Source: https://belovedkittenrescue.com |
Matcher: Template: microsoft matched with high similarity |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true |
Matcher: Template: microsoft matched with high similarity |
Source: Yara match |
File source: 1.5.pages.csv, type: HTML |
Source: Yara match |
File source: 2.6.pages.csv, type: HTML |
Source: Yara match |
File source: 2.7.pages.csv, type: HTML |
Source: Yara match |
File source: 2.11.pages.csv, type: HTML |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true |
Matcher: Found strong image similarity, brand: MICROSOFT |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv |
Matcher: Template: microsoft matched |
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26mkt%3dEN-US%26opid%3d4796DC2E20C549C9%26opidt%3d1713563522%26uaid%3da67d96ca27dd4840a2c4a24b8295837e%26contextid%3dC6B7CECBF7EF37A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&uaid=a67d96ca27dd4840a2c4a24b8295837e&suc=4765445b-32c6-49b0-83e6-1d93765276ca&lic=1 |
HTTP Parser: Iframe src: https://fpt.live.com/?session_id=a67d96ca27dd4840a2c4a24b8295837e&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU&mkt=EN-US |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0 |
HTTP Parser: Number of links: 0 |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true |
HTTP Parser: Number of links: 0 |
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26mkt%3dEN-US%26opid%3d4796DC2E20C549C9%26opidt%3d1713563522%26uaid%3da67d96ca27dd4840a2c4a24b8295837e%26contextid%3dC6B7CECBF7EF37A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&uaid=a67d96ca27dd4840a2c4a24b8295837e&suc=4765445b-32c6-49b0-83e6-1d93765276ca&lic=1 |
HTTP Parser: Number of links: 0 |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0 |
HTTP Parser: Title: Redirecting does not match URL |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true |
HTTP Parser: Title: Sign in to your account does not match URL |
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26mkt%3dEN-US%26opid%3d4796DC2E20C549C9%26opidt%3d1713563522%26uaid%3da67d96ca27dd4840a2c4a24b8295837e%26contextid%3dC6B7CECBF7EF37A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&uaid=a67d96ca27dd4840a2c4a24b8295837e&suc=4765445b-32c6-49b0-83e6-1d93765276ca&lic=1 |
HTTP Parser: Title: Create account does not match URL |
Source: Chrome DOM: 0.4 |
ML Model on OCR Text: Matched 96.6% probability on "contract.pdf Info 1/1 DOCUMENT IS PRIVATE C.I .1CK TO IJM .OC.K Note: This Document was shared via Office365 and registered as private. Recipients " |
