Click to jump to signature section
| Source: https://login.dunmhumby.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/b0e4a89976ce/main.js? | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/4E75UUJFQzqj2DyvLCuNTz77rYDZw93kS06Co4fSPmcgPARThK1kv8rrGNX1tPOHklbi6o9lGhHnsQXIwoIYWKdMBaMEWO8cf9SpscqeoY5BfguLsltFQvGa0Cpbp1tM5hjLzJBiTXw0A2Rudqn8yR/verify | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/4E75UUJFQzqj2DyvLCuNTz77rYDZw93kS06Co4fSPmcgPARThK1kv8rrGNX1tPOHklbi6o9lGhHnsQXIwoIYWKdMBaMEWO8cf9SpscqeoY5BfguLsltFQvGa0Cpbp1tM5hjLzJBiTXw0A2Rudqn8yR/index | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/page/styles/app.css | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/page/images/verify_app.png | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/page/images/info.png | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/page/images/verify.png | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/page/images/back.png | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/page/images/verify_code.png | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/page/images/verify_sms.png | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/page/images/logo.png | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/page/images/appnotif2.png | Avira URL Cloud: Label: phishing |
| Source: https://login.dunmhumby.com/4E75UUJFQzqj2DyvLCuNTz77rYDZw93kS06Co4fSPmcgPARThK1kv8rrGNX1tPOHklbi6o9lGhHnsQXIwoIYWKdMBaMEWO8cf9SpscqeoY5BfguLsltFQvGa0Cpbp1tM5hjLzJBiTXw0A2Rudqn8yR/verify | Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'login.dunmhumby.com' does not match the legitimate domain name for Microsoft., The domain 'dunmhumby.com' is not related to Microsoft, which raises suspicion., The presence of Microsoft-related input fields (Email, phone, or Skype) on a non-Microsoft domain is a common phishing tactic. DOM: 5.13.pages.csv |
| Source: Yara match | File source: 5.13.pages.csv, type: HTML |
| Source: https://mfsus-my.sharepoint.com/:u:/p/jmaldonado/ETgv2ykDZTZFqqQuEgMT5HYBmLmp6Wc681CQdzzQhFcYJQ?rtime=vhsaD9xV3Ug | Joe Sandbox AI: Page contains button: 'VIEW DOCUMENT' Source: '2.0.pages.csv' |
| Source: https://login.dunmhumby.com | Joe Sandbox AI: The URL 'https://login.dunmhumby.com' closely resembles the legitimate URL 'https://login.dunnhumby.com', which is associated with the known brand 'dunnhumby'. The primary difference is the substitution of 'nn' with 'nm', which is a common visual character substitution that can lead to user confusion. The use of the subdomain 'login' is typical for legitimate login pages, adding to the potential for confusion. The domain extension '.com' is standard and does not suggest a different legitimate purpose. Given the high visual similarity and the context of a login page, this URL is likely a typosquatting attempt. |
| Source: Chrome DOM: 3.10 | OCR Text: 0.1 Microsoft www.microsoftonline.com Please stand by, while we are cheking if the site connection is secure Verifying v.. CLOUDFLARE Ten-rs Did you know there are Verified Bats that are allowed around the internet because they help provide services we use day ta day? Microsoft needs to review the security of your connection before proceeding. Performance & security by Microsoft |
| Source: Chrome DOM: 3.9 | OCR Text: 0.1 Microsoft www.microsoftonline.com Please stand by, while we are cheking if the site connection is secure Verifying,.. CLOUDFLARE Ten-rs Did you know there are Verified Bats that are allowed around the internet because they help provide services we use day ta day? Microsoft needs to review the security of your connection before proceeding. Performance & security by Microsoft |
| Source: https://login.dunmhumby.com/4E75UUJFQzqj2DyvLCuNTz77rYDZw93kS06Co4fSPmcgPARThK1kv8rrGNX1tPOHklbi6o9lGhHnsQXIwoIYWKdMBaMEWO8cf9SpscqeoY5BfguLsltFQvGa0Cpbp1tM5hjLzJBiTXw0A2Rudqn8yR/verify | HTTP Parser: Number of links: 0 |
| Source: https://login.dunmhumby.com/4E75UUJFQzqj2DyvLCuNTz77rYDZw93kS06Co4fSPmcgPARThK1kv8rrGNX1tPOHklbi6o9lGhHnsQXIwoIYWKdMBaMEWO8cf9SpscqeoY5BfguLsltFQvGa0Cpbp1tM5hjLzJBiTXw0A2Rudqn8yR/verify | HTTP Parser: <input type="password" .../> found but no <form action="... |
| Source: https://mfsus-my.sharepoint.com/:u:/p/jmaldonado/ETgv2ykDZTZFqqQuEgMT5HYBmLmp6Wc681CQdzzQhFcYJQ?rtime=vhsaD9xV3Ug | HTTP Parser: Total embedded SVG size: 161677 |
| Source: https://login.dunmhumby.com/4E75UUJFQzqj2DyvLCuNTz77rYDZw93kS06Co4fSPmcgPARThK1kv8rrGNX1tPOHklbi6o9lGhHnsQXIwoIYWKdMBaMEWO8cf9SpscqeoY5BfguLsltFQvGa0Cpbp1tM5hjLzJBiTXw0A2Rudqn8yR/verify | HTTP Parser: Total embedded image size: 30653 |
