384-tPP/bDoj1T6P4toL09pwAhX/Ua+UApWtc9cb3F6OwHlsNw+twwdWtBWErwmmhY6y"],"word.boot.js":["word.boot.bc7ae34cd450e5c92a6d.js","sha384-r4EL2u/EycHS5UVLe05IHgbOGiFAgfQK/AcrYIl/AH6erMdYfrSyu0SdOpmag5OL"],"onenote-boot.js":["onenote-boot.4cd6acc29a3780b31c8a.js","sha384-jsiF5OtaNZdK74MvijspgE7nww4NJGVJ20KIklFIFtK3etpGOo0WDvGu1gmhXQn0"],"visio.boot.js":["visio.boot.ecbc6c377ba30a4072f7.js","sha384-HwSQUTYQEl5zoTRRX3WrblgWt0lKN+F3uzd2Qy/sky9BDu6NDZkh+ki2BLTN+gSG"],"excel-boot.js":["excel-boot.a7ca8fdf9437414566b1.js","sha38
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (65418), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):930581
                                                                                                                          Entropy (8bit):5.408770783709121
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:4A766F702FEA50797EDA088950EA9491
                                                                                                                          SHA1:16493184F9C37C44B84F9FF260EC064C40857FF3
                                                                                                                          SHA-256:4E0149F448241528D37D31B811E37BF10AB59B3EADC7C7DBE2560EDB0840E046
                                                                                                                          SHA-512:62D5AABD2087383995CB7EBEA2D6500BA13224D979E6301CDCA68B394C0D1D246965276A84E1ADED586CBC304CF8B654313516351F8268E1DB87D1F1B73187E3
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/4e0149f448241528/wordviewerds.dll1.js
                                                                                                                          Preview:"use strict";(globalThis.dullscriptWebpackJsonp=globalThis.dullscriptWebpackJsonp||[]).push([[1],{3189:function(e,t,i){i.d(t,{a:function(){return p}});var a=i(100),n=i(2280),s=i(9258),r=i(7128),o=i(3245),l=i(3116),c=i(6734);class d{get left(){return this._box.left}set left(e){this._box.left=e}get top(){return this._box.top}set top(e){this._box.top=e}get width(){return this._box.width}set width(e){this._box.width=e}get height(){return this._box.height}set height(e){this._box.height=e}get box(){return this._box}set box(e){this._box=e}get style(){return this._style}set style(e){this._style=e}get id(){return this._id}set id(e){this._id=e}get page(){return this._page}set page(e){this._page=e}get domElem(){return this._domElem}set domElem(e){this._domElem=e}addStyle(e){switch(this._style=e,e){case 1:Sys.UI.DomElement.addCssClass(this._domElem,"CommonHighlight WACHighlight");break;case 2:Sys.UI.DomElement.addCssClass(this._domElem,"WACActiveHighlight");break;case 3:Sys.UI.DomElement.addCssCla
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):718771
                                                                                                                          Entropy (8bit):5.457841164053342
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:13E6D6EE9BDC05C40FEF2BE8C14AC767
                                                                                                                          SHA1:BA17FFD1A49243952E9992F586F26A9A0622C91C
                                                                                                                          SHA-256:9378D39DFF02614F805F45D8A168306B06CD139A3C1D088DCD940B2B4677320A
                                                                                                                          SHA-512:1690F59A95EB1AF0261BA0C9EAEF54C85AF4E36E2C2B8DD12124DB1EF529E16FE51B14AB2C02038951D5FADF4D9702609756D380CD1871A83A1CF5112CA6CF1E
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/9378d39dff02614f/appchromelazy.min.js
                                                                                                                          Preview:(globalThis.wordOnlineChunks=globalThis.wordOnlineChunks||[]).push([[58868],{68209:function(){var e=window.performance,t=!!e&&"function"==typeof e.mark;t&&e.mark("shell_bootstrapper_start"),function(){var e,t,n,o,r={6467:function(e){e.exports="data:font/woff;charset=utf-8;base64,d09GRgABAAAAAAmoAA4AAAAAExwAA5R8AAAAAAAAAAAAAAAAAAAAAAAAAABPUy8yAAABRAAAAEgAAABgMWd7ZGNtYXAAAAGMAAAAPQAAAVLnkt3NY3Z0IAAAAcwAAAAgAAAAKgnZCa9mcGdtAAAB7AAAAPAAAAFZ/J7mjmdhc3AAAALcAAAADAAAAAwACAAbZ2x5ZgAAAugAAAGhAAADZMkacS9oZWFkAAAEjAAAADIAAAA2AQjyc2hoZWEAAATAAAAAFQAAACQQAQgDaG10eAAABNgAAAAMAAAADA0qASZsb2NhAAAE5AAAAAoAAAAKAiQA2G1heHAAAATwAAAAHQAAACAAIgIObmFtZQAABRAAAAP4AAAJ+pGb8VNwb3N0AAAJCAAAABQAAAAg/1EAe3ByZXAAAAkcAAAAiQAAANN4vfIOeJxjYGH3YpzAwMrAwDqL1ZiBgVEaQjNfZEhjEuJgZeViZGIEAwYgEGBAAN9gBQUGh+eKXx5wgPkQkgGsjgXCU2BgAADOIQhyeJxjYGBgZoBgGQZGBhDwAfIYwXwWBgMgzQGETAwMzxWfV3958P8/giXxUKKNWxmqCwwY2RhGPAAA9FQPGwAAAHicY9BiCGUoYGhgWMXIwNjA7MB4gMEBiwgQAACqHAeVeJxdj79Ow0AMxnMktIQnQDohnXUqQ5WInemGSyTUJSUM56WA1Eqk74CUhcUDz+Ju
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (58562)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):264504
                                                                                                                          Entropy (8bit):5.329441333772612
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:B7F64D07D58817B62F1FC126F423A9D0
                                                                                                                          SHA1:D17F123F37DA8F66355863C9588D1EFA675F9959
                                                                                                                          SHA-256:C99628041CD04CCFA7904E8E1B5672C2A0DFEC5172CC99B2BFE6CB6890E8C73B
                                                                                                                          SHA-512:F681029E91EFCA9506DDFCAB40DD379AECA0450E091423A16B43B18A11CECFE7E99C9589AB2DAB73D8E8DD403C30DDEBBB85CAECC0CC0DFC76AEF16FE25FC78C
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/files/odsp-web-prod_2025-03-07.002/wacowlhostwebpack/17.js
                                                                                                                          Preview:/*! For license information please see 17.js.LICENSE.txt */.(self.odspNextWebpackJsonp=self.odspNextWebpackJsonp||[]).push([[17],{728:(e,t,n)=>{"use strict";var a;n.d(t,{a:()=>a,b:()=>i}),function(e){e[e.CRITICAL=1]="CRITICAL",e[e.WARNING=2]="WARNING"}(a||(a={}));var i={BrowserDoesNotSupportLocalStorage:0,BrowserCannotReadLocalStorage:1,BrowserCannotReadSessionStorage:2,BrowserCannotWriteLocalStorage:3,BrowserCannotWriteSessionStorage:4,BrowserFailedRemovalFromLocalStorage:5,BrowserFailedRemovalFromSessionStorage:6,CannotSendEmptyTelemetry:7,ClientPerformanceMathError:8,ErrorParsingAISessionCookie:9,ErrorPVCalc:10,ExceptionWhileLoggingError:11,FailedAddingTelemetryToBuffer:12,FailedMonitorAjaxAbort:13,FailedMonitorAjaxDur:14,FailedMonitorAjaxOpen:15,FailedMonitorAjaxRSC:16,FailedMonitorAjaxSend:17,FailedMonitorAjaxGetCorrelationHeader:18,FailedToAddHandlerForOnBeforeUnload:19,FailedToSendQueuedTelemetry:20,FailedToReportDataLoss:21,FlushFailed:22,MessageLimitPerPVExceeded:23,MissingReq
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:JSON data
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):776
                                                                                                                          Entropy (8bit):5.828678676431513
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:B53CD2F82B8736B996D53E9F3E2B1106
                                                                                                                          SHA1:0DAD0035B92617C5C8C3471D71F3596B6AF78DCF
                                                                                                                          SHA-256:F85892F307794B86A15C468585D6AEA7D85FA07DC6A78A317A24648F44A96952
                                                                                                                          SHA-512:DF80A40FCD5579A497344F9EA21BCCF9A3E045B0E86EB96101F79F8F1D808C8B7CA5FC8FB6F9F564B94439D4480F54A0D401400DCD6FF6ED69AC746C545E220F
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:{"features":{"enc_get_req":true},"c":{"type":"hsw","req":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmIjowLCJzIjoyLCJ0IjoidyIsImQiOiJHTHdWZ1NTbjZsZ0JEZ1krR09UQUsyVURzZlhuVmx1ZE80UDlQWVlxS2NvV2VaLzJSNng5YlNhaDg1OTh5UDZEVnFxMUF5NWJDT3N4OVJRVCt4TVRWM0JlTkk3cTBsYTVza1Jnd1JaRUx5RGdBMzR6SExQdTRWQ0JBRml0MnNPdzY1N3dRNXBWM20yOVFnQ29JTzA2Z3VQcnM3dkhtTlZ2VSt2SmJxRDBxdDNhUXpGdmlGb0ZaQXFxbTJoM25PZHlEd3JITUtGdHRzRWVqc05xZzBYM09jVG04enM0eXdmVWtDMDZkT3AxOFdGdGdDU2lEU3EzZ3pRM1VpYmdHYzg9MGFNcXBrcFY2d0FwaEN6ZyIsImwiOiIvYy81ZmVmNzU5ZTM0YTk1NWRkNTZjZWRkZDgwNWU2YTg3ZDNmN2Q4NTRjOGM2OTViZjc5N2Q0MzMzMWJlYmZlZTNmIiwiaSI6InNoYTI1Ni1mN3F3MHJDZ2srT25lQVl5RGhmVUljSllYdVVudmUyUWw4WCtDNm1zZ0NrPSIsImUiOjE3NDI0ODIzNTAsIm4iOiJoc3ciLCJjIjoxMDAwfQ.gff16LyqQbtjDgLM_8DOo5uPv5A0bTJMZjz95G4B33k"},"pass":true}
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):7886
                                                                                                                          Entropy (8bit):4.017181282010039
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:760F69985C44556F90D31CDB278286BE
                                                                                                                          SHA1:98632D39E3CA24FDD974AC98BF187963A065CE8A
                                                                                                                          SHA-256:4FBD8CC4075E1795215327AF5E43E8CA3339677802700D19AEFC57BA1713A12D
                                                                                                                          SHA-512:8A36D389ED4D868ECB3CE6AC282FCCF8C3FA4D969D1475B350ADE63BD56D33B8004BF0B89B2D9CD4831D3B1F11DC6CE1F4F3F526F5D99B235D458BB4BD910759
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/wv/s/h4FBD8CC4075E1795_resources/1033/FavIcon_Word.ico
                                                                                                                          Preview:...... .... .....6......... ............... .h...f...(... ...@..... ..........................................................................................................................................................................................................................................................................................................................?..?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...................................?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...................................?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?..................................t2..t2..t2..t2..t2..t2..t2..t2..y4...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?..................................h...h...h...h...h...h...h...h...h....:...?...?...?...?...?...?...?...?...?...?...?...?...?...?............