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26mkt%3dEN-US%26opid%3d4796DC2E20C549C9%26opidt%3d1713563522%26uaid%3da67d96ca27dd4840a2c4a24b8295837e%26contextid%3dC6B7CECBF7EF37A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&uaid=a67d96ca27dd4840a2c4a24b8295837e&suc=4765445b-32c6-49b0-83e6-1d93765276ca&lic=1 |
HTTP Parser: On click: OnBack(); return false; |
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26mkt%3dEN-US%26opid%3d4796DC2E20C549C9%26opidt%3d1713563522%26uaid%3da67d96ca27dd4840a2c4a24b8295837e%26contextid%3dC6B7CECBF7EF37A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&uaid=a67d96ca27dd4840a2c4a24b8295837e&suc=4765445b-32c6-49b0-83e6-1d93765276ca&lic=1 |
HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick(); |
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26mkt%3dEN-US%26opid%3d4796DC2E20C549C9%26opidt%3d1713563522%26uaid%3da67d96ca27dd4840a2c4a24b8295837e%26contextid%3dC6B7CECBF7EF37A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&uaid=a67d96ca27dd4840a2c4a24b8295837e&suc=4765445b-32c6-49b0-83e6-1d93765276ca&lic=1 |
HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick(); |
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26mkt%3dEN-US%26opid%3d4796DC2E20C549C9%26opidt%3d1713563522%26uaid%3da67d96ca27dd4840a2c4a24b8295837e%26contextid%3dC6B7CECBF7EF37A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&uaid=a67d96ca27dd4840a2c4a24b8295837e&suc=4765445b-32c6-49b0-83e6-1d93765276ca&lic=1 |
HTTP Parser: On click: OnBack(); return false; |
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26mkt%3dEN-US%26opid%3d4796DC2E20C549C9%26opidt%3d1713563522%26uaid%3da67d96ca27dd4840a2c4a24b8295837e%26contextid%3dC6B7CECBF7EF37A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&uaid=a67d96ca27dd4840a2c4a24b8295837e&suc=4765445b-32c6-49b0-83e6-1d93765276ca&lic=1 |
HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick(); |
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26mkt%3dEN-US%26opid%3d4796DC2E20C549C9%26opidt%3d1713563522%26uaid%3da67d96ca27dd4840a2c4a24b8295837e%26contextid%3dC6B7CECBF7EF37A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&uaid=a67d96ca27dd4840a2c4a24b8295837e&suc=4765445b-32c6-49b0-83e6-1d93765276ca&lic=1 |
HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick(); |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true |
HTTP Parser: <input type="password" .../> found |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0 |
HTTP Parser: No favicon |
Source: https://fpt.live.com/?session_id=a67d96ca27dd4840a2c4a24b8295837e&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU&mkt=EN-US |
HTTP Parser: No favicon |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0 |
HTTP Parser: No <meta name="author".. found |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true |
HTTP Parser: No <meta name="author".. found |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true |
HTTP Parser: No <meta name="author".. found |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true |
HTTP Parser: No <meta name="author".. found |
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26mkt%3dEN-US%26opid%3d4796DC2E20C549C9%26opidt%3d1713563522%26uaid%3da67d96ca27dd4840a2c4a24b8295837e%26contextid%3dC6B7CECBF7EF37A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&uaid=a67d96ca27dd4840a2c4a24b8295837e&suc=4765445b-32c6-49b0-83e6-1d93765276ca&lic=1 |
HTTP Parser: No <meta name="author".. found |
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26mkt%3dEN-US%26opid%3d4796DC2E20C549C9%26opidt%3d1713563522%26uaid%3da67d96ca27dd4840a2c4a24b8295837e%26contextid%3dC6B7CECBF7EF37A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&uaid=a67d96ca27dd4840a2c4a24b8295837e&suc=4765445b-32c6-49b0-83e6-1d93765276ca&lic=1 |
HTTP Parser: No <meta name="author".. found |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0 |
HTTP Parser: No <meta name="copyright".. found |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true |
HTTP Parser: No <meta name="copyright".. found |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true |
HTTP Parser: No <meta name="copyright".. found |
Source: https://login.belovedkittenrescue.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638491602979817971.ZGM3ODI3MmYtMmZhYi00ZmFmLThkZWEtM2Q3N2Q5NjQyZjM5YWY3NDM0ZTEtZmI0Yy00Yjk4LTkxODUtYjEzOTY5ODVlZDIx&ui_locales=en-US&mkt=en-US&client-request-id=a67d96ca-27dd-4840-a2c4-a24b8295837e&state=Syu44JejXp8LqEQ8ywvgVxEnArYu1QcYhl-Pjbt8Eb1gV1TwVt4Bbi_S0ujC6W1Y35lH-Juduiv30Rgn2iNnyWaxJOj1wIYIXOHdFcuxUXV6YgKOr4Uu8HaqYFLj7UfQFh7tYALG3-zJu7_aQQbErMOwU-u7imKtReh_ivYEweWc_bobgs8C9H1b7ooj0ONkkl81AeG_dRo4RaYMlNCBJrRtujJ2ob0xiwEdQhb1SW_AxV5tFXAWFZIVz_Zt_Jj-W8CyxgXd3loRZsHHgX4Ccg&x-client-SKU=ID_NET6_0&x-client-ver=7.3.1.0&sso_reload=true |
HTTP Parser: No <meta name="copyright".. found |
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26mkt%3dEN-US%26opid%3d4796DC2E20C549C9%26opidt%3d1713563522%26uaid%3da67d96ca27dd4840a2c4a24b8295837e%26contextid%3dC6B7CECBF7EF37A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&uaid=a67d96ca27dd4840a2c4a24b8295837e&suc=4765445b-32c6-49b0-83e6-1d93765276ca&lic=1 |
HTTP Parser: No <meta name="copyright".. found |
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26mkt%3dEN-US%26opid%3d4796DC2E20C549C9%26opidt%3d1713563522%26uaid%3da67d96ca27dd4840a2c4a24b8295837e%26contextid%3dC6B7CECBF7EF37A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=4765445b-32c6-49b0-83e6-1d93765276ca&uaid=a67d96ca27dd4840a2c4a24b8295837e&suc=4765445b-32c6-49b0-83e6-1d93765276ca&lic=1 |
HTTP Parser: No <meta name="copyright".. found |
Source: unknown |
HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49760 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49766 version: TLS 1.2 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.32 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.32 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.63.206.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 69.164.42.0 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 69.164.42.0 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 69.164.42.0 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 69.164.42.0 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: global traffic |
HTTP traffic detected: GET /:b:/g/personal/s7958766_estg_moe_gov_sa/EeCN0MAR0F5NufUZkT2Q-mcBn4v13Ov8FQ0oi798Dgtayg?e=zTKNmK HTTP/1.1Host: estgirls-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /personal/s7958766_estg_moe_gov_sa/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fs7958766%5Festg%5Fmoe%5Fgov%5Fsa%2FDocuments%2Fcontract%2Epdf&parent=%2Fpersonal%2Fs7958766%5Festg%5Fmoe%5Fgov%5Fsa%2FDocuments&ga=1 HTTP/1.1Host: estgirls-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2U0Mzc2ZWMwMjU2ZDUxMmUyMzczMjA5Y2Y0Mzk5NjlkYTRkOTQzNjM0ZmU5NmNhNTU2ZmYxYTdhMWMxNWE0YmUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jZTQzNzZlYzAyNTZkNTEyZTIzNzMyMDljZjQzOTk2OWRhNGQ5NDM2MzRmZTk2Y2E1NTZmZjFhN2ExYzE1YTRiZSwxMzM1ODAzNzM1MzAwMDAwMDAsMCwxMzM1ODEyMzQ1Mzg0ODM0MDIsMC4wLjAuMCwyNTgsYjY4NzViYmItZjM3MS00ODBkLWFiYTEtMjk3MmNlMDQyYzJiLCwsNDJhODIwYTEtYTAxMi04MDAwLTg3OTgtZDM1NTQxMmQxNGQ5LDQyYTgyMGExLWEwMTItODAwMC04Nzk4LWQzNTU0MTJkMTRkOSwzTlVzZFR6QS9rT0M0cEJvQmJKRjFnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxODgyMTQsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LGdnTDZlWE9nNnFOT2s0dlVxbVJnYU9aWE9LazF3c1VYdms5WXJSckJDaW0rREZaa2Z5enIxUmY1Z0dTSlcvYWxSdURjUUF4ZDFPZENBMzc3R01TMUd5N3g3amZaQllseVVHV2F4WlM4NlhWYStFZk1rb2NTU2p4a3dEK3Z0UmU4QlhaQWZ2WnJiTlVZVFJBakcvM09GZUhoWi9BbVhISjQzcGVsYWhtT3JMZDl3YllneFJRSU5vV1pXbHlaOFFZdk9vb0RlYXZ0WDlvT1RYeU1rU2NWRWNRdWk5RnhzYlUrSXRuRnhRcmFwNmEvWVhYQVhBalREdUx3TEIwUmRpcjQvd2ZONU1tK0NHMHBDTFA5UFlzclA5bmFpeDg0S3NSc0pHOFBEdWdqTVJSMk5MaURjaHVoWHJsV2JjWEFiMjlJbHJFbzZxT29VVmxhQm9LZUNnbmRNZz09PC9TUD4= |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1Host: estgirls-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2U0Mzc2ZWMwMjU2ZDUxMmUyMzczMjA5Y2Y0Mzk5NjlkYTRkOTQzNjM0ZmU5NmNhNTU2ZmYxYTdhMWMxNWE0YmUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jZTQzNzZlYzAyNTZkNTEyZTIzNzMyMDljZjQzOTk2OWRhNGQ5NDM2MzRmZTk2Y2E1NTZmZjFhN2ExYzE1YTRiZSwxMzM1ODAzNzM1MzAwMDAwMDAsMCwxMzM1ODEyMzQ1Mzg0ODM0MDIsMC4wLjAuMCwyNTgsYjY4NzViYmItZjM3MS00ODBkLWFiYTEtMjk3MmNlMDQyYzJiLCwsNDJhODIwYTEtYTAxMi04MDAwLTg3OTgtZDM1NTQxMmQxNGQ5LDQyYTgyMGExLWEwMTItODAwMC04Nzk4LWQzNTU0MTJkMTRkOSwzTlVzZFR6QS9rT0M0cEJvQmJKRjFnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxODgyMTQsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LGdnTDZlWE9nNnFOT2s0dlVxbVJnYU9aWE9LazF3c1VYdms5WXJSckJDaW0rREZaa2Z5enIxUmY1Z0dTSlcvYWxSdURjUUF4ZDFPZENBMzc3R01TMUd5N3g3amZaQllseVVHV2F4WlM4NlhWYStFZk1rb2NTU2p4a3dEK3Z0UmU4QlhaQWZ2WnJiTlVZVFJBakcvM09GZUhoWi9BbVhISjQzcGVsYWhtT3JMZDl3YllneFJRSU5vV1pXbHlaOFFZdk9vb0RlYXZ0WDlvT1RYeU1rU2NWRWNRdWk5RnhzYlUrSXRuRnhRcmFwNmEvWVhYQVhBalREdUx3TEIwUmRpcjQvd2ZONU1tK0NHMHBDTFA5UFlzclA5bmFpeDg0S3NSc0pHOFBEdWdqTVJSMk5MaURjaHVoWHJsV2JjWEFiMjlJbHJFbzZxT29VVmxhQm9LZUNnbmRNZz09PC9TUD4= |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1Host: estgirls-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2U0Mzc2ZWMwMjU2ZDUxMmUyMzczMjA5Y2Y0Mzk5NjlkYTRkOTQzNjM0ZmU5NmNhNTU2ZmYxYTdhMWMxNWE0YmUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jZTQzNzZlYzAyNTZkNTEyZTIzNzMyMDljZjQzOTk2OWRhNGQ5NDM2MzRmZTk2Y2E1NTZmZjFhN2ExYzE1YTRiZSwxMzM1ODAzNzM1MzAwMDAwMDAsMCwxMzM1ODEyMzQ1Mzg0ODM0MDIsMC4wLjAuMCwyNTgsYjY4NzViYmItZjM3MS00ODBkLWFiYTEtMjk3MmNlMDQyYzJiLCwsNDJhODIwYTEtYTAxMi04MDAwLTg3OTgtZDM1NTQxMmQxNGQ5LDQyYTgyMGExLWEwMTItODAwMC04Nzk4LWQzNTU0MTJkMTRkOSwzTlVzZFR6QS9rT0M0cEJvQmJKRjFnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxODgyMTQsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LGdnTDZlWE9nNnFOT2s0dlVxbVJnYU9aWE9LazF3c1VYdms5WXJSckJDaW0rREZaa2Z5enIxUmY1Z0dTSlcvYWxSdURjUUF4ZDFPZENBMzc3R01TMUd5N3g3amZaQllseVVHV2F4WlM4NlhWYStFZk1rb2NTU2p4a3dEK3Z0UmU4QlhaQWZ2WnJiTlVZVFJBakcvM09GZUhoWi9BbVhISjQzcGVsYWhtT3JMZDl3YllneFJRSU5vV1pXbHlaOFFZdk9vb0RlYXZ0WDlvT1RYeU1rU2NWRWNRdWk5RnhzYlUrSXRuRnhRcmFwNmEvWVhYQVhBalREdUx3TEIwUmRpcjQvd2ZONU1tK0NHMHBDTFA5UFlzclA5bmFpeDg0S3NSc0pHOFBEdWdqTVJSMk5MaURjaHVoWHJsV2JjWEFiMjlJbHJFbzZxT29VVmxhQm9LZUNnbmRNZz09PC9TUD4= |
Source: global traffic |
HTTP traffic detected: GET /personal/s7958766_estg_moe_gov_sa/_api/v2.1/graphql HTTP/1.1Host: estgirls-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2U0Mzc2ZWMwMjU2ZDUxMmUyMzczMjA5Y2Y0Mzk5NjlkYTRkOTQzNjM0ZmU5NmNhNTU2ZmYxYTdhMWMxNWE0YmUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jZTQzNzZlYzAyNTZkNTEyZTIzNzMyMDljZjQzOTk2OWRhNGQ5NDM2MzRmZTk2Y2E1NTZmZjFhN2ExYzE1YTRiZSwxMzM1ODAzNzM1MzAwMDAwMDAsMCwxMzM1ODEyMzQ1Mzg0ODM0MDIsMC4wLjAuMCwyNTgsYjY4NzViYmItZjM3MS00ODBkLWFiYTEtMjk3MmNlMDQyYzJiLCwsNDJhODIwYTEtYTAxMi04MDAwLTg3OTgtZDM1NTQxMmQxNGQ5LDQyYTgyMGExLWEwMTItODAwMC04Nzk4LWQzNTU0MTJkMTRkOSwzTlVzZFR6QS9rT0M0cEJvQmJKRjFnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxODgyMTQsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LGdnTDZlWE9nNnFOT2s0dlVxbVJnYU9aWE9LazF3c1VYdms5WXJSckJDaW0rREZaa2Z5enIxUmY1Z0dTSlcvYWxSdURjUUF4ZDFPZENBMzc3R01TMUd5N3g3amZaQllseVVHV2F4WlM4NlhWYStFZk1rb2NTU2p4a3dEK3Z0UmU4QlhaQWZ2WnJiTlVZVFJBakcvM09GZUhoWi9BbVhISjQzcGVsYWhtT3JMZDl3YllneFJRSU5vV1pXbHlaOFFZdk9vb0RlYXZ0WDlvT1RYeU1rU2NWRWNRdWk5RnhzYlUrSXRuRnhRcmFwNmEvWVhYQVhBalREdUx3TEIwUmRpcjQvd2ZONU1tK0NHMHBDTFA5UFlzclA5bmFpeDg0S3NSc0pHOFBEdWdqTVJSMk5MaURjaHVoWHJsV2JjWEFiMjlJbHJFbzZxT29VVmxhQm9LZUNnbmRNZz09PC9TUD4= |
Source: global traffic |
HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/images/odbfavicon.ico?rev=47 HTTP/1.1Host: estgirls-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://estgirls-my.sharepoint.com/personal/s7958766_estg_moe_gov_sa/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fs7958766%5Festg%5Fmoe%5Fgov%5Fsa%2FDocuments%2Fcontract%2Epdf&parent=%2Fpersonal%2Fs7958766%5Festg%5Fmoe%5Fgov%5Fsa%2FDocuments&ga=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2U0Mzc2ZWMwMjU2ZDUxMmUyMzczMjA5Y2Y0Mzk5NjlkYTRkOTQzNjM0ZmU5NmNhNTU2ZmYxYTdhMWMxNWE0YmUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jZTQzNzZlYzAyNTZkNTEyZTIzNzMyMDljZjQzOTk2OWRhNGQ5NDM2MzRmZTk2Y2E1NTZmZjFhN2ExYzE1YTRiZSwxMzM1ODAzNzM1MzAwMDAwMDAsMCwxMzM1ODEyMzQ1Mzg0ODM0MDIsMC4wLjAuMCwyNTgsYjY4NzViYmItZjM3MS00ODBkLWFiYTEtMjk3MmNlMDQyYzJiLCwsNDJhODIwYTEtYTAxMi04MDAwLTg3OTgtZDM1NTQxMmQxNGQ5LDQyYTgyMGExLWEwMTItODAwMC04Nzk4LWQzNTU0MTJkMTRkOSwzTlVzZFR6QS9rT0M0cEJvQmJKRjFnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxODgyMTQsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LGdnTDZlWE9nNnFOT2s0dlVxbVJnYU9aWE9LazF3c1VYdms5WXJSckJDaW0rREZaa2Z5enIxUmY1Z0dTSlcvYWxSdURjUUF4ZDFPZENBMzc3R01TMUd5N3g3amZaQllseVVHV2F4WlM4NlhWYStFZk1rb2NTU2p4a3dEK3Z0UmU4QlhaQWZ2WnJiTlVZVFJBakcvM09GZUhoWi9BbVhISjQzcGVsYWhtT3JMZDl3YllneFJRSU5vV1pXbHlaOFFZdk9vb0RlYXZ0WDlvT1RYeU1rU2NWRWNRdWk5RnhzYlUrSXRuRnhRcmFwNmEvWVhYQVhBalREdUx3TEIwUmRpcjQvd2ZONU1tK0NHMHBDTFA5UFlzclA5bmFpeDg0S3NSc0pHOFBEdWdqTVJSMk5MaURjaHVoWHJsV2JjWEFiMjlJbHJFbzZxT29VVmxhQm9LZUNnbmRNZz09PC9TUD4= |
Source: global traffic |
HTTP traffic detected: GET /personal/s7958766_estg_moe_gov_sa/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fs7958766%5Festg%5Fmoe%5Fgov%5Fsa%2FDocuments%27&TryNewExperienceSingle=TRUE HTTP/1.1Host: estgirls-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2U0Mzc2ZWMwMjU2ZDUxMmUyMzczMjA5Y2Y0Mzk5NjlkYTRkOTQzNjM0ZmU5NmNhNTU2ZmYxYTdhMWMxNWE0YmUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jZTQzNzZlYzAyNTZkNTEyZTIzNzMyMDljZjQzOTk2OWRhNGQ5NDM2MzRmZTk2Y2E1NTZmZjFhN2ExYzE1YTRiZSwxMzM1ODAzNzM1MzAwMDAwMDAsMCwxMzM1ODEyMzQ1Mzg0ODM0MDIsMC4wLjAuMCwyNTgsYjY4NzViYmItZjM3MS00ODBkLWFiYTEtMjk3MmNlMDQyYzJiLCwsNDJhODIwYTEtYTAxMi04MDAwLTg3OTgtZDM1NTQxMmQxNGQ5LDQyYTgyMGExLWEwMTItODAwMC04Nzk4LWQzNTU0MTJkMTRkOSwzTlVzZFR6QS9rT0M0cEJvQmJKRjFnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxODgyMTQsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LGdnTDZlWE9nNnFOT2s0dlVxbVJnYU9aWE9LazF3c1VYdms5WXJSckJDaW0rREZaa2Z5enIxUmY1Z0dTSlcvYWxSdURjUUF4ZDFPZENBMzc3R01TMUd5N3g3amZaQllseVVHV2F4WlM4NlhWYStFZk1rb2NTU2p4a3dEK3Z0UmU4QlhaQWZ2WnJiTlVZVFJBakcvM09GZUhoWi9BbVhISjQzcGVsYWhtT3JMZDl3YllneFJRSU5vV1pXbHlaOFFZdk9vb0RlYXZ0WDlvT1RYeU1rU2NWRWNRdWk5RnhzYlUrSXRuRnhRcmFwNmEvWVhYQVhBalREdUx3TEIwUmRpcjQvd2ZONU1tK0NHMHBDTFA5UFlzclA5bmFpeDg0S3NSc0pHOFBEdWdqTVJSMk5MaURjaHVoWHJsV2JjWEFiMjlJbHJFbzZxT29VVmxhQm9LZUNnbmRNZz09PC9TUD4= |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/images/odbfavicon.ico?rev=47 HTTP/1.1Host: estgirls-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2U0Mzc2ZWMwMjU2ZDUxMmUyMzczMjA5Y2Y0Mzk5NjlkYTRkOTQzNjM0ZmU5NmNhNTU2ZmYxYTdhMWMxNWE0YmUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jZTQzNzZlYzAyNTZkNTEyZTIzNzMyMDljZjQzOTk2OWRhNGQ5NDM2MzRmZTk2Y2E1NTZmZjFhN2ExYzE1YTRiZSwxMzM1ODAzNzM1MzAwMDAwMDAsMCwxMzM1ODEyMzQ1Mzg0ODM0MDIsMC4wLjAuMCwyNTgsYjY4NzViYmItZjM3MS00ODBkLWFiYTEtMjk3MmNlMDQyYzJiLCwsNDJhODIwYTEtYTAxMi04MDAwLTg3OTgtZDM1NTQxMmQxNGQ5LDQyYTgyMGExLWEwMTItODAwMC04Nzk4LWQzNTU0MTJkMTRkOSwzTlVzZFR6QS9rT0M0cEJvQmJKRjFnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxODgyMTQsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LGdnTDZlWE9nNnFOT2s0dlVxbVJnYU9aWE9LazF3c1VYdms5WXJSckJDaW0rREZaa2Z5enIxUmY1Z0dTSlcvYWxSdURjUUF4ZDFPZENBMzc3R01TMUd5N3g3amZaQllseVVHV2F4WlM4NlhWYStFZk1rb2NTU2p4a3dEK3Z0UmU4QlhaQWZ2WnJiTlVZVFJBakcvM09GZUhoWi9BbVhISjQzcGVsYWhtT3JMZDl3YllneFJRSU5vV1pXbHlaOFFZdk9vb0RlYXZ0WDlvT1RYeU1rU2NWRWNRdWk5RnhzYlUrSXRuRnhRcmFwNmEvWVhYQVhBalREdUx3TEIwUmRpcjQvd2ZONU1tK0NHMHBDTFA5UFlzclA5bmFpeDg0S3NSc0pHOFBEdWdqTVJSMk5MaURjaHVoWHJsV2JjWEFiMjlJbHJFbzZxT29VVmxhQm9LZUNnbmRNZz09PC9TUD4= |
Source: global traffic |