| Source: https://mfsus-my.sharepoint.com/:u:/p/jmaldonado/ETgv2ykDZTZFqqQuEgMT5HYBmLmp6Wc681CQdzzQhFcYJQ?rtime=vhsaD9xV3Ug | HTTP Parser: Base64 decoded: {"siteid":"42a26e9d-9df1-4f00-aa7a-d56a972bc346","aud":"00000003-0000-0ff1-ce00-000000000000/mfsus-my.sharepoint.com@6f708c90-65ae-4f02-ae15-f7b52b5d44a4","exp":"1740551779"} |
| Source: https://login.dunmhumby.com/4E75UUJFQzqj2DyvLCuNTz77rYDZw93kS06Co4fSPmcgPARThK1kv8rrGNX1tPOHklbi6o9lGhHnsQXIwoIYWKdMBaMEWO8cf9SpscqeoY5BfguLsltFQvGa0Cpbp1tM5hjLzJBiTXw0A2Rudqn8yR/verify | HTTP Parser: Title: Verify your credentials does not match URL |
| Source: https://login.dunmhumby.com/4E75UUJFQzqj2DyvLCuNTz77rYDZw93kS06Co4fSPmcgPARThK1kv8rrGNX1tPOHklbi6o9lGhHnsQXIwoIYWKdMBaMEWO8cf9SpscqeoY5BfguLsltFQvGa0Cpbp1tM5hjLzJBiTXw0A2Rudqn8yR/verify | HTTP Parser: Invalid link: Forgot password? |
| Source: https://login.dunmhumby.com/4E75UUJFQzqj2DyvLCuNTz77rYDZw93kS06Co4fSPmcgPARThK1kv8rrGNX1tPOHklbi6o9lGhHnsQXIwoIYWKdMBaMEWO8cf9SpscqeoY5BfguLsltFQvGa0Cpbp1tM5hjLzJBiTXw0A2Rudqn8yR/verify | HTTP Parser: Invalid link: Terms of use |
| Source: https://login.dunmhumby.com/4E75UUJFQzqj2DyvLCuNTz77rYDZw93kS06Co4fSPmcgPARThK1kv8rrGNX1tPOHklbi6o9lGhHnsQXIwoIYWKdMBaMEWO8cf9SpscqeoY5BfguLsltFQvGa0Cpbp1tM5hjLzJBiTXw0A2Rudqn8yR/verify | HTTP Parser: Invalid link: Privacy & cookies |
| Source: https://login.dunmhumby.com/4E75UUJFQzqj2DyvLCuNTz77rYDZw93kS06Co4fSPmcgPARThK1kv8rrGNX1tPOHklbi6o9lGhHnsQXIwoIYWKdMBaMEWO8cf9SpscqeoY5BfguLsltFQvGa0Cpbp1tM5hjLzJBiTXw0A2Rudqn8yR/verify | HTTP Parser: <input type="password" .../> found |
| Source: https://login.dunmhumby.com/ | HTTP Parser: No favicon |
| Source: https://login.dunmhumby.com/4E75UUJFQzqj2DyvLCuNTz77rYDZw93kS06Co4fSPmcgPARThK1kv8rrGNX1tPOHklbi6o9lGhHnsQXIwoIYWKdMBaMEWO8cf9SpscqeoY5BfguLsltFQvGa0Cpbp1tM5hjLzJBiTXw0A2Rudqn8yR/verify | HTTP Parser: No <meta name="author".. found |
| Source: https://login.dunmhumby.com/4E75UUJFQzqj2DyvLCuNTz77rYDZw93kS06Co4fSPmcgPARThK1kv8rrGNX1tPOHklbi6o9lGhHnsQXIwoIYWKdMBaMEWO8cf9SpscqeoY5BfguLsltFQvGa0Cpbp1tM5hjLzJBiTXw0A2Rudqn8yR/verify | HTTP Parser: No <meta name="copyright".. found |
| Source: chrome.exe | Memory has grown: Private usage: 9MB later: 30MB |
| Source: global traffic | TCP traffic: 192.168.2.16:65208 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:65208 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:56160 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:65208 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:56160 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:65208 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:56160 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:65208 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:56160 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:65208 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:56160 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:65208 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:56160 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:65208 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:56160 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:65208 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:56160 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:65208 -> 1.1.1.1:53 |
| Source: global traffic | TCP traffic: 192.168.2.16:56160 -> 1.1.1.1:53 |
| Source: Network traffic | Suricata IDS: 2024228 - Severity 2 - ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017 : 104.21.74.221:443 -> 192.168.2.16:56501 |
| Source: Network traffic | Suricata IDS: 2024228 - Severity 2 - ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017 : 104.21.74.221:443 -> 192.168.2.16:56497 |
| Source: Network traffic | Suricata IDS: 2024228 - Severity 2 - ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017 : 104.21.74.221:443 -> 192.168.2.16:56498 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 2.17.190.73 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: global traffic | HTTP traffic detected: GET /:u:/p/jmaldonado/ETgv2ykDZTZFqqQuEgMT5HYBmLmp6Wc681CQdzzQhFcYJQ?e=deM7Fd HTTP/1.1Host: mfsus-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /personal/jmaldonado_mfsus_com/_layouts/15/Doc.aspx?sourcedoc=%7B29db2f38-6503-4536-aaa4-2e120313e476%7D&action=default&slrid=fd0f85a1-10a2-8000-1a73-b507b8f48a5b&originalPath=aHR0cHM6Ly9tZnN1cy1teS5zaGFyZXBvaW50LmNvbS86dTovcC9qbWFsZG9uYWRvL0VUZ3YyeWtEWlRaRnFxUXVFZ01UNUhZQm1MbXA2V2M2ODFDUWR6elFoRmNZSlE_cnRpbWU9dmhzYUQ5eFYzVWc&CID=4bdf9ee6-3edc-4723-8c5c-bd35d1945668&_SRM=0:G:241 HTTP/1.1Host: mfsus-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzJkMjUzZWVjYTdjNTdