Click to jump to signature section
Source: https://keenetownhall-my.sharepoint.com/:b:/g/personal/amanda_keenetownhall_org/ESKbqbSIMj5ElsbdsfaEg7oBgkFm5H_JqS97uaySzVhJDQ?e=KMMz4y | SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social usering |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html | Matcher: Template: microsoft matched with high similarity |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html# | Matcher: Template: microsoft matched with high similarity |
Source: Yara match | File source: 2.8.pages.csv, type: HTML |
Source: Yara match | File source: 1.7.pages.csv, type: HTML |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html | Matcher: Found strong image similarity, brand: MICROSOFT |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html | Matcher: Template: microsoft matched |
Source: Chrome DOM: 0.4 | OCR Text: View and Print Online.pdf Info 1/1 OneDrive for Business Ton R shared a folder with Here' s the folder Tonya Reynoldson shared with you. sent to ym to gott sensitive Date created: 04/17/2024 09:30 AM Ref: Review 9wed Dxurrentsfrom Tcnya Reynoldsm "Click View and Print Online" a. for Windows |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html | HTTP Parser: Number of links: 0 |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html | HTTP Parser: <input type="password" .../> found but no <form action="... |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html | HTTP Parser: Total embedded image size: 31111 |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html | HTTP Parser: Base64 decoded: https://ayraslaw.com/100/3ce2c03.php |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html | HTTP Parser: Title: Sign in to Best Productivity Provider! does not match URL |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html | HTTP Parser: Invalid link: Forgot my password |
Source: Chrome DOM: 0.4 | ML Model on OCR Text: Matched 99.6% probability on "View and Print Online.pdf Info 1/1 OneDrive for Business Ton R shared a folder with Here' s the folder Tonya Reynoldson shared with you. sent to ym to gott sensitive Date created: 04/17/2024 09:30 AM Ref: Review 9wed Dxurrentsfrom Tcnya Reynoldsm "Click View and Print Online" a. for Windows " |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html | HTTP Parser: <input type="password" .../> found |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html | HTTP Parser: No favicon |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html | HTTP Parser: No <meta name="author".. found |
Source: https://constructionscontractor-applicationdraw9783.us-iad-1.linodeobjects.com/0nedrivedoc.html | HTTP Parser: No <meta name="copyright".. found |
Source: unknown | HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49816 version: TLS 1.0 |
Source: unknown | HTTPS traffic detected: 52.159.126.152:443 -> 192.168.2.6:49719 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.6:49734 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.6:49739 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 52.159.126.152:443 -> 192.168.2.6:49765 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.6:49787 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 52.159.126.152:443 -> 192.168.2.6:49863 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 52.159.126.152:443 -> 192.168.2.6:49999 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.6:50079 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 52.159.126.152:443 -> 192.168.2.6:50128 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 52.159.126.152:443 -> 192.168.2.6:50263 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49816 version: TLS 1.0 |
Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 184.31.62.93 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.126.152 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.114.59.183 |
Source: global traffic | HTTP traffic detected: GET /:b:/g/personal/amanda_keenetownhall_org/ESKbqbSIMj5ElsbdsfaEg7oBgkFm5H_JqS97uaySzVhJDQ?e=KMMz4y HTTP/1.1Host: keenetownhall-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /personal/amanda_keenetownhall_org/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Famanda%5Fkeenetownhall%5Forg%2FDocuments%2FView%20and%20Print%20Online%20Nebraska%2FView%20and%20Print%20Online%2Epdf&parent=%2Fpersonal%2Famanda%5Fkeenetownhall%5Forg%2FDocuments%2FView%20and%20Print%20Online%20Nebraska&ga=1 HTTP/1.1Host: keenetownhall-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk2MjE0NmIzMWJjNzBkZTZlZjA1NGU1MmQzOTgyYjFiNTA5MTA5OTBiYWU1NzcwMTI5OTRjZDMzZWE1ZTQ0YTcsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTYyMTQ2YjMxYmM3MGRlNmVmMDU0ZTUyZDM5ODJiMWI1MDkxMDk5MGJhZTU3NzAxMjk5NGNkMzNlYTVlNDRhNywxMzM1ODAyOTIxNDAwMDAwMDAsMCwxMzM1ODExNTMxNDgyNjIyOTAsMC4wLjAuMCwyNTgsMTg2MWIxY2QtNjM0Mi00MTdiLWE4ZDktYjlkMGQzMmY1MWM5LCwsN2VhMDIwYTEtZDBmZS01MDAwLTI4ZjYtNDNhNWViM2M2NWM4LDdlYTAyMGExLWQwZmUtNTAwMC0yOGY2LTQzYTVlYjNjNjVjOCxsZTdmUTMzMDkwU0dsejBEZlpRMW9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2ODcsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LFErekRYTDVHYndWQ3B0bXpxWGpuc2FZV3puNmJnai9VRDc3MERtZ285VythU2V3VXR4WlJhUDNHdXdDb3hlVnN2UU9aVzFENU9lSUpuZTRWVjRzZzR4UmxQMnZGQlJPNzJnR2dVTWpoZkh5WnlCNThvUENTajB3Zjk0emJLNkNyTlc3TnJ4QXJqUjEvczRBRXE3VEVUREYycXlaL2ZMenU4K0VJZUlCMUNjc0VxSElFZHU0U2dCbUpERzdMM0VpbW5iblpuZ3c1Y0JDbmhSa2VYSzI3K3NBQXF3K21HU09VWFJOQVhkZG4wMVkwajhSanRaMVZ2NHVrTXhLTXExVCtwbEZ6VTV0cXlOL0dMWFVQYVN0dnNtcUY4OFExQ0NJdGsvMk9vZThBUmxESWVIbDVodi9zaDFxZEk2Vks2UllyWmtCWWxVZ292TjBJYlhlblJySmZEZz09PC9TUD4= |
Source: global traffic | HTTP traffic detected: GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1Host: keenetownhall-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk2MjE0NmIzMWJjNzBkZTZlZjA1NGU1MmQzOTgyYjFiNTA5MTA5OTBiYWU1NzcwMTI5OTRjZDMzZWE1ZTQ0YTcsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTYyMTQ2YjMxYmM3MGRlNmVmMDU0ZTUyZDM5ODJiMWI1MDkxMDk5MGJhZTU3NzAxMjk5NGNkMzNlYTVlNDRhNywxMzM1ODAyOTIxNDAwMDAwMDAsMCwxMzM1ODExNTMxNDgyNjIyOTAsMC4wLjAuMCwyNTgsMTg2MWIxY2QtNjM0Mi00MTdiLWE4ZDktYjlkMGQzMmY1MWM5LCwsN2VhMDIwYTEtZDBmZS01MDAwLTI4ZjYtNDNhNWViM2M2NWM4LDdlYTAyMGExLWQwZmUtNTAwMC0yOGY2LTQzYTVlYjNjNjVjOCxsZTdmUTMzMDkwU0dsejBEZlpRMW9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2ODcsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LFErekRYTDVHYndWQ3B0bXpxWGpuc2FZV3puNmJnai9VRDc3MERtZ285VythU2V3VXR4WlJhUDNHdXdDb3hlVnN2UU9aVzFENU9lSUpuZTRWVjRzZzR4UmxQMnZGQlJPNzJnR2dVTWpoZkh5WnlCNThvUENTajB3Zjk0emJLNkNyTlc3TnJ4QXJqUjEvczRBRXE3VEVUREYycXlaL2ZMenU4K0VJZUlCMUNjc0VxSElFZHU0U2dCbUpERzdMM0VpbW5iblpuZ3c1Y0JDbmhSa2VYSzI3K3NBQXF3K21HU09VWFJOQVhkZG4wMVkwajhSanRaMVZ2NHVrTXhLTXExVCtwbEZ6VTV0cXlOL0dMWFVQYVN0dnNtcUY4OFExQ0NJdGsvMk9vZThBUmxESWVIbDVodi9zaDFxZEk2Vks2UllyWmtCWWxVZ292TjBJYlhlblJySmZEZz09PC9TUD4= |
Source: global traffic | HTTP traffic detected: GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1Host: keenetownhall-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk2MjE0NmIzMWJjNzBkZTZlZjA1NGU1MmQzOTgyYjFiNTA5MTA5OTBiYWU1NzcwMTI5OTRjZDMzZWE1ZTQ0YTcsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTYyMTQ2YjMxYmM3MGRlNmVmMDU0ZTUyZDM5ODJiMWI1MDkxMDk5MGJhZTU3NzAxMjk5NGNkMzNlYTVlNDRhNywxMzM1ODAyOTIxNDAwMDAwMDAsMCwxMzM1ODExNTMxNDgyNjIyOTAsMC4wLjAuMCwyNTgsMTg2MWIxY2QtNjM0Mi00MTdiLWE4ZDktYjlkMGQzMmY1MWM5LCwsN2VhMDIwYTEtZDBmZS01MDAwLTI4ZjYtNDNhNWViM2M2NWM4LDdlYTAyMGExLWQwZmUtNTAwMC0yOGY2LTQzYTVlYjNjNjVjOCxsZTdmUTMzMDkwU0dsejBEZlpRMW9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2ODcsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LFErekRYTDVHYndWQ3B0bXpxWGpuc2FZV3puNmJnai9VRDc3MERtZ285VythU2V3VXR4WlJhUDNHdXdDb3hlVnN2UU9aVzFENU9lSUpuZTRWVjRzZzR4UmxQMnZGQlJPNzJnR2dVTWpoZkh5WnlCNThvUENTajB3Zjk0emJLNkNyTlc3TnJ4QXJqUjEvczRBRXE3VEVUREYycXlaL2ZMenU4K0VJZUlCMUNjc0VxSElFZHU0U2dCbUpERzdMM0VpbW5iblpuZ3c1Y0JDbmhSa2VYSzI3K3NBQXF3K21HU09VWFJOQVhkZG4wMVkwajhSanRaMVZ2NHVrTXhLTXExVCtwbEZ6VTV0cXlOL0dMWFVQYVN0dnNtcUY4OFExQ0NJdGsvMk9vZThBUmxESWVIbDVodi9zaDFxZEk2Vks2UllyWmtCWWxVZ292TjBJYlhlblJySmZEZz09PC9TUD4= |
Source: global traffic | HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic | HTTP traffic detected: GET /personal/amanda_keenetownhall_org/_api/v2.1/graphql HTTP/1.1Host: keenetownhall-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk2MjE0NmIzMWJjNzBkZTZlZjA1NGU1MmQzOTgyYjFiNTA5MTA5OTBiYWU1NzcwMTI5OTRjZDMzZWE1ZTQ0YTcsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTYyMTQ2YjMxYmM3MGRlNmVmMDU0ZTUyZDM5ODJiMWI1MDkxMDk5MGJhZTU3NzAxMjk5NGNkMzNlYTVlNDRhNywxMzM1ODAyOTIxNDAwMDAwMDAsMCwxMzM1ODExNTMxNDgyNjIyOTAsMC4wLjAuMCwyNTgsMTg2MWIxY2QtNjM0Mi00MTdiLWE4ZDktYjlkMGQzMmY1MWM5LCwsN2VhMDIwYTEtZDBmZS01MDAwLTI4ZjYtNDNhNWViM2M2NWM4LDdlYTAyMGExLWQwZmUtNTAwMC0yOGY2LTQzYTVlYjNjNjVjOCxsZTdmUTMzMDkwU0dsejBEZlpRMW9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2ODcsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LFErekRYTDVHYndWQ3B0bXpxWGpuc2FZV3puNmJnai9VRDc3MERtZ285VythU2V3VXR4WlJhUDNHdXdDb3hlVnN2UU9aVzFENU9lSUpuZTRWVjRzZzR4UmxQMnZGQlJPNzJnR2dVTWpoZkh5WnlCNThvUENTajB3Zjk0emJLNkNyTlc3TnJ4QXJqUjEvczRBRXE3VEVUREYycXlaL2ZMenU4K0VJZUlCMUNjc0VxSElFZHU0U2dCbUpERzdMM0VpbW5iblpuZ3c1Y0JDbmhSa2VYSzI3K3NBQXF3K21HU09VWFJOQVhkZG4wMVkwajhSanRaMVZ2NHVrTXhLTXExVCtwbEZ6VTV0cXlOL0dMWFVQYVN0dnNtcUY4OFExQ0NJdGsvMk9vZThBUmxESWVIbDVodi9zaDFxZEk2Vks2UllyWmtCWWxVZ292TjBJYlhlblJySmZEZz09PC9TUD4= |
Source: global traffic | HTTP traffic detected: GET /_layouts/15/images/odbfavicon.ico?rev=47 HTTP/1.1Host: keenetownhall-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://keenetownhall-my.sharepoint.com/personal/amanda_keenetownhall_org/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Famanda%5Fkeenetownhall%5Forg%2FDocuments%2FView%20and%20Print%20Online%20Nebraska%2FView%20and%20Print%20Online%2Epdf&parent=%2Fpersonal%2Famanda%5Fkeenetownhall%5Forg%2FDocuments%2FView%20and%20Print%20Online%20Nebraska&ga=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk2MjE0NmIzMWJjNzBkZTZlZjA1NGU1MmQzOTgyYjFiNTA5MTA5OTBiYWU1NzcwMTI5OTRjZDMzZWE1ZTQ0YTcsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTYyMTQ2YjMxYmM3MGRlNmVmMDU0ZTUyZDM5ODJiMWI1MDkxMDk5MGJhZTU3NzAxMjk5NGNkMzNlYTVlNDRhNywxMzM1ODAyOTIxNDAwMDAwMDAsMCwxMzM1ODExNTMxNDgyNjIyOTAsMC4wLjAuMCwyNTgsMTg2MWIxY2QtNjM0Mi00MTdiLWE4ZDktYjlkMGQzMmY1MWM5LCwsN2VhMDIwYTEtZDBmZS01MDAwLTI4ZjYtNDNhNWViM2M2NWM4LDdlYTAyMGExLWQwZmUtNTAwMC0yOGY2LTQzYTVlYjNjNjVjOCxsZTdmUTMzMDkwU0dsejBEZlpRMW9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2ODcsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LFErekRYTDVHYndWQ3B0bXpxWGpuc2FZV3puNmJnai9VRDc3MERtZ285VythU2V3VXR4WlJhUDNHdXdDb3hlVnN2UU9aVzFENU9lSUpuZTRWVjRzZzR4UmxQMnZGQlJPNzJnR2dVTWpoZkh5WnlCNThvUENTajB3Zjk0emJLNkNyTlc3TnJ4QXJqUjEvczRBRXE3VEVUREYycXlaL2ZMenU4K0VJZUlCMUNjc0VxSElFZHU0U2dCbUpERzdMM0VpbW5iblpuZ3c1Y0JDbmhSa2VYSzI3K3NBQXF3K21HU09VWFJOQVhkZG4wMVkwajhSanRaMVZ2NHVrTXhLTXExVCtwbEZ6VTV0cXlOL0dMWFVQYVN0dnNtcUY4OFExQ0NJdGsvMk9vZThBUmxESWVIbDVodi9zaDFxZEk2Vks2UllyWmtCWWxVZ292TjBJYlhlblJySmZEZz09PC9TUD4= |
Source: global traffic | HTTP traffic detected: GET /_layouts/15/images/odbfavicon.ico?rev=47 HTTP/1.1Host: keenetownhall-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk2MjE0NmIzMWJjNzBkZTZlZjA1NGU1MmQzOTgyYjFiNTA5MTA5OTBiYWU1NzcwMTI5OTRjZDMzZWE1ZTQ0YTcsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTYyMTQ2YjMxYmM3MGRlNmVmMDU0ZTUyZDM5ODJiMWI1MDkxMDk5MGJhZTU3NzAxMjk5NGNkMzNlYTVlNDRhNywxMzM1ODAyOTIxNDAwMDAwMDAsMCwxMzM1ODExNTMxNDgyNjIyOTAsMC4wLjAuMCwyNTgsMTg2MWIxY2QtNjM0Mi00MTdiLWE4ZDktYjlkMGQzMmY1MWM5LCwsN2VhMDIwYTEtZDBmZS01MDAwLTI4ZjYtNDNhNWViM2M2NWM4LDdlYTAyMGExLWQwZmUtNTAwMC0yOGY2LTQzYTVlYjNjNjVjOCxsZTdmUTMzMDkwU0dsejBEZlpRMW9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2ODcsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LFErekRYTDVHYndWQ3B0bXpxWGpuc2FZV3puNmJnai9VRDc3MERtZ285VythU2V3VXR4WlJhUDNHdXdDb3hlVnN2UU9aVzFENU9lSUpuZTRWVjRzZzR4UmxQMnZGQlJPNzJnR2dVTWpoZkh5WnlCNThvUENTajB3Zjk0emJLNkNyTlc3TnJ4QXJqUjEvczRBRXE3VEVUREYycXlaL2ZMenU4K0VJZUlCMUNjc0VxSElFZHU0U2dCbUpERzdMM0VpbW5iblpuZ3c1Y0JDbmhSa2VYSzI3K3NBQXF3K21HU09VWFJOQVhkZG4wMVkwajhSanRaMVZ2NHVrTXhLTXExVCtwbEZ6VTV0cXlOL0dMWFVQYVN0dnNtcUY4OFExQ0NJdGsvMk9vZThBUmxESWVIbDVodi9zaDFxZEk2Vks2UllyWmtCWWxVZ292TjBJYlhlblJySmZEZz09PC9TUD4= |
Source: global traffic | HTTP traffic detected: GET /personal/amanda_keenetownhall_org/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Famanda%5Fkeenetownhall%5Forg%2FDocuments%27&TryNewExperienceSingle=TRUE HTTP/1.1Host: keenetownhall-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk2MjE0NmIzMWJjNzBkZTZlZjA1NGU1MmQzOTgyYjFiNTA5MTA5OTBiYWU1NzcwMTI5OTRjZDMzZWE1ZTQ0YTcsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTYyMTQ2YjMxYmM3MGRlNmVmMDU0ZTUyZDM5ODJiMWI1MDkxMDk5MGJhZTU3NzAxMjk5NGNkMzNlYTVlNDRhNywxMzM1ODAyOTIxNDAwMDAwMDAsMCwxMzM1ODExNTMxNDgyNjIyOTAsMC4wLjAuMCwyNTgsMTg2MWIxY2QtNjM0Mi00MTdiLWE4ZDktYjlkMGQzMmY1MWM5LCwsN2VhMDIwYTEtZDBmZS01MDAwLTI4ZjYtNDNhNWViM2M2NWM4LDdlYTAyMGExLWQwZmUtNTAwMC0yOGY2LTQzYTVlYjNjNjVjOCxsZTdmUTMzMDkwU0dsejBEZlpRMW9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2ODcsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LFErekRYTDVHYndWQ3B0bXpxWGpuc2FZV3puNmJnai9VRDc3MERtZ285VythU2V3VXR4WlJhUDNHdXdDb3hlVnN2UU9aVzFENU9lSUpuZTRWVjRzZzR4UmxQMnZGQlJPNzJnR2dVTWpoZkh5WnlCNThvUENTajB3Zjk0emJLNkNyTlc3TnJ4QXJqUjEvczRBRXE3VEVUREYycXlaL2ZMenU4K0VJZUlCMUNjc0VxSElFZHU0U2dCbUpERzdMM0VpbW5iblpuZ3c1Y0JDbmhSa2VYSzI3K3NBQXF3K21HU09VWFJOQVhkZG4wMVkwajhSanRaMVZ2NHVrTXhLTXExVCtwbEZ6VTV0cXlOL0dMWFVQYVN0dnNtcUY4OFExQ0NJdGsvMk9vZThBUmxESWVIbDVodi9zaDFxZEk2Vks2UllyWmtCWWxVZ292TjBJYlhlblJySmZEZz09PC9TUD4= |
Source: global traffic | HTTP traffic detected: GET /personal/amanda_keenetownhall_org/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Famanda%5Fkeenetownhall%5Forg%2FDocuments%27&RootFolder=%2Fpersonal%2Famanda%5Fkeenetownhall%5Forg%2FDocuments%2FView%20and%20Print%20Online%20Nebraska&TryNewExperienceSingle=TRUE HTTP/1.1Host: keenetownhall-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk2MjE0NmIzMWJjNzBkZTZlZjA1NGU1MmQzOTgyYjFiNTA5MTA5OTBiYWU1NzcwMTI5OTRjZDMzZWE1ZTQ0YTcsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTYyMTQ2YjMxYmM3MGRlNmVmMDU0ZTUyZDM5ODJiMWI1MDkxMDk5MGJhZTU3NzAxMjk5NGNkMzNlYTVlNDRhNywxMzM1ODAyOTIxNDAwMDAwMDAsMCwxMzM1ODExNTMxNDgyNjIyOTAsMC4wLjAuMCwyNTgsMTg2MWIxY2QtNjM0Mi00MTdiLWE4ZDktYjlkMGQzMmY1MWM5LCwsN2VhMDIwYTEtZDBmZS01MDAwLTI4ZjYtNDNhNWViM2M2NWM4LDdlYTAyMGExLWQwZmUtNTAwMC0yOGY2LTQzYTVlYjNjNjVjOCxsZTdmUTMzMDkwU0dsejBEZlpRMW9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2ODcsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LFErekRYTDVHYndWQ3B0bXpxWGpuc2FZV3puNmJnai9VRDc3MERtZ285VythU2V3VXR4WlJhUDNHdXdDb3hlVnN2UU9aVzFENU9lSUpuZTRWVjRzZzR4UmxQMnZGQlJPNzJnR2dVTWpoZkh5WnlCNThvUENTajB3Zjk0emJLNkNyTlc3TnJ4QXJqUjEvczRBRXE3VEVUREYycXlaL2ZMenU4K0VJZUlCMUNjc0VxSElFZHU0U2dCbUpERzdMM0VpbW5iblpuZ3c1Y0JDbmhSa2VYSzI3K3NBQXF3K21HU09VWFJOQVhkZG4wMVkwajhSanRaMVZ2NHVrTXhLTXExVCtwbEZ6VTV0cXlOL0dMWFVQYVN0dnNtcUY4OFExQ0NJdGsvMk9vZThBUmxESWVIbDVodi9zaDFxZEk2Vks2UllyWmtCWWxVZ292TjBJYlhlblJySmZEZz09PC9TUD4= |
Source: global traffic | HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=XWS+mr+Oaxraf8K&MD=yzRpTBCn HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com |
Source: global traffic | HTTP traffic detected: GET /_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%5D&defaultBrotli=true&authenticateFast=true&wwData=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099649,3]&spStartApplicationWebBundle=true&enableIntegrities=true HTTP/1.1Host: keenetownhall-my.sharepoint.comConnection: keep-aliveCache-Control: max-age=0Accept: */*Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://keenetownhall-my.sharepoint.com/personal/amanda_keenetownhall_org/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Famanda%5Fkeenetownhall%5Forg%2FDocuments%2FView%20and%20Print%20Online%20Nebraska%2FView%20and%20Print%20Online%2Epdf&parent=%2Fpersonal%2Famanda%5Fkeenetownhall%5Forg%2FDocuments%2FView%20and%20Print%20Online%20Nebraska&ga=1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzk2MjE0NmIzMWJjNzBkZTZlZjA1NGU1MmQzOTgyYjFiNTA5MTA5OTBiYWU1NzcwMTI5OTRjZDMzZWE1ZTQ0YTcsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jOTYyMTQ2YjMxYmM3MGRlNmVmMDU0ZTUyZDM5ODJiMWI1MDkxMDk5MGJhZTU3NzAxMjk5NGNkMzNlYTVlNDRhNywxMzM1ODAyOTIxNDAwMDAwMDAsMCwxMzM1ODExNTMxNDgyNjIyOTAsMC4wLjAuMCwyNTgsMTg2MWIxY2QtNjM0Mi00MTdiLWE4ZDktYjlkMGQzMmY1MWM5LCwsN2VhMDIwYTEtZDBmZS01MDAwLTI4ZjYtNDNhNWViM2M2NWM4LDdlYTAyMGExLWQwZmUtNTAwMC0yOGY2LTQzYTVlYjNjNjVjOCxsZTdmUTMzMDkwU0dsejBEZlpRMW9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2ODcsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LFErekRYTDVHYndWQ3B0bXpxWGpuc2FZV3puNmJnai9VRDc3MERtZ285VythU2V3VXR4WlJhUDNHdXdDb3hlVnN2UU9aVzFENU9lSUpuZTRWVjRzZzR4UmxQMnZGQlJPNzJnR2dVTWpoZkh5WnlCNThvUENTajB3Zjk0emJLNkNyTlc3TnJ4QXJqUjEvczRBRXE3VEVUREYycXlaL2ZMenU4K0VJZUlCMUNjc0VxSElFZHU0U2dCbUpERzdMM0VpbW5iblpuZ3c1Y0JDbmhSa2VYSzI3K3NBQXF3K21HU09VWFJOQVhkZG4wMVkwajhSanRaMVZ2NHVrTX |