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:HTML document, ASCII text, with CRLF line terminators
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):1208
                                                                                                                          Entropy (8bit):5.4647615085670616
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:D29FA9F2AB3A72F2608E8E82C8C3D1C6
                                                                                                                          SHA1:8B21CC06752837B4B6B8FEF8D54F50EB2C7CCA8F
                                                                                                                          SHA-256:E1B0A10649C4B92F828523EFC2EBE135EA9488179A2816888D1E84F786202DBF
                                                                                                                          SHA-512:824A207E3F5AF4934B7B50FE5E3F8585FAECA571C3C39E510C06DC8FBDF3E64B07811CAAE06239936BDDDDFA4C90E534F03C0DA8147AF9294042DEA6B0FBCB94
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns="http://www.w3.org/1999/xhtml">..<head>..<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>..<title>500 - Internal server error.</title>..<style type="text/css">.. ..body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}..fieldset{padding:0 15px 10px 15px;} ..h1{font-size:2.4em;margin:0;color:#FFF;}..h2{font-size:1.7em;margin:0;color:#CC0000;} ..h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} ..#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;..background-color:#555555;}..#content{margin:0 0 0 2%;position:relative;}...content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}..-->..</style>..</head>..<body>..<div id="header"><h1>Server Error</h1></div>..<div id="content">.. <div class="content-
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (60714)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):2853435
                                                                                                                          Entropy (8bit):5.369597427913522
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:EA12C5B91D9B03401C5A886216F8E12B
                                                                                                                          SHA1:8301D74B213C48424E31D43D5F7A1AC1BDA586E7
                                                                                                                          SHA-256:85D1A6AD6678E89BD81CFE71EE58163DF518BB4716409DC8E02B997040DADFC5
                                                                                                                          SHA-512:351060CEDBF2B85CD41132E52E8737947DE95E4D6F6700B8BCCB76F0593A16C5CBC7F0C9BAC075784D5FD1D2FA2AE4F34F5E89D11DB56F75818CF026AD374E4F
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/85d1a6ad6678e89b/wordviewerds.js
                                                                                                                          Preview:try{var _globalThis,_dullscriptWebpackJsonp;(_globalThis=globalThis)[_dullscriptWebpackJsonp="dullscriptWebpackJsonp"]||(_globalThis[_dullscriptWebpackJsonp]=[]),globalThis.qwtManifest_WordViewerDS={...globalThis.qwtManifest_WordViewerDS,0:"WordViewerDS.js",1:"WordViewerDS.dll1.js",2:"WordViewerDS.immersive-reader-sdk.js",3:"WordViewerDS.objectmodel.js",4:"WordViewerDS.prefetch.js"},globalThis.dullscriptWebpackJsonp.push=function(e){return function(...t){const n=e.apply(this,t),a=t[0]?.[0]?.[0],i=a&&globalThis.qwtManifest_WordViewerDS[a];return i&&window.dispatchEvent(new CustomEvent("qwt_onChunkLoaded",{detail:{fileName:i}})),n}}(globalThis.dullscriptWebpackJsonp.push)}catch(e){console.error("QuietWindowTrackingPlugin injection failed:",e)}(function(){var __webpack_modules__={9457:function(e,t,n){"use strict";function a(e,t,n){return s(e,1,t,n)}function i(e,t,n){return s(e,2,t,n)}function o(e,t,n){return s(e,3,t,n)}function r(e,t,n){return s(e,0,t,n)}function s(e,t,n,a){return{name:e,
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (41492)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):208098
                                                                                                                          Entropy (8bit):5.592940960724072
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:CA6C05BA10F2ACF1F6123DFF8F1CE8A4
                                                                                                                          SHA1:74746919920EF2C2CFFCA78557ACC185144E9B0F
                                                                                                                          SHA-256:EAC917FF3A4EDBD0D95C72D85F7539A2DC2A8D67C23D5C42904FAB6B76BEDC86
                                                                                                                          SHA-512:0D987898A3B816F6473E992ABA375D5226365BE5C5BC04CF0AFE834BFF2367F26DEBAC707C57654EE87602840BC4B41FFD0363B3F3BEE38AEED1797FA48BBC52
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://js.hcaptcha.com/1/api.js
                                                                                                                          Preview:/* { "version": "1", "hash": "MEUCICqlA3TEM45lf4vUHPxenfVM2Bhvxe6VzqHYgzfrPioyAiEAjI1zQTwuJrBuhJvxijCoVI2gtrvPj5Tnl1N47rM+lcI=" } */./* https://hcaptcha.com/license */.!function(){"use strict";function e(e){var t=this.constructor;return this.then((function(n){return t.resolve(e()).then((function(){return n}))}),(function(n){return t.resolve(e()).then((function(){return t.reject(n)}))}))}function t(e){return new this((function(t,n){if(!e||"undefined"==typeof e.length)return n(new TypeError(typeof e+" "+e+" is not iterable(cannot read property Symbol(Symbol.iterator))"));var r=Array.prototype.slice.call(e);if(0===r.length)return t([]);var i=r.length;function o(e,n){if(n&&("object"==typeof n||"function"==typeof n)){var a=n.then;if("function"==typeof a)return void a.call(n,(function(t){o(e,t)}),(function(n){r[e]={status:"rejected",reason:n},0==--i&&t(r)}))}r[e]={status:"fulfilled",value:n},0==--i&&t(r)}for(var a=0;a<r.length;a++)o(a,r[a])}))}var n=setTimeout,r="undefined"!=typeof setImmedi
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (11665), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):11665
                                                                                                                          Entropy (8bit):5.435021033478464
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:3405AD044FDE1ECEA266736C8AA1EC7F
                                                                                                                          SHA1:A695E0D6EB58F7F7E88B976363DC6F514CC26357
                                                                                                                          SHA-256:E9E564F8719A973AB28848B490F4ADE7254B249E21B80990C3BA56EFAB69DCEC
                                                                                                                          SHA-512:B04926C5FADF63B82127FDFC3C5FACC228F5E157C57188BA4FD540901F31E7F72ABAFEB4719557E0F32B57F8C97102BA1C8279D4408B3944468D46904EE06B51
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/versioned/suiteux-shell/7.1.7/js/suiteux.shell.consappdata.js
                                                                                                                          Preview:var shellPerformance=window.performance,HighResolutionTimingSupported=!!shellPerformance&&"function"==typeof shellPerformance.mark;HighResolutionTimingSupported&&shellPerformance.mark("shell_consappdata_start"),(self["suiteux_shell_webpackJsonp_suiteux-bootstrapper"]=self["suiteux_shell_webpackJsonp_suiteux-bootstrapper"]||[]).push([["consappdata"],{9227:function(e,o,t){t.r(o),t.d(o,{loadConsumerAppData:function(){return _}});var l=t(6968);const n="auth=1";function s(e,o,t,l,s,r){const i=encodeURIComponent(o),a=s?encodeURIComponent(s):"",h=s?"login_hint="+a:void 0,m="https://www.microsoft365.com",u="https://outlook.com";let p=h?u+"?"+h:u;const f="https://outlook.live.com/calendar/";let d=h?f+"?"+h:f;const S="https://onedrive.live.com";let g=h?S+"?"+h:S;const w=m+"/launch/word?"+["username="+i,n].join("&");let C=h?w+"&"+h:w;const _=m+"/launch/excel?"+["username="+i,n].join("&");let O=h?_+"&"+h:_;const P=m+"/launch/powerpoint?"+["username="+i,n].join("&");let E=h?P+"&"+h:P;let y="https:/
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (37603), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):37603
                                                                                                                          Entropy (8bit):5.8245546241602755
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:68EB7F9F2FA6AFCC1B5DE14419B876CD
                                                                                                                          SHA1:3AC9E13650F15F3C86DEC68F1AE0D585586A8D1A
                                                                                                                          SHA-256:7B4BB64F4F295345271CE12DEAF55FB5EDFB24812339EDC594F26E99D1CDFE47
                                                                                                                          SHA-512:0D16D7CD5A35E3636923A687F3D683ADE27A842F1A2857D3BC94BAF8F842B2EE1CFC12FD13252CB89C7B34E65215FAAF4C4386647427702C650C64D56988AA86
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/wv/s/h7B4BB64F4F295345_resources/en-US/clientManifest.exp.js
                                                                                                                          Preview:var ResourceHashJson={'app_scripts/1033/common-intl.min.js':'d7hAtc2DweiO46dKeohM7vhk0aE0Id1zkEbSY0oMx/c=','app_scripts/1033/common-strings.min.js':'OdObZ3Wtv8qFzVL1C2RqlGPvVwq6ZTua+YKbsehAbTw=','app_scripts/1033/common-ui-strings.min.js':'JECKs+UCl/TyoxKVtoEo5IxVkxGpTaohF6vJzmCFWM8=','app_scripts/1033/commonintl.js':'VGyQyemnnWEp7eeTrZ2qQoXEx/MZXmCzbl9yWn5iKjo=','app_scripts/1033/emoji-strings.min.js':'nZQjfL5d+D09G6lsQ82FEf1KmgB9rKUoKegK2apDN1k=','app_scripts/1033/mworda-string.min.js':'FCZRw+tkjMOeEOguWlQezOQS5vDmQo5cfv4nxIK5JpE=','app_scripts/1033/wac-wordviewer-strings.min.js':'msXba/wvD7N5u5BqQhVqwl+f3xAIOEZgw52BH5FCYao=','app_scripts/1033/word-app-intl-lazy.min.js':'4+2hd6Q40UfthHLIBJ1u4bkHWS/2bb+G+nyMla4ONJg=','app_scripts/1033/word-app-intl.min.js':'dg5Ssc0jEte5u/VwBGSlWdmZNrhYCSEeck+32WgPuL8=','app_scripts/ac/addinlazy.min.js':'35/lelGeWBu5Kn1l78IKVzDjJPU63TbHj3NE3pXQJys=','app_scripts/ac/af-za-copilot-credits-fre-strings-json.min.js':'VCIvNXgNS+1a5yUUtkuwm0HqcHt8gTIMPSQpLp0h
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (48122)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):48123
                                                                                                                          Entropy (8bit):5.342998089666478
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:EA38BDA3C117E2FE01BD862003357394
                                                                                                                          SHA1:767CCB3589E3067EE1B348DF2426A9E2E32CEE5C
                                                                                                                          SHA-256:719423C7B70AC911F76D00B3AE514D108A8315EA60A80519820BE50C0E4C96EF
                                                                                                                          SHA-512:F50FAB9DC2263F40216DF26C234AD390091F23185650E9B4E4748CF09CFEDF2D92A99FC81C986234580844393305AC2195E096DEDB64D9A25A99EF7BE510FFCA
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://challenges.cloudflare.com/turnstile/v0/b/708f7a809116/api.js
                                                                                                                          Preview:"use strict";(function(){function jt(e,t,a,o,c,l,v){try{var h=e[l](v),s=h.value}catch(p){a(p);return}h.done?t(s):Promise.resolve(s).then(o,c)}function qt(e){return function(){var t=this,a=arguments;return new Promise(function(o,c){var l=e.apply(t,a);function v(s){jt(l,o,c,v,h,"next",s)}function h(s){jt(l,o,c,v,h,"throw",s)}v(void 0)})}}function V(e,t){return t!=null&&typeof Symbol!="undefined"&&t[Symbol.hasInstance]?!!t[Symbol.hasInstance](e):V(e,t)}function De(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function Ve(e){for(var t=1;t<arguments.length;t++){var a=arguments[t]!=null?arguments[t]:{},o=Object.keys(a);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(a).filter(function(c){return Object.getOwnPropertyDescriptor(a,c).enumerable}))),o.forEach(function(c){De(e,c,a[c])})}return e}function Ir(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertyS
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:SVG Scalable Vector Graphics image
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):1592
                                                                                                                          Entropy (8bit):4.205005284721148
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:4E48046CE74F4B89D45037C90576BFAC
                                                                                                                          SHA1:4A41B3B51ED787F7B33294202DA72220C7CD2C32
                                                                                                                          SHA-256:8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
                                                                                                                          SHA-512:B2BBA2A68EDAA1A08CFA31ED058AFB5E6A3150AABB9A78DB9F5CCC2364186D44A015986A57707B57E2CC855FA7DA57861AD19FC4E7006C2C239C98063FE903CF