HTTP traffic detected: GET /personal/s7958766_estg_moe_gov_sa/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fs7958766%5Festg%5Fmoe%5Fgov%5Fsa%2FDocuments%27&TryNewExperienceSingle=TRUE HTTP/1.1Host: estgirls-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2U0Mzc2ZWMwMjU2ZDUxMmUyMzczMjA5Y2Y0Mzk5NjlkYTRkOTQzNjM0ZmU5NmNhNTU2ZmYxYTdhMWMxNWE0YmUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jZTQzNzZlYzAyNTZkNTEyZTIzNzMyMDljZjQzOTk2OWRhNGQ5NDM2MzRmZTk2Y2E1NTZmZjFhN2ExYzE1YTRiZSwxMzM1ODAzNzM1MzAwMDAwMDAsMCwxMzM1ODEyMzQ1Mzg0ODM0MDIsMC4wLjAuMCwyNTgsYjY4NzViYmItZjM3MS00ODBkLWFiYTEtMjk3MmNlMDQyYzJiLCwsNDJhODIwYTEtYTAxMi04MDAwLTg3OTgtZDM1NTQxMmQxNGQ5LDQyYTgyMGExLWEwMTItODAwMC04Nzk4LWQzNTU0MTJkMTRkOSwzTlVzZFR6QS9rT0M0cEJvQmJKRjFnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxODgyMTQsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LGdnTDZlWE9nNnFOT2s0dlVxbVJnYU9aWE9LazF3c1VYdms5WXJSckJDaW0rREZaa2Z5enIxUmY1Z0dTSlcvYWxSdURjUUF4ZDFPZENBMzc3R01TMUd5N3g3amZaQllseVVHV2F4WlM4NlhWYStFZk1rb2NTU2p4a3dEK3Z0UmU4QlhaQWZ2WnJiTlVZVFJBakcvM09GZUhoWi9BbVhISjQzcGVsYWhtT3JMZDl3YllneFJRSU5vV1pXbHlaOFFZdk9vb0RlYXZ0WDlvT1RYeU1rU2NWRWNRdWk5RnhzYlUrSXRuRnhRcmFwNmEvWVhYQVhBalREdUx3TEIwUmRpcjQvd2ZONU1tK0NHMHBDTFA5UFlzclA5bmFpeDg0S3NSc0pHOFBEdWdqTVJSMk5MaURjaHVoWHJsV2JjWEFiMjlJbHJFbzZxT29VVmxhQm9LZUNnbmRNZz09PC9TUD4= |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%5D&defaultBrotli=true&authenticateFast=true&wwData=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099649,3]&spStartApplicationWebBundle=true&enableIntegrities=true HTTP/1.1Host: estgirls-my.sharepoint.comConnection: keep-aliveCache-Control: max-age=0Accept: */*Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://estgirls-my.sharepoint.com/personal/s7958766_estg_moe_gov_sa/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fs7958766%5Festg%5Fmoe%5Fgov%5Fsa%2FDocuments%2Fcontract%2Epdf&parent=%2Fpersonal%2Fs7958766%5Festg%5Fmoe%5Fgov%5Fsa%2FDocuments&ga=1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uI2U0Mzc2ZWMwMjU2ZDUxMmUyMzczMjA5Y2Y0Mzk5NjlkYTRkOTQzNjM0ZmU5NmNhNTU2ZmYxYTdhMWMxNWE0YmUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jZTQzNzZlYzAyNTZkNTEyZTIzNzMyMDljZjQzOTk2OWRhNGQ5NDM2MzRmZTk2Y2E1NTZmZjFhN2ExYzE1YTRiZSwxMzM1ODAzNzM1MzAwMDAwMDAsMCwxMzM1ODEyMzQ1Mzg0ODM0MDIsMC4wLjAuMCwyNTgsYjY4NzViYmItZjM3MS00ODBkLWFiYTEtMjk3MmNlMDQyYzJiLCwsNDJhODIwYTEtYTAxMi04MDAwLTg3OTgtZDM1NTQxMmQxNGQ5LDQyYTgyMGExLWEwMTItODAwMC04Nzk4LWQzNTU0MTJkMTRkOSwzTlVzZFR6QS9rT0M0cEJvQmJKRjFnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxODgyMTQsRGFEQWZqUVFtcHlPWHgyUnJLX1c1bHZvTFo0LGdnTDZlWE9nNnFOT2s0dlVxbVJnYU9aWE9LazF3c1VYdms5WXJSckJDaW0rREZaa2Z5enIxUmY1Z0dTSlcvYWxSdURjUUF4ZDFPZENBMzc3R01TMUd5N3g3amZaQllseVVHV2F4WlM4NlhWYStFZk1rb2NTU2p4a3dEK3Z0UmU4QlhaQWZ2WnJiTlVZVFJBakcvM09GZUhoWi9BbVhISjQzcGVsYWhtT3JMZDl3YllneFJRSU5vV1pXbHlaOFFZdk9vb0RlYXZ0WDlvT1RYeU1rU2NWRWNRdWk5RnhzYlUrSXRuRnhRcmFwNmEvWVhYQVhBalREdUx3TEIwUmRpcjQvd2ZONU1tK0NHMHBDTFA5UFlzclA5bmFpeDg0S3NSc0pHOFBEdWdqTVJSMk5MaURjaHVoWHJsV |