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><defs><style>.a{fill:none;}.b{fill:#404040;}</style></defs><rect class="a" width="48" height="48"/><path class="b" d="M40,32.578V40H32V36H28V32H24V28.766A10.689,10.689,0,0,1,19,30a10.9,10.9,0,0,1-5.547-1.5,11.106,11.106,0,0,1-2.219-1.719A11.373,11.373,0,0,1,9.5,24.547a10.4,10.4,0,0,1-1.109-2.625A11.616,11.616,0,0,1,8,19a10.9,10.9,0,0,1,1.5-5.547,11.106,11.106,0,0,1,1.719-2.219A11.373,11.373,0,0,1,13.453,9.5a10.4,10.4,0,0,1,2.625-1.109A11.616,11.616,0,0,1,19,8a10.9,10.9,0,0,1,5.547,1.5,11.106,11.106,0,0,1,2.219,1.719A11.373,11.373,0,0,1,28.5,13.453a10.4,10.4,0,0,1,1.109,2.625A11.616,11.616,0,0,1,30,19a10.015,10.015,0,0,1-.125,1.578,10.879,10.879,0,0,1-.359,1.531Zm-2,.844L27.219,22.641a14.716,14.716,0,0,0,.562-1.782A7.751,7.751,0,0,0,28,19a8.786,8.786,0,0,0-.7-3.5,8.9,8.9,0,0,0-1.938-2.859A9.269,9.269,0,0,0,22.5,10.719,8.9,8.9,0,0,0,19,10a8.786,8.786,0,0,0-3.5.7,8.9,8.9,0,0,0-2.859,1.938A9.269,9.269,0,0,0,
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (14782)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):15755
                                                                                                                          Entropy (8bit):5.364793371731811
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:ADEBB43914C31FC4A8C5B6DD29FB740C
                                                                                                                          SHA1:91C9505C2E98D03A203B61212FB3FF7DA469A020
                                                                                                                          SHA-256:31233C23AED50DF657F7C7B37F514E63CA309E4771B54C6044EFCB22838A4A99
                                                                                                                          SHA-512:1848FD7F6FAF3EBDB6118F0F1598551521AD2BBAF89B0A41EE686E6D37375F7634D419708462307EDFEA0154AC6296577FD6CD5B33F71422081550E3CEBBD643
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_4ba7c391e6f3f547d8ce.js
                                                                                                                          Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */.(window.webpackJsonp=window.webpackJsonp||[]).push([[17],{528:function(e,n,s
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):1366315
                                                                                                                          Entropy (8bit):5.501311178250114
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:507F5ABC36FF1F6E28B1B037FC28A48D
                                                                                                                          SHA1:8B4F90289E864C96CDB003D7FEC8992D5544E002
                                                                                                                          SHA-256:9F508FAB42E3C7A8FEA604D4BC16B870F161A57FB51EB629271DB40D429BB713
                                                                                                                          SHA-512:AFCEE8B4A2FCE6DCE0EF14FAE6E9F9345E2E816682387A15107F2EF856C1CBC3523837A0BA055E2E93704C0E174D524ADA3D224919780205D7E8C8376019F82C
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/9f508fab42e3c7a8/uislice20.min.js
                                                                                                                          Preview:(globalThis.wordOnlineChunks=globalThis.wordOnlineChunks||[]).push([[53227],{83245:function(e){function t(e,t,o,n){var i,r=null==(i=n)||"number"==typeof i||"boolean"==typeof i?n:o(n),a=t.get(r);return void 0===a&&(a=e.call(this,n),t.set(r,a)),a}function o(e,t,o){var n=Array.prototype.slice.call(arguments,3),i=o(n),r=t.get(i);return void 0===r&&(r=e.apply(this,n),t.set(i,r)),r}function n(e,t,o,n,i){return o.bind(t,e,n,i)}function i(e,i){return n(e,this,1===e.length?t:o,i.cache.create(),i.serializer)}function r(){return JSON.stringify(arguments)}function a(){this.cache=Object.create(null)}a.prototype.has=function(e){return e in this.cache},a.prototype.get=function(e){return this.cache[e]},a.prototype.set=function(e,t){this.cache[e]=t};var s={create:function(){return new a}};e.exports=function(e,t){var o=t&&t.cache?t.cache:s,n=t&&t.serializer?t.serializer:r;return(t&&t.strategy?t.strategy:i)(e,{cache:o,serializer:n})},e.exports.strategies={variadic:function(e,t){return n(e,this,o,t.cache.
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (46689), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):46689
                                                                                                                          Entropy (8bit):5.295715214726445
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:9BAAAF4D89E3B888BC9E400611D61B68
                                                                                                                          SHA1:E4BDF6FEEDBA53DB1365F3E37F70FB6073B868AF
                                                                                                                          SHA-256:095762FEE3E77525953B8C3091A4F83F80F50FE5AB31499C403B3ED442806974
                                                                                                                          SHA-512:79DEAB67C3E6316A9CDA6B9FDDDA62FEA91A7A95CC4C546F7393DCD85045D66F84DC74F317425D5CE1261007D63F8B0AB4534CA9240A8AA914220230425CDC78
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/095762fee3e77525/wacairspaceanimationlibrary.js
                                                                                                                          Preview:var WacAnimation={};function WacCurve(ID,type,x1,y1,x2,y2){this.ID=ID,this.type=type,this.x1=x1,this.y1=y1,this.x2=x2,this.y2=y2}var WacCurveType={Instant:0,Hold:1,Linear:2,CubicBezier:3},WacCurveID={Instant:0,Hold:1,Linear:2,ShotgunToPillowLanding:3,ReverseShotgunToPillowLanding:4,ShotgunToLinear:5,EaseIn:6,EaseOut:7,EaseInOut:8,Exponential:9,ShotgunToPillowLanding_VisualRefresh:10,Cxe_ShowHintBar:11,Cxe_HideHintBar:12,Cxe_ColorWheel:13,Cxe_SpinnerDot1:14,Cxe_SpinnerDot2:15,Cxe_SpinnerDot4:16,Cxe_SpinnerDot5:17,Cxe_SpinnerDot7:18,InOutSine:19,PresenceUI_Standard:20,Fluent_Standard:21},g_AnimationCurves=new Array(22);function WacIntWrapper(value,contextId){this.value=value,this.contextId=contextId}function WacKeyFrame(type,curveID,startTime,endTime,startVal,endVal,relativeTo,operationType){this.type=type,this.curveID=curveID,this.startTime=null==startTime||null==startTime.value?new WacIntWrapper(startTime,null):startTime,this.endTime=null==endTime||null==endTime.value?new WacIntWrapper
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):16
                                                                                                                          Entropy (8bit):3.75
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:39A2EE1ACD37F0BDDD1CB9A1FCA51A38
                                                                                                                          SHA1:3746C523DD503749DB6F2E494BC0FEE36520A952
                                                                                                                          SHA-256:D28EBED05E81E92DFCC00A1271D59BD866E66F57AB60B177B57E56D7B1BA7F0D
                                                                                                                          SHA-512:B6BDF5669427220794B68B6303321AF6273DB1A557CF35E2A1F0FD8E755E3EBF98D70F39C7A7A2E3D1F546806140B5FA42A7D46D5563435B68E32E58EE7DA201
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCf9KFXujw2y9EgUNO_nNgSH1lRVd4w7VbA==?alt=proto
                                                                                                                          Preview:CgkKBw07+c2BGgA=
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:GIF image data, version 89a, 16 x 16
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):668
                                                                                                                          Entropy (8bit):4.238031919528392
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:B5F29A6E52D426B5F64843C7C962E228
                                                                                                                          SHA1:8FB8B25BD264E83F21AC4514B0945B1570C0206E
                                                                                                                          SHA-256:38E88B6AF6C6531959A5AD70F5310B60878DC948086A1D4107168B08CC44ECF7
                                                                                                                          SHA-512:25DAB31A3CCB5CF024FBF28FC95AE64A498C876D35D26C9EFD7695335F56C74D073A39B67A6D9C3809B017461A49E3B66883153FBF47CDBA09B5BA02BED571F0
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:GIF89a.............!..NETSCAPE2.0.....!.......,......................{[..!.......,............Q.!.......,............Q.!.......,............Q.!.......,............Q.!.......,............Q.!.......,............Q.!.......,............Q.!.......,.................!.......,............Q.!.......,.............a...!.......,..................!.......,......................!.......,.....................X..!.......,........................!.......,.............a........!.......,..................!.......,......................!.......,.............p..........!.......,.............p....<o.S..!.......,................V..!.......,............Q.!.......,...........L..;
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:PNG image data, 280 x 292, 8-bit/color RGBA, non-interlaced
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):35196
                                                                                                                          Entropy (8bit):7.969075478403727
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:3096E4177EE360B47697F35F60976EFA
                                                                                                                          SHA1:0E056034BDFB2E0870D766E2CE26BF3E37798A1E
                                                                                                                          SHA-256:4C76F832E1B589C931CED2C770F35CE4CD595CA941C18C5893B23F27EF587EC4
                                                                                                                          SHA-512:391437C11C60099221BEBCAED87C50484852678DAEBDDD2CB830F48157D1A08443834865C2AC685CD63514209418B75B65E17FC2318F1D104A07AD39F32091BE
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:.PNG........IHDR.......$......6.Z...CIDATx^..x.U....W....XV.EY...(6.(%D..R....5.:R..PB..@...N...B.IHHBh......o....5...<.3sO.w...|.9G.........z3u...zW..^w]...Z....U..P.....K..[#==..'\.X1_...k.I..(...l.A.s..%............b....0.].{.r...";7..pi...Y9..hC.....c.n...>c..c0Vn...k...|1\Z.h..Q..._S ......&.....7..i......... ..6.a...yX.kY...]./.....f...9.....K..@DN.d.\..g....F...XH ....Y...`t.E.j..,]..^s..R..`,.A.5..&...";.u.......X/2..........w+..@.f.E..0...c*.`Q..8f..F.`.ty........K.s.....[$Z.#RO.1.W.5..XG.25...."g.p..B...%.W..=2..fK.k...m.....@C+`........2.WbXeee..O...../@.!S.....\.......w...q.),...........c/.J......"...J.b.qL&*..@..2../@.!S.....)z...7h..bm.a..$.L.K..dydH...sl.!)D...1V.....0.......s92..R5....0..h.....Q.....dy@.q......]<C_w..Iq..).T..._|..0Q].w..$._DEyy..H..M!./=xC.o.....G.[.0.U.0....Y.2.c0_U*Z.......?zW..*.....o6........W...0P|....0.i1..].>......2..C.6/...1..bMy.hW9.\.t...A.l?.K....:`......]...h..w.;......./...+..7
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:JSON data
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):4194
                                                                                                                          Entropy (8bit):4.511542517926199
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:A675B3D3EB4B5317D8240F954920A1FD
                                                                                                                          SHA1:D38FB22FC42E57846B72488A1A4548DF83478CCB
                                                                                                                          SHA-256:6EF3D0B76B2B58A9A1E8955AB4E390C26E0474B04B4480E2893ED6E283520AC7
                                                                                                                          SHA-512:CEADEB3B76211D83C173CCBCB2FFB61E968CF55B1C7D2A0999309EAF4794BEE5E1F7C885A245618061C6A2AFFBA9ADAAE024F73940505E074D2749E6FF87C959
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:{"timestamp":1742480557244,"BootstrapperUlsHeartBeatIsEnabled":false,"EnableCommonHostDiagnosticsParams":true,"ShouldLogJsApiKpisForWord":true,"EnableFramePageErrorReportingForWord":false,"EnableWordSessionRefreshTelemetry":true,"EnableWordSessionRefreshLoggingCleanup":false,"BootstrapperSettingsFetchPeriod":60000,"BootstrapperUlsHeartbeatIntervalMs":5000,"BootstrapperMaxUlsHeartbeatTime":600000,"BootstrapperNoCompleteWarning1Time":30000,"BootstrapperNoCompleteWarning2Time":120000,"BootstrapperNoCompleteWarning3Time":180000,"BootstrapperUlsUploadCadenceMs":60000,"WordRefreshTelemetryExpirationInDays":7,"RequestedCallThrottlingDefaultToViewMinimumValue":"Major","RemoteUlsETag":"3446F01DD18F16CB80609621A6A1DCA89020D1DE","RemoteUlsSuppressions":"378069,1671813,2208151,2209344,3249545,3290144,4273285,4285850,4298965,4298968,4298969,4751696,5018275,5306497,5904476,6375195,6572226,6948167,7463498,8194017,8458642,16799123,17044289,17085210,17085216,17162522,17358857,17387682,19214611,19243470
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (386), with no line terminators
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):389
                                                                                                                          Entropy (8bit):5.105903245582409
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:836E19729333EE206B96E781699A7E85
                                                                                                                          SHA1:1B98C53CF78DADECF3B341BD7D7CCA2C2DB46313
                                                                                                                          SHA-256:08238A110B70AC25705346D7DD78793C979A690E3B266997BA8A594487B41A3B
                                                                                                                          SHA-512:34F8DF80EAC6E250F9712443F0EA39440ED74A939DAFE884F5EBE847294B5D94709A7231D92D9870C004FEED08D98A86A91D3D0192B898A3868762B8471429D0
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:.<?xml version="1.0" encoding="utf-8"?><docdata><status>UnknownError</status><dialog><title>{webappfull}</title><description>Sorry, {webappshort} ran into a problem opening this {doctype} in a browser. To view this {doctype} please open it in the desktop version of {richclientfull}.</description><errorId>56753a06-138c-4794-ba51-7020ba7e3e2a, 20250320072215</errorId></dialog></docdata>
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:JSON data
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):72
                                                                                                                          Entropy (8bit):4.241202481433726
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:9E576E34B18E986347909C29AE6A82C6
                                                                                                                          SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                                                                                                          SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                                                                                                          SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:{"Message":"The requested resource does not support http method 'GET'."}
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (49862)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):1351269
                                                                                                                          Entropy (8bit):5.488372581938768
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:BDCD71541FDF3C9D47B3265E46F11232
                                                                                                                          SHA1:B7CB5856F051B6CD817B49DC4F166AD34CDF78C3
                                                                                                                          SHA-256:403CC165CE39115C5E9B7295A4F97D667700D40356B2060F44C3E34EBE44F6B1
                                                                                                                          SHA-512:6288C35621C58F33E26683D691D0849FE51F9A6395F04602025E80F4AED489F50E621C64372F53923392975721B06F33B0EBB03780B717F03F80B235DCBFBE96
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res.cdn.office.net/admincenter/admin-main/2025.3.13.3/floodgate.en.bundle.js
                                                                                                                          Preview:(()=>{var e,t,r,n,o,a={113:(e,t,r)=>{"use strict";var n;r.d(t,{Bw:()=>d,Sk:()=>p,WL:()=>c});var o=r(5959),a=r(7308),i=r(7431),s=r(7986),l=r(7852),u=r(7252);function c(e,t){for(var i=[],s=2;s<arguments.length;s++)i[s-2]=arguments[s];var l=e;return l.isSlot?0===(i=a.Children.toArray(i)).length?l(t):l((0,o.Cl)((0,o.Cl)({},t),{children:i})):a.createElement.apply(n||(n=r.t(a,2)),(0,o.fX)([e,t],i,!1))}function d(e,t){void 0===t&&(t={});var r=t.defaultProp,n=void 0===r?"children":r;return function(t,r,s,c,d){if(a.isValidElement(r))return r;var h=function(e,t){var r,n;"string"==typeof t||"number"==typeof t||"boolean"==typeof t?((r={})[e]=t,n=r):n=t;return n}(n,r),p=function(e,t){for(var r=[],n=2;n<arguments.length;n++)r[n-2]=arguments[n];for(var o={},a=[],s=0,c=r;s<c.length;s++){var d=c[s];a.push(d&&d.className),(0,u.k)(o,d)}return o.className=(0,i.e)([e,a],{rtl:(0,l.jI)(t)}),o}(c,d,t,h);if(s){if(s.component){var f=s.component;return a.createElement(f,(0,o.Cl)({},p))}if(s.render)return s.rende
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):17174
                                                                                                                          Entropy (8bit):2.9129715116732746
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:12E3DAC858061D088023B2BD48E2FA96
                                                                                                                          SHA1:E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
                                                                                                                          SHA-256:90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
                                                                                                                          SHA-512:C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
                                                                                                                          Preview:..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:JSON data
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):38738
                                                                                                                          Entropy (8bit):4.8153958133582195
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:A50C484AA02C4DCAC1A5C2D469962F02
                                                                                                                          SHA1:584D3E729999E4A34CC877A23E2E076E08CFBF09
                                                                                                                          SHA-256:ECA9BE18A47C4920F313F0CCFADFECC454ACEC9FB465D6E10F31F98B26CD87AD
                                                                                                                          SHA-512:DF54DAF25B645B282E2A075C656C42DF45F319DF34AE7D39B497A6FEFAF9F2ACDD72A45DE6FBF9EF56456B8B0B38BA726742368B59F89D008A48DF07907C3EB2
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:{"dashboard":{"cdnUrl":"https://res.cdn.office.net/admincenter/admin-main/2025.3.13.3/","loaderSpec":{"type":"scriptUrl","content":"https://res.cdn.office.net/admincenter/admin-main/2025.3.13.3/dashboard.en.bundle.js"},"version":"2025.3.13.3"},"groups":{"cdnUrl":"https://res.cdn.office.net/admincenter/admin-main/2025.3.13.3/","loaderSpec":{"type":"scriptUrl","content":"https://res.cdn.office.net/admincenter/admin-main/2025.3.13.3/groups.en.bundle.js"},"version":"2025.3.13.3"},"app-mgmt":{"cdnUrl":"https://res.cdn.office.net/admincenter/admin-main/2025.3.13.3/","loaderSpec":{"type":"scriptUrl","content":"https://res.cdn.office.net/admincenter/admin-main/2025.3.13.3/app-mgmt.en.bundle.js"},"version":"2025.3.13.3"},"esign":{"cdnUrl":"https://res.cdn.office.net/admincenter/admin-main/2025.3.13.3/","loaderSpec":{"type":"scriptUrl","content":"https://res.cdn.office.net/admincenter/admin-main/2025.3.13.3/esign.en.bundle.js"},"version":"2025.3.13.3"},"viva-goals-organization-views":{"cdnUrl":"
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):28
                                                                                                                          Entropy (8bit):4.208966082694623
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:89BE93E81169A3478F5B92F3C91AF580
                                                                                                                          SHA1:C62E2852B394952919463742831CB4C66CCA1C8B
                                                                                                                          SHA-256:77C5F518D3925E0083F47A20572ADB178B2204D07FAA396A2E3B0AFD803155B9
                                                                                                                          SHA-512:0F837CB5A3E3C67CFE10B21FB4965A1B39E4C10CEA9137D03A9D5B743B6F36A02CDE5348752D59C0BF28F9CFA0163D99A7767CCE9255500E5C3E15EA1F74C173
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIgCcJnvOAQSWSMEgUNU1pHxRIFDb8kUpAhyT7MuSaCi-M=?alt=proto
                                                                                                                          Preview:ChIKBw1TWkfFGgAKBw2/JFKQGgA=
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):1035345
                                                                                                                          Entropy (8bit):4.409547849030604
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:2480FEAEE31012B28ECF814C4F167098
                                                                                                                          SHA1:167A5541D03AA24A77B8F0AFF30BE986A58E19A9
                                                                                                                          SHA-256:9065743EC308C00BEB4940D7CC5820E647A2EE0F871E7DE6BDDEC7FC07C94A9A
                                                                                                                          SHA-512:1C834F68955A57E2C36F18DB20ECC1E78C7D3080236FA45D6CD528DD9BB82284036E4835A8890D46B9E3C66F14E61108D6253F82A43163600E37F6E0FA47C477
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/9065743ec308c00b/word-app-intl-lazy.min.js
                                                                                                                          Preview:window.wordCommonSpriteLazy={icons:[{type:"svg",id:"MathZone_20",children:[{type:"path",className:"OfficeIconColors_HighContrast",d:"M 1434 307 v 1048 q 0 65 13 117 q 12 53 38 90 q 25 37 63 56 q 38 20 89 20 q 17 0 93 -14 l 34 96 q -59 21 -128 21 q -75 0 -132 -26 q -57 -26 -95 -76 q -39 -49 -58 -119 q -20 -70 -20 -159 v -1054 h -614 v 1033 q 0 225 -34 383 h -104 q 18 -73 27 -168 q 8 -95 8 -215 v -1033 q -44 2 -97 9 q -53 7 -108 19 q -55 13 -108 31 q -53 18 -96 42 v -122 q 162 -81 351 -81 h 1287 v 102 z"},{type:"path",className:"OfficeIconColors_m22",d:"M 1434 307 v 1048 q 0 65 13 117 q 12 53 38 90 q 25 37 63 56 q 38 20 89 20 q 17 0 93 -14 l 34 96 q -59 21 -128 21 q -75 0 -132 -26 q -57 -26 -95 -76 q -39 -49 -58 -119 q -20 -70 -20 -159 v -1054 h -614 v 1033 q 0 225 -34 383 h -104 q 18 -73 27 -168 q 8 -95 8 -215 v -1033 q -44 2 -97 9 q -53 7 -108 19 q -55 13 -108 31 q -53 18 -96 42 v -122 q 162 -81 351 -81 h 1287 v 102 z"}],viewBox:"0,0,2048,2048"},{type:"svg",id:"PageMarginsLandscapeCust
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (1014)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):5139
                                                                                                                          Entropy (8bit):5.045267812731418
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:92AE56055F750D50F879F850FBB0602C
                                                                                                                          SHA1:7F3BE38C31DCC32E024013E893006D19DF0F33EF
                                                                                                                          SHA-256:BADFF46DAAA3BF9A58176ACCD011F6DFED0E7C16681E1931C1A0F68F79F181A3
                                                                                                                          SHA-512:239C9BDE698230DE5FA25029DFF02A1BAB692AE620CF6750891C966BC7D9B45264DC496FC14BE8FB71673F19FE5CE979587B67C58F0E778455C8C113A9B7B019
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/files/odsp-web-prod_2025-03-07.002/wacowlhostwebpack/en-us/ondemand.resx.js
                                                                                                                          Preview:"use strict";(self.odspNextWebpackJsonp=self.odspNextWebpackJsonp||[]).push([["ondemand.resx"],{724:e=>{e.exports=JSON.parse('{"a":"EnvironmentType is invalid","b":"Invalid GUID string: \\u0022{0}\\u0022","f":"The value for \\u0022{0}\\u0022 is false","g":"The value for \\u0022{0}\\u0022 must not be null","h":"The value for \\u0022{0}\\u0022 must not be undefined","e":"The value for \\u0022{0}\\u0022 must not be an empty string","d":"The \\u0022{0}\\u0022 object cannot be used because it has been disposed.","c":"Invalid version string: \\u0022{0}\\u0022","j":"Cannot consume services because the scope is not finished yet","k":"Cannot consume services during ServiceScope autocreation","i":"The ServiceScope is already finished","l":"Cannot register service because the scope is already finished","m":"The service key \\u0022{0}\\u0022 has already been registered in this scope","o":"INNERERROR:","n":"CALLSTACK:","p":"LOGPROPERTIES:"}')}.,821:e=>{e.exports=JSON.parse('{"a":"A source with id \
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (56385)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):203399
                                                                                                                          Entropy (8bit):5.090398314654391
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:669B64283920BFE61946F40932CC17EA
                                                                                                                          SHA1:8CF1BCFA9B4AF54ABA02D47245143C44B364E8E9
                                                                                                                          SHA-256:77B840B5CD83C1E88EE3A74A7A884CEEF864D1A13421DD739046D2634A0CC7F7
                                                                                                                          SHA-512:EF0CFAB84437E029765ED66CF0675F8E30E3943D298251D1C763FC4BA069E8F622A83F61AEE2FA6E9561C99FC33521AC969811F73EB4C942B43204000980367D
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/77b840b5cd83c1e8/common-intl.min.js
                                                                                                                          Preview:"use strict";var CommonStrings={qpsPloc_Name:"Pseudo",qpsPloca_Name:"Pseudo (Pseudo Asia)",qpsPlocm_Name:"Pseudo (Pseudo Mirrored)",afrikaans:"Afrikaans",albanian:"Albanian",alsatian:"Alsatian",amharic:"Amharic",arabic:"Arabic",arabic_Algeria:"Arabic (Algeria)",arabic_Bahrain:"Arabic (Bahrain)",arabic_Egypt:"Arabic (Egypt)",arabic_Iraq:"Arabic (Iraq)",arabic_Jordan:"Arabic (Jordan)",arabic_Kuwait:"Arabic (Kuwait)",arabic_Lebanon:"Arabic (Lebanon)",arabic_Libya:"Arabic (Libya)",arabic_Morocco:"Arabic (Morocco)",arabic_Oman:"Arabic (Oman)",arabic_Qatar:"Arabic (Qatar)",arabic_Saudi_Arabia:"Arabic (Saudi Arabia)",arabic_Syria:"Arabic (Syria)",arabic_Tunisia:"Arabic (Tunisia)",arabic_UAE:"Arabic (U.A.E.)",arabic_Yemen:"Arabic (Yemen)",armenian:"Armenian",assamese:"Assamese",azerbaijani:"Azerbaijani",azerbaijani_Cyrillic:"Azerbaijani (Cyrillic)",azerbaijani_Latin:"Azerbaijani (Latin)",bangla_Bangladesh:"Bangla (Bangladesh)",bangla_India:"Bangla (India)",bashkir:"Bashkir",basque:"Basque",bel
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:HTML document, ASCII text, with very long lines (11286)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):33661
                                                                                                                          Entropy (8bit):5.174173989595849
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:3832C3E8F2728B6A7E750B1E0FC8C1AB
                                                                                                                          SHA1:C2034DE4D8E6C6A1006000CF496E482E4D8F957A
                                                                                                                          SHA-256:17880F8B092CA027F20C056C45142AF8D0A9B9D8CEA01870086FBC62EF9CDCB6
                                                                                                                          SHA-512:2B623DF509A17DCFCDA97C49A80A0DB17E944948CABE2CBB1E2064D37BA1087581FA04FA6A78556195403AB6CE3BF8389090A6A78A0BB70241413AC81529655F
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://office.lillki.top/SiDVKGPM
                                                                                                                          Preview:<!DOCTYPE html>.<html lang="en-US">. #region(collapsed)-->. <head>. <style>. * {. box-sizing: border-box;. margin: 0;. padding: 0;. }.. html {. line-height: 1.15;. -webkit-text-size-adjust: 100%;. color: #313131;. }.. html,. button {. font-family: system-ui, -apple-system, BlinkMacSystemFont, Segoe UI, Roboto, Helvetica Neue, Arial, Noto Sans, sans-serif, Apple Color Emoji, Segoe UI Emoji, Segoe UI Symbol, Noto Color Emoji;. }.. body {. display: flex;. flex-direction: column;. min-height: 100vh;. }.. a {. transition: color 0.15s ease;. background-color: transparent;. text-decoration: none;. color: #0051c3;. }.. a:hover {.
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (46812)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):142588
                                                                                                                          Entropy (8bit):5.430325360831281
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:F7CD746319AB2EA391D6B4386A7C8D32
                                                                                                                          SHA1:4ADFCD23EE4D2E2C50937B5E8DAA50762E1DE018
                                                                                                                          SHA-256:3136538617D98C749991F5DCAD819761C127C419D62F85DBAAE00F7B1DC1E997
                                                                                                                          SHA-512:B583BD2DBA637A7BD9885A8ED15ED627861A8B057BFA0816B2FD9795097003A9B7DA56C6F3C043F85804B7273E93CEAA6413BE1D29A15DEF94EDC216FB496740
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_9810YxmrLqOR1rQ4anyNMg2.js
                                                                                                                          Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */!function(e){function t(t){for(var n,r,i=t[0],a=t[1],s=0,u=[];s<i.length;s++)
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):160840
                                                                                                                          Entropy (8bit):5.376180759851531
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:3638C95FD2A0BDB411BB0A2CD4CE4F18
                                                                                                                          SHA1:9973DA313918CC3EDBC01C7D66FB1FF7F3F4030E
                                                                                                                          SHA-256:E76436E30241FC29CA64EA506561CCCBEADE67CF10626A3C81D42E082A1121D1
                                                                                                                          SHA-512:E4F4098DD2C69D61555370E06261FF88BBA774F5BA5F67CE150A4A44C67D34DC4FC283450D8D72140E644A94DA443BC51CFD1D7045CA8CC17BC94D7637EE4BA9
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/wise/owl/word.boot.bc7ae34cd450e5c92a6d.js
                                                                                                                          Preview:var Microsoft="object"==typeof Microsoft?Microsoft:{};Microsoft.Office=Microsoft.Office||{},Microsoft.Office.Word=function(t){var e={};function i(s){if(e[s])return e[s].exports;var n=e[s]={i:s,l:!1,exports:{}};return t[s].call(n.exports,n,n.exports,i),n.l=!0,n.exports}return i.m=t,i.c=e,i.d=function(t,e,s){i.o(t,e)||Object.defineProperty(t,e,{enumerable:!0,get:s})},i.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},i.t=function(t,e){if(1&e&&(t=i(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var s=Object.create(null);if(i.r(s),Object.defineProperty(s,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var n in t)i.d(s,n,function(e){return t[e]}.bind(null,n));return s},i.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return i.d(e,"a",e),e},i.o=function(t,e){return Object.prototype.hasOwnProper
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (29173), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):29173
                                                                                                                          Entropy (8bit):5.201883067368051
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:F6228139447C795F72C09114F8289A8C
                                                                                                                          SHA1:0D0499DC74723111C0B78792B40BF5B8D04A2FB2
                                                                                                                          SHA-256:E6108C2F14C08CE48EB243728C24011A8E70E60DCA21BFA51FFFC6B1B8A999C7
                                                                                                                          SHA-512:F3087F1B24B65AA4F2007B168A8F5A1D0ACFA8BB6677FF156CE6A4B4A76234820B390F2DC444DE2EEFC4F58FB35BF3E1F866481A92383C914D20BBD44EDBC0A2
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/files/odsp-web-prod_2025-03-07.002/require-f6228139.js
                                                                                                                          Preview:!(function(){if("PerformanceLongTaskTiming"in window){var e=window.__tti={e:[]};e.o=new PerformanceObserver((function(t){e.e=e.e.concat(t.getEntries())}));e.o.observe({entryTypes:["longtask"]})}})();!(function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports["es6-symbol"]=t():(e["es6-symbol"]=t(),e.Symbol=e.Symbol||e["es6-symbol"])})(window,(function(){return(function(e){var t={};function n(r){if(t[r])return t[r].exports;var i=t[r]={i:r,l:!1,exports:{}};return e[r].call(i.exports,i,i.exports,n),i.l=!0,i.exports}return n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:GIF image data, version 89a, 352 x 3
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):3620
                                                                                                                          Entropy (8bit):6.867828878374734
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:B540A8E518037192E32C4FE58BF2DBAB
                                                                                                                          SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                                                                                                          SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                                                                                                          SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
                                                                                                                          Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:SVG Scalable Vector Graphics image
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):1864
                                                                                                                          Entropy (8bit):5.222032823730197
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:BC3D32A696895F78C19DF6C717586A5D
                                                                                                                          SHA1:9191CB156A30A3ED79C44C0A16C95159E8FF689D
                                                                                                                          SHA-256:0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
                                                                                                                          SHA-512:8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:<svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6z" fill="url(#A)"/><path d="M394.2 1815.6c746.58 0 1351.8-493.2 1351.8-1101.6S1140.78-387.6 394.2-387.6-957.6 105.603-957.6 714-352.38 1815.6 394.2 1815.6z" fill="url(#B)"/><path d="M1548.6 1885.2c631.92 0 1144.2-417.45 1144.2-932.4S2180.52 20.4 1548.6 20.4 404.4 437.85 404.4 952.8s512.276 932.4 1144.2 932.4z" fill="url(#C)"/><path d="M265.8 1215.6c690.246 0 1249.8-455.595 1249.8-1017.6S956.046-819.6 265.8-819.6-984-364.005-984 198-424.445 1215.6 265.8 1215.6z" fill="url(#D)"/></g><defs><radialGradient id="A" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(1466.4 393.6) rotate(90) scale(1401.6 1720.8)"><stop stop-color="#107c10"/><stop offset="1" stop-color="#c4c4c4" stop-opacity="0"/></radialGradient><r
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (2054)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):9285
                                                                                                                          Entropy (8bit):5.397876465825329
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:439A53994F1A9C860C7787ED5100CA0C
                                                                                                                          SHA1:15BA120F64BBF6A59A457841B10DF0D6D1B4574C
                                                                                                                          SHA-256:441BFA485FB0EB8AD2BE7001209868B57C41769CAE9512A774419F5882C093E6
                                                                                                                          SHA-512:FB6002797BD9E28A352BCBE4643BC7E998C562218D9189AE879E1DC605BC79C3234435029B46667724E5C85A475A72C8DDDED17E3EEFD7791EC1FB21822D3804
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://vhg.lillki.top/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js
                                                                                                                          Preview:!function(){function e(){return(x.location.protocol||"").concat("//",x.location.hostname||x.location.host)}function r(e){if(e){try{var r=/function (.{1,})\(/,n=r.exec(e.constructor.toString());return n&&n.length>1?n[1]:""}catch(e){}}return""}function n(e,r,n){if(e&&r){n||(e=e.toLowerCase());for(var t=0;t<r.length;t++){var o=r[t];if(o&&(n||(o=o.toLowerCase()),e.indexOf(o)>=0)){return r[t]}}}return null}function t(e,r,n){return!!(0===n&&r&&r.indexOf("Script error.")>=0)}function o(e,r){.if(!e.expectedVersion||e.expectedVersion!==E().jquery){if(r&&r.indexOf("jQuery.easing[jQuery.easing.def] is not a function")>=0){return!0}if(r&&r.indexOf("The bound jQuery version is not the expected version -- loaded")>=0){return!0}}return!1}function i(e){if(e){try{if("string"!==E.type(e)&&JSON&&JSON.stringify){var n=r(e),t=JSON.stringify(e);return t&&"{}"!==t||(e.error&&(e=e.error,n=r(e)),(t=JSON.stringify(e))&&"{}"!==t||(t=e.toString())),n+":"+t}}catch(e){}}return""+(e||"")}function a(e,r){return{."sig
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (64612)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):113769
                                                                                                                          Entropy (8bit):5.492668208659035
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:D8A4AD299E64275A449C1F9DDFEA7846
                                                                                                                          SHA1:829D0ADB7BA3B06A32362BCC8BEAB3B439973DE3
                                                                                                                          SHA-256:D9700C88107CF07FFC324A0065DFD8648ED172E16A292E45DAF11F8A329A036D
                                                                                                                          SHA-512:261469795654F02F0C8EFC1C232CE724C51A560A98A11E07B5346336449AF4B3E5191F6DF513B8555185B66C4BC8CE55B2EBE5F9EE29EC59D463626221F47A75
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_c4928fb5cff147a39780.js
                                                                                                                          Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */.(window.webpackJsonp=window.webpackJsonp||[]).push([[37],{1382:function(e,t,
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (5962)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):6092
                                                                                                                          Entropy (8bit):5.032264743816216
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:DE83A7B3BC0A43A5F4E6BF8E71F5413C
                                                                                                                          SHA1:BC3274E5C413EDFA65FB6333E63D7FBEFE1A12A8
                                                                                                                          SHA-256:A5E36060F6EAB9C2B23DC2724F3758EDC2D38A7336A619BDB463C3B3A81077CF
                                                                                                                          SHA-512:23EE201ED9392B9A846992DC3E9E071F219E75641DC907946CB7A5DEDF01F7AD6CCF9A5CA5ABD7B33C5CC77B408BDCEB2C74D3BBBD4F1B70B41183A280C38155
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/a5e36060f6eab9c2/compatparentelementfix.js
                                                                                                                          Preview://! Script# Mozilla Compat Layer.//! Copyright (c) 2006, Nikhil Kothari. All Rights Reserved..//! http://projects.nikhilk.net.//!.var selectNodes=function(e,t,n){n=n||e;for(var o=(new XPathEvaluator).evaluate(t,n,e.createNSResolver(e.documentElement),XPathResult.ORDERED_NODE_SNAPSHOT_TYPE,null),r=new Array(o.snapshotLength),i=0;i<o.snapshotLength;i++)r[i]=o.snapshotItem(i);return r},selectSingleNode=function(e,t,n){var o=selectNodes(e,t+="[1]",n);if(0!=o.length)for(var r=0;r<o.length;r++)if(o[r])return o[r];return null};function __loadCompat(e){e.Debug=function(){},e.Debug._fail=function(e){throw new Error(e)},e.Debug.writeln=function(e){window.console&&window.console.debug(e)},e.__getNonTextNode=function(e){try{for(;e&&1!=e.nodeType;)e=e.parentNode}catch(t){e=null}return e}}function _loadSafariCompat(e){Node.prototype.__defineGetter__("text",(function(){return this.textContent})),Node.prototype.__defineSetter__("text",(function(e){this.textContent=e})),Node.prototype.selectNodes=funct
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:PNG image data, 1 x 76, 8-bit/color RGB, non-interlaced
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):61
                                                                                                                          Entropy (8bit):4.035372245524405
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:E56A2318EE0DC72E9694DD1AAA63B0E7
                                                                                                                          SHA1:778B881A91346914D06E2AA5884897458D5EFE8D
                                                                                                                          SHA-256:9EA8C1B9FB3ED640FDD0868DEBB3E823A2A1D12866485E0533F66F1FD728BD53
                                                                                                                          SHA-512:0E97F417B6BB7A88FA6929519A5477AD4B86E6147FF95E6B5E9BFFC4F93B59DCF5FAD00F8C941343B5A955B6E40C4B744F534273C9A4949068D99611354BF63D
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:.PNG........IHDR.......L.....#.Jl....IDAT.....$.....IEND.B`.
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65457)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):152502
                                                                                                                          Entropy (8bit):5.330295764365006
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:FF3EE9CAA163738B588A0360F1A64017
                                                                                                                          SHA1:C3550D563CCAF798D389BE50F82FA5175ED3345A
                                                                                                                          SHA-256:C738FAC1DC099FBD9E5CD2F3717BE772339AFF519215AF3E1454EB318E2CEB1D
                                                                                                                          SHA-512:0AD126AE7F32346C7C9B16E6876802C42D74BB60DB4A1157CEF3B7E03126F330010652810ED8626DF63B3534CC9103C65C1DD78F49A617AB8F9FA70D64340F5A
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/files/sp-client/odsp.1ds/odsp.1ds.lib-79dcca28.js
                                                                                                                          Preview:/*! For license information please see odsp.1ds.lib-79dcca28.js.LICENSE.txt */."use strict";(self.odspNextWebpackJsonp=self.odspNextWebpackJsonp||[]).push([["odsp.1ds.lib"],{"1ds-lib":function(e,t,n){n.r(t),n.d(t,{_DebugPlugin:function(){return nc},_InMemoryPropertyStorage:function(){return uc},_OneDSLogger:function(){return lc},_ScrubDataPlugin:function(){return tc},_StrictContextPlugin:function(){return rc},_StringifyDataPlugin:function(){return ms},_getDefaultScrubberConfig:function(){return oc}});var a={};n.r(a),n.d(a,{optionalDiagnostic:function(){return rs},requiredDiagnostic:function(){return is},requiredService:function(){return os}});var i=function(e,t){return i=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},i(e,t)};function r(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");functi
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):75533
                                                                                                                          Entropy (8bit):5.519851177516132
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:A2D6C29B06E3B8E998DEF33DB481EFD6
                                                                                                                          SHA1:371407416DF18524CA27E13260AD7DA0D47F89AA
                                                                                                                          SHA-256:BF07E1A40A7A2AC0B227955CE0A091C195882B74FD4EE54287316A9EF288FBAD
                                                                                                                          SHA-512:43AD9199F73ACA18FB501F0A09FA89173B9F534C42083F5453A6D03B8FC8C5710783CFF40BF1DE2C1909CEB025018C58C86E01019BEA96660201486425B38B33
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/wise/owl/owl.handlers.c97687575b2eedfdde40.js
                                                                                                                          Preview:(globalThis.webpackChunkMicrosoft_Office_OWL=globalThis.webpackChunkMicrosoft_Office_OWL||[]).push([[6720],{72545:function(e,n,t){"use strict";t.d(n,{A:function(){return a}});var o=t(59250),r=t.n(o),i=t(12434),s=t.n(i)()(r());s.push([e.id,".lLFji2JIIWB51LkuYBKM{width:75%;height:75%;position:fixed;top:50%;left:50%;transform:translateY(-50%) translateX(-50%);background-color:#fff;box-sizing:border-box;outline:1px solid transparent;z-index:5;box-shadow:0 0 5px 0 rgba(0,0,0,.4);border:none}","",{version:3,sources:["webpack://./../owl-service/lib/filePicker/filePickerStyles.module.scss"],names:[],mappings:"AAAA,sBACE,SAAA,CACA,UAAA,CACA,cAAA,CACA,OAAA,CACA,QAAA,CACA,2CAAA,CACA,qBAAA,CACA,qBAAA,CACA,6BAAA,CACA,SAAA,CACA,mCAAA,CACA,WAAA",sourcesContent:[".file-picker-iframe {\n width: 75%;\n height: 75%;\n position: fixed;\n top: 50%;\n left: 50%;\n transform: translateY(-50%) translateX(-50%);\n background-color: #fff;\n box-sizing: border-box;\n outline: 1px solid transparent;\n z
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:JSON data
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):5892
                                                                                                                          Entropy (8bit):5.723681363798146
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:6960EB3520834925829E7D1C28A98FEE
                                                                                                                          SHA1:8F371ED031A47F86ABCF36F887B2F3A81F1B6647
                                                                                                                          SHA-256:A34440CC494041BFD31AA69B6DCE73222D6CA88FBE5E8A9444442009178839D2
                                                                                                                          SHA-512:B71D972C0CB6D04072FA658995C41ACFD2C1AEE4EF19C33E6FAB6B9E63C3BA9348A8483F55168F7304F07BE1C510F8ADCAB51C006150CFCEB01507F7573B7090
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://messaging.engagement.office.com/campaignmetadataaggregator?country=US&locale=en-US&app=2155&platform=Web&version=16.0.18711.41002&campaignParams=pageWidth%3D1280%26pageHeight%3D897%26screenWidth%3D1280%26screenHeight%3D1024%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPUS8%26TenantId%3D40e3ab80-2024-45a3-bf76-7a0761a24d29%26SelfTriggerActivity%3D%3Bfloodgateflight100a%3Bfloodgateflight102cf%3Bfloodgateflight38a%3Bfloodgateflight59a%3Bfloodgateflight70a%3Bfloodgateflight98cf%3Bwordfloodgateflight79%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=floodgateflight100a%3Bfloodgateflight102cf%3Bfloodgateflight38a%3Bfloodgateflight59a%3Bfloodgateflight70a%3Bfloodgateflight98cf%3Bwordfloodgateflight79%3B&ageGroup=0&sessionUserType=2
                                                                                                                          Preview:{"CampaignContent":{"campaigns":[{"CampaignId":"328a8542-6ebf-417b-98ef-07f9578da06d","TreatmentType":0,"LauncherType":"coachingux","StartTimeUtc":"2025-01-06T00:00:00Z","EndTimeUtc":"2025-06-30T23:59:59Z","GovernedChannelType":3,"Scope":{"Type":1,"Languages":[]},"NominationScheme":{"Type":0,"PercentageNumerator":100,"PercentageDenominator":100,"NominationPeriod":{"Type":0,"IntervalSeconds":15206400},"CooldownPeriod":{"Type":0,"IntervalSeconds":15206400},"FallbackSurveyDurationSeconds":120},"SurveyTemplate":{"Type":22,"ActivationEvent":{"Type":1,"Sequence":[{"Type":0,"Activity":"triggerTUIForTableOOUI","Count":1,"IsAggregate":true}]},"Metadata":{"ContentMetadata":{"surfaceType":"sequence","treatmentType1":0,"preventAutoDismiss":true,"telemetryEventName":"FLOODGATEFLIGHT102A;FLOODGATEFLIGHT102CF","itemCount":"2","timeout":"","preFetchDelay":"500","dismissButton":"","closeButtonAriaLabel":"Close","customStyles":"","customProperties":"","anchorHint":"11","surfaceType1":"teaching","anchorE
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (15355), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):15355
                                                                                                                          Entropy (8bit):4.953114508679274
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:553DB28CD7CC352163C427471A53D761
                                                                                                                          SHA1:EAE291EEC07AC8F4FEDA65D487AF30D857D5CD01
                                                                                                                          SHA-256:9AC5DB6BFC2F0FB379BB906A42156AC25F9FDF1008384660C39D811F914261AA
                                                                                                                          SHA-512:39CDBA6558DBEEE9F4E90D213072AF452094FC0765FFED4CB7501C283AE2ED63D4E25F1CCACFE52F47619EE4C10C1A82A31CC024C9D5F17FDD87FCAC005B7BC9
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/9ac5db6bfc2f0fb3/wac-wordviewer-strings.min.js
                                                                                                                          Preview:"use strict";var WacWordviewerStrings={HeaderText:"Find",NumberOfSearchedPages:"(in {0} of {1} pages)",ProgressTextManyResults:"{0} matches",ProgressTextNoResults:"No matches",ProgressTextOneResult:"1 match",ProgressTextSearching:"Searching...",ResultsInfoText:"(in 0 of {0} pages)",ResultToolTip:"[Page {0}]",SearchBoxValue:"Search for...",SearchButtonTitleBegin:"Search options",SearchButtonTitleEnd:"Clear search and other search options",NextButtonTitle:"Next Search Result",PrevButtonTitle:"Previous Search Result",SearchText:"Use the search box above to find text in your document.",SearchTextV2:"Search for a word or phrase in your document.",ReplaceText:"Search for a term in your document and enter the term that you would like to replace it with.",FindFilterLabelText:"({0})",FindMultipleFiltersLabelText:"({0}, {1})",SelectedSearchOption:"Selected search option: {0}",SelectedSearchOptions:"Selected search options: {0} and {1}",FindPlaceholderTooltip:"Search the {doctype} for...",MatchCa
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):215773
                                                                                                                          Entropy (8bit):5.515198392628102
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:AB7E707AA754C35BFC4584615566B727
                                                                                                                          SHA1:1AC9DEE3DDAEE2796033BEA54A903A3BF2143DA9
                                                                                                                          SHA-256:A1A37EDD2892A4625888FE731B2003A49CDC72B71356DB7BD267756D69CE1FEB
                                                                                                                          SHA-512:5FB08322B6690DEE16FB318D5889973BA9757380E0A64C9C0FF8B84710A06E9CA3877B9B5310970CAA7088750E4D65184C4420D7DE4EF9061FAC35ACFBB7E574
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://wise.public.cdn.office.net/wise/owl/owl.3e038441fedc18b6dd03.js
                                                                                                                          Preview:var Microsoft;!function(){"use strict";var t,e,n,o,r={3045:function(t,e,n){n.d(e,{h:function(){return s}});var o=n(72379),r=n(14521),i=n(39292),s=function(t){function e(){var e=null!==t&&t.apply(this,arguments)||this;return e.value=null,e.hasNext=!1,e.hasCompleted=!1,e}return o.C6(e,t),e.prototype.N=function(e){return this.hasError?(e.error(this.thrownError),i.y.EMPTY):this.hasCompleted&&this.hasNext?(e.next(this.value),e.complete(),i.y.EMPTY):t.prototype.N.call(this,e)},e.prototype.next=function(t){this.hasCompleted||(this.value=t,this.hasNext=!0)},e.prototype.error=function(e){this.hasCompleted||t.prototype.error.call(this,e)},e.prototype.complete=function(){this.hasCompleted=!0,this.hasNext&&t.prototype.next.call(this,this.value),t.prototype.complete.call(this)},e}(r.B7)},44739:function(t,e,n){n.d(e,{t:function(){return s}});var o=n(72379),r=n(14521),i=n(46624),s=function(t){function e(e){var n=t.call(this)||this;return n.tt=e,n}return o.C6(e,t),Object.defineProperty(e.prototype,"va
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (56317)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):56488
                                                                                                                          Entropy (8bit):5.180375236000278
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:BD24F8B61E933220D72D362DC8472107
                                                                                                                          SHA1:208EFB7BC467D61B98E0CC3C73B595D9B0F78B15
                                                                                                                          SHA-256:D3722938FC7526739207E751A194590B321CEA733CD36959C4C2F444BFF303B8
                                                                                                                          SHA-512:6AF99D115A96E0F86C172AC432D7E6E5289781FAC93E0F4C131B1F597BCF838FCCB0FBA2371E5F196A27945FDBB69876E3AE9FF5F6F55D1D70C8825E9DEE8456
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/d3722938fc752673/appresourceloader.min.js
                                                                                                                          Preview:var appResourceLoader;!function(){"use strict";var o,i,t,s,n={32324:function(o,i,t){i.Ts=function(o,i,s){n=o,a=s,t.p=i,c=!0},i.oL=function(o,i){const t=n(o,i);return(0,s.loadScript)(o,t,"anonymous",5,void 0,void 0,l)},i.nr=function(o){l=o},i.iP=function(o,i){return function t(s){if(!c)throw new Error("appResourceLoader not initialized");if(r.has(s))return r.get(s);const n=Date.now();let l=-1;const e=[];if(o[s]&&o[s].dependencies)for(const i of o[s].dependencies)e.push(t(i));let p;return p=0===e.length?i(s):Promise.all(e).then((()=>(l=Date.now()-n,i(s)))),p=p.then((o=>{if(a){let o=`Chunk ${s} loaded in ${Date.now()-n} ms`;-1!==l&&(o+=` (${l} ms for extra ${e.length} deps)`),a(512235483,306,50,o)}return o})).catch((o=>{throw a&&a(512235482,306,10,o),o})),r.set(s,p),p}};const s=t(66005);let n,a,l,c=!1;const r=new Map},66005:function(o,i){function t(o,i,s,n,a,l,c,r){return new Promise(((e,p)=>{const g=document.createElement("script");if(g.async=!1,l)try{g.src=l.createScriptURL(i)}catch{g.s
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (61177)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):113424
                                                                                                                          Entropy (8bit):5.2850742719795925
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:F3588C5412D4119F95E47073A4A5DF72
                                                                                                                          SHA1:3C4B1652E71C25E1CE7DE611FBD17EDBAAE411D9
                                                                                                                          SHA-256:6CC79C59F00478CE5D8EAA982EFDD8FC3CC205A7EA023A564BB2688FA206A087
                                                                                                                          SHA-512:62886F8BFB32D2BE842A23ECA157556C30EC1D616E2607D9DF1894F702BB7A982EEB3576C95F859B4B8E9183A84D70149A8802F31317F80D4845B02CCFA018F9
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
                                                                                                                          Preview:/*! Copyright (C) Microsoft Corporation. All rights reserved. *//*!.------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------..This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise...//-----------------------------------------------------------------------------.twbs-bootstrap-sass (3.3.0).//-----------------------------------------------------------------------------..The MIT License (MIT)..Copyright (c) 2013 Twitter, Inc..Permission is hereby granted, free of charge, to any person
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (55712)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):206042
                                                                                                                          Entropy (8bit):5.741192548619688
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:3C7448CF819F45A420415F23C4796347
                                                                                                                          SHA1:938F787AE9D8AA10B7D06F2A75CD7EBA140FA1C3
                                                                                                                          SHA-256:559F5D5CE98DCC1A1366F72A2949319DA2B97B501E145D223BC8EF224F922215
                                                                                                                          SHA-512:462B4419B2FE8EA88B5B0A37B7770BFEB7E4A0F696232E87E228EC1C4371A3079EA78A74D420472DAE880168878EBA24137D16FB60E984A8D65D8FAAD30612FC
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/versioned/suiteux-shell/7.1.7/js/suiteux.shell.core.js
                                                                                                                          Preview:var shellPerformance=window.performance,HighResolutionTimingSupported=!!shellPerformance&&"function"==typeof shellPerformance.mark;HighResolutionTimingSupported&&shellPerformance.mark("shell_core_start"),function(){var e,t,n,o,r,i={82595:function(e,t,n){"use strict";var o;n.d(t,{d:function(){return o}}),function(e){e.USGOV_DOD="https://pf.events.data.microsoft.com/OneCollector/1.0/",e.USGOV_DOJ="https://tb.events.data.microsoft.com/OneCollector/1.0/",e.PUBLIC="https://browser.events.data.microsoft.com/OneCollector/1.0/",e.CUSTOMER_CONTENT="",e.EUDB="https://eu-office.events.data.microsoft.com/OneCollector/1.0/"}(o||(o={}))},84184:function(e){e.exports="data:font/woff;charset=utf-8;base64,d09GRgABAAAAAEkgAA4AAAAAdUgABKj2AAAAAAAAAAAAAAAAAAAAAAAAAABPUy8yAAABRAAAAEgAAABgLuB/9WNtYXAAAAGMAAAB/wAABFqFlGebY3Z0IAAAA4wAAAAgAAAAKgnZCa9mcGdtAAADrAAAAPAAAAFZ/J7mjmdhc3AAAAScAAAADAAAAAwACAAbZ2x5ZgAABKgAAD3tAABgCCt0btFoZWFkAABCmAAAADYAAAA2LRkCQWhoZWEAAELQAAAAHQAAACQ3yjBmaG10eAAAQvAAAACNAAABsE2rJ4xsb2N
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:JSON data
                                                                                                                          Category:dropped
                                                                                                                          Size (bytes):18407
                                                                                                                          Entropy (8bit):4.935379864718282
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:D021B25C84E7615BC3CAB4D4B7C31652
                                                                                                                          SHA1:9C7E4B622D7AE42553781FEF1DA0227CC58F3916
                                                                                                                          SHA-256:3474C955EC1CD6CB5FAC1F3511A826277BB68E88C595EE90F91AF336282C7568
                                                                                                                          SHA-512:39FD996A5836D65BB2E5C76F467806BBC5C5D8787AF30301623EEA38EBB733C1A850B11C1219D6C7BBE6703570E2D73ACCDB6E3A384960FFEF733774FE6C8A08
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          Preview:{. "Microsoft": "Microsoft",. "FlexpaneCloseButton": "Close pane",. "Me_Header": "My account",. "MePhotoAriaLabel": "{0} {1} Current account's user photo",. "ChangePhotoAriaLabel": "{0} {1} Change the photo that appears in IM. This may open a new window.",. "MePhotoTitle": "Current account's user photo",. "ChangePhotoTitle": "Change the photo that appears in IM. This may open a new window.",. "AppLauncherAriaLabel": "App launcher opened",. "AppLauncherCloseAriaLabel": "Close the app launcher",. "AppLauncherHomeAriaLabel": "Microsoft 365, will be open in new tab",. "AppLauncherHomeAriaLabelM365Copilot": "Microsoft 365 Copilot, will be open in new tab",. "AppsModuleHeading": "Apps",. "Microsoft365": "Microsoft 365",. "Microsoft365Copilot": "Microsoft 365 Copilot",. "AppsModuleAllApps": "All apps",. "AppsModuleAllAppsTooltip": "Open all apps",. "AllViewGroupShowMore": "Show More",. "AllViewGroupShowLess": "Show Less",. "AllViewBack": "Back",. "AllViewNewGroupHeading":
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):728294
                                                                                                                          Entropy (8bit):4.977991464890781
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:3D5F9F75B467B8178DBA1E0D416E72DD
                                                                                                                          SHA1:07DCC9B52AD009831CFDFCFB0F203B54B4B70B04
                                                                                                                          SHA-256:535C7367E3DD0D01BD5E37CB86108DE67714C510E469FF781614D4A55CCBA429
                                                                                                                          SHA-512:9F025DE64BBFFCC40F488B54B77798A29557BE5335D00C32BB41BAFE5CAE753DB8764FC80A0D704576E413C1D0006B4FAA78AF65E5CA23737EAC75099D7B31F4
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/535c7367e3dd0d01/word-app-intl-fluent.min.js
                                                                                                                          Preview:"use strict";var WordRibbonStrings={About:"About",AboutFollowUps:"about Follow-ups",AboutFollowUpsLearnMore:"Learn more",AboutKeytip:"D",Above:"Above",AcceptAllChanges:"Accept All Changes",AcceptAllChangesKeytip:"B",AcceptChange:"Accept",AcceptChangeKeytip:"A2",AcceptChangeAndMoveToNext:"Accept and Move to Next",AcceptChangeAndMoveToNextKeytip:"A",Accessibility:"Accessibility",AccessibilityHelp:"Accessibility Help (Alt+Shift+A)",AccessibilityHelpDescription:"Find out about accessibility features in Word Online.",AccessibilityHelpKeytip:"A",AccessibilityMode:"Accessibility Mode",AccessibilityTab:"Accessibility",AccessibilityTabKeyTip:"A",AppHomeButtonAriaLabel:"Word, click to open Word home page",AppHomeButtonTooltip:"Word home",Citation:"Citations",CitationAndBibliography:"Citation & Bibliography",CitationKeytip:"C",Activity:"Edit Activity",ActivityContextMenuLabel:"Show new changes",AdaptiveGroupTitle:"Current Selection",AddCentreTabStop:"Add centre tab stop",AddInsKeytipPrefix:"Y",Ad
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (46812)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):142580
                                                                                                                          Entropy (8bit):5.430386774768669
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:5A2A1A6FAEA914D596DA56FF44E453C1
                                                                                                                          SHA1:B26BE3CD50E8B8E3BAFA8882DE78954A3ECCD6A6
                                                                                                                          SHA-256:E8857C2CB075AB946FAD114B17A3E4FDBFDB23E42DC9E6044D98C143E6D9568B
                                                                                                                          SHA-512:DD9E639BFCD0636D51DEBE2E814BE824835415D953A496AFD1DFA9FAC54B6A8F86BB85A18F041E1128755FD02DBC4A1F4D1E029C56B7936C7F0B214DD0F64F74
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://vhg.lillki.top/shared/1.0/content/js/BssoInterrupt_Core_9810YxmrLqOR1rQ4anyNMg2.js
                                                                                                                          Preview:/*!. * ------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------. * . * This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise.. * . * json2.js (2016-05-01). * https://github.com/douglascrockford/JSON-js. * License: Public Domain. * . * Provided for Informational Purposes Only. * . * ----------------------------------------------- END OF THIRD PARTY NOTICE ------------------------------------------. */!function(e){function t(t){for(var n,r,i=t[0],a=t[1],s=0,u=[];s<i.length;s++)
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (63604)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):130560
                                                                                                                          Entropy (8bit):5.272245687496742
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:ACDFECB80B06F30C59B48F9B2140E6F5
                                                                                                                          SHA1:C46873F855BDABF9943DA278813B53B4DD6FB6D6
                                                                                                                          SHA-256:CA46523D06A57712685B5C6B01430B530FE76F8FD5803179FCAA3466770E93A0
                                                                                                                          SHA-512:9BD579F55596F100C7A3723AE2345F3C43785BAF0576BFB5060F495FC8B7CCA3BD9FB43EA71B6F39FB68DFA82B80239A862E8186AD2956F2D4DFE1C971BEF293
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/files/sp-client/odsp.react/odsp.react.lib-9ea4d016.js
                                                                                                                          Preview:/*! For license information please see odsp.react.lib-9ea4d016.js.LICENSE.txt */.(self.odspNextWebpackJsonp=self.odspNextWebpackJsonp||[]).push([["odsp.react.lib"],{react_340:function(e){"use strict";var t=Object.getOwnPropertySymbols,n=Object.prototype.hasOwnProperty,a=Object.prototype.propertyIsEnumerable;function i(e){if(null==e)throw new TypeError("Object.assign cannot be called with null or undefined");return Object(e)}e.exports=function(){try{if(!Object.assign)return!1;var e=new String("abc");if(e[5]="de","5"===Object.getOwnPropertyNames(e)[0])return!1;for(var t={},n=0;n<10;n++)t["_"+String.fromCharCode(n)]=n;if("0123456789"!==Object.getOwnPropertyNames(t).map(function(e){return t[e]}).join(""))return!1;var a={};return"abcdefghijklmnopqrst".split("").forEach(function(e){a[e]=e}),"abcdefghijklmnopqrst"===Object.keys(Object.assign({},a)).join("")}catch(e){return!1}}()?Object.assign:function(e,r){for(var o,s,c=i(e),d=1;d<arguments.length;d++){for(var l in o=Object(arguments[d]))n.ca
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:Web Open Font Format, TrueType, length 3148, version 4.-22282
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):3148
                                                                                                                          Entropy (8bit):7.734343585376445
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:FC6E4E67A40B43F280596646588E78AA
                                                                                                                          SHA1:6726DC48C766723426F76D9A5CBFFC1F101CF698
                                                                                                                          SHA-256:FA38AA63FBC816A1B5D4848185BBB1ACB5410A2EE9BB1966DEE80682E460FDA8
                                                                                                                          SHA-512:2616DB52B04D347E793A5B050B510F2781665CAA8AD2A8825ED3FE2EF78C33FD01128186F71F12514951D46FAA3C5484FCDE39403F0FDDECE7D310DEFD0F186C
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/fa38aa63fbc816a1/sharedheaderplaceholder-icons.woff
                                                                                                                          Preview:wOFF.......L.......<........................OS/2...D...H...`1Y{.cmap.......V...z.m..cvt ....... ...*....fpgm...........Y...gasp................glyf...........H....head... ...2...6.P.@hhea...T.......$....hmtx...l............loca...............\maxp........... .'..name...............Upost........... .Q..prep............x...x.c`a_.8.....u..1...4.f...$..........@ ...........<...!$.X......... ..x.c```f.`..F..(....|... -. ..az..\....../.^..y..?.....;.'..$6Ht.M...........,...|....x.c.b.e(`h`X.......x............x.]..N.@..s$..'@:!.u*C....K$.%%...J.......n..b.........|.s...|v..G*)V.7........!O.6eaL.yV.e.j..kN..M.h....Lm....-b....p.N.m.v.....U<..#...O.}.K..,V..&...^...L.c.x.....?ug..l9e..Ns.D....D...K........m..A.M....a.....g.P..`....d.............x..T_H[W...{..5.X.M..!.5.&.[...>..$.Nc.b.*X,...a....XQ......B...B_Z...a/+}*.{.[.Z)...c.....+......9....w~.;..*...p.....Cq....J..nq... ....2......6qK...>.9....U...%..M..Rg..^.T?5E.h$..IBL..P,....*.'a...... .%..Do.M.R9.>Q.G.
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):95484
                                                                                                                          Entropy (8bit):5.359564766619115
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:131217D66150676EA9072525D43A9BD0
                                                                                                                          SHA1:A0CB4C81047FF3D28F806BA5F1BD5D3E5C295BE7
                                                                                                                          SHA-256:2570F8D0A57D5A28C99B578A47FDF48DA5DF2C70B3661817939C694C466F6A89
                                                                                                                          SHA-512:15BDB25F01674D80AA7F79B7B2A7D9788F46C2519687831A69486BF51E7D6DA1EC90E688B59FA009A82C2392443530391EA8A25119AFC056EFF9187426236C66
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://res-1.cdn.office.net/officeonline/hashed/2570f8d0a57d5a28/otel.worker.min.js
                                                                                                                          Preview:var otelWorker;!function(){"use strict";var n=function(e,t){return n=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(n,e){n.__proto__=e}||function(n,e){for(var t in e)Object.prototype.hasOwnProperty.call(e,t)&&(n[t]=e[t])},n(e,t)};function e(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function r(){this.constructor=e}n(e,t),e.prototype=null===t?Object.create(t):(r.prototype=t.prototype,new r)}var t=function(){return t=Object.assign||function(n){for(var e,t=1,r=arguments.length;t<r;t++)for(var i in e=arguments[t])Object.prototype.hasOwnProperty.call(e,i)&&(n[i]=e[i]);return n},t.apply(this,arguments)};Object.create,Object.create;var r,i=(r=[],{fireEvent:function(n){r.forEach((function(e){return e(n)}))},addListener:function(n){n&&r.push(n)}});function a(n,e,t){i.fireEvent({level:n,category:e,message:t})}function o(n,e,t){a(0,n,(function(){var n=t instanceof Error?t.message:"";return"".concat(
                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (32209)
                                                                                                                          Category:downloaded
                                                                                                                          Size (bytes):58645
                                                                                                                          Entropy (8bit):5.369827766734305
                                                                                                                          Encrypted:false
                                                                                                                          SSDEEP:
                                                                                                                          MD5:AF54A0E6CC4B28B24939ADB68552B4E2
                                                                                                                          SHA1:B68E6AB4E26172814A836079305EC9AF8257D0E1
                                                                                                                          SHA-256:7596A378126999C31D87AA95072F6068D3CC587F05A4088015079EEDF73678A6
                                                                                                                          SHA-512:7B75B9E49543F0C4ED57BC57DF9ED02473866CD7D38EC77762A3C68C1AEE205969F27DDB262ED24F137625719AACB86176B2C9BB3E263CF5361B6735D4E160FC
                                                                                                                          Malicious:false
                                                                                                                          Reputation:unknown
                                                                                                                          URL:https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_r1sg5sxlkljjoa22hvk04g2.js
                                                                                                                          Preview:!function(e){function o(n){if(i[n])return i[n].exports;var r=i[n]={exports:{},id:n,loaded:!1};return e[n].call(r.exports,r,r.exports,o),r.loaded=!0,r.exports}var i={};return o.m=e,o.c=i,o.p="",o(0)}([function(e,o,i){i(2);var n=i(1),r=i(5),t=i(6),a=t.StringsVariantId,s=t.AllowedIdentitiesType;n.registerSource("str",function(e,o){if(e.WF_STR_SignupLink_AriaLabel_Text="Create a Microsoft account",e.WF_STR_SignupLink_AriaLabel_Generic_Text="Create a new account",e.CT_STR_CookieBanner_Link_AriaLabel="Learn more about Microsoft's Cookie Policy",e.WF_STR_HeaderDefault_Title=o.iLoginStringsVariantId===a.CombinedSigninSignupV2WelcomeTitle?"Welcome":"Sign in",e.STR_Footer_IcpLicense_Text=".ICP.13015306.-10",o.oAppCobranding&&o.oAppCobranding.friendlyAppName){var i=o.fBreakBrandingSigninString?"to continue to {0}":"Continue to {0}";e.WF_STR_App_Title=r.format(i,o.oAppCobranding.friendlyAppName)}switch(o.oAppCobranding&&o.oAppCobranding.signinDescription&&(e.WF_STR_Default_Desc=o.oAppCobrand
                                                                                                                          File type:Microsoft Word 2007+
                                                                                                                          Entropy (8bit):7.573798059606315
                                                                                                                          TrID:
                                                                                                                          • Word Microsoft Office Open XML Format document (49504/1) 58.23%
                                                                                                                          • Word Microsoft Office Open XML Format document (27504/1) 32.35%
                                                                                                                          • ZIP compressed archive (8000/1) 9.41%
                                                                                                                          File name:Illinois Central College 2025-03-19.docx
                                                                                                                          File size:92'238 bytes
                                                                                                                          MD5:1af9ddeb26dd7057dd39d7f575cabb7c
                                                                                                                          SHA1:4cbdebea46f3bb725d861ffbe57e1a412afb371c
                                                                                                                          SHA256:af74e5ff7a7cf6edd763c12c1b804a36c4e4771d27ee47ac112e0f3a1e7fcea0
                                                                                                                          SHA512:7ac01eadd42d94a8bcb70adab9ad13c711937eed351999ec1bd01c83001fa0c78527e3fdf987f1d3094224457fb2cb1b452f735cfcdac64bd685a8812331e18a
                                                                                                                          SSDEEP:1536:MoZpiiw6jF70vINXGQtMfHog7FmE7WVbqITtNrvOzNuPouHl3r17:M+piiw6jqvINWQtMfN7YYYqITtNjOhUj
                                                                                                                          TLSH:8193E0B97F83E89DC604B9BC6AE34035B7A22815337BDD4D49E5AF171AC2783427131A
                                                                                                                          File Content Preview:PK..........!.....g...S.......[Content_Types].xml ...(.........................................................................................................................................................................................................
                                                                                                                          Icon Hash:35e5c48caa8a8599
                                                                                                                          Document Type:OpenXML
                                                                                                                          Number of OLE Files:1
                                                                                                                          Has Summary Info:
                                                                                                                          Application Name:
                                                                                                                          Encrypted Document:False
                                                                                                                          Contains Word Document Stream:True
                                                                                                                          Contains Workbook/Book Stream:False
                                                                                                                          Contains PowerPoint Document Stream:False
                                                                                                                          Contains Visio Document Stream:False
                                                                                                                          Contains ObjectPool Stream:False
                                                                                                                          Flash Objects Count:0
                                                                                                                          Contains VBA Macros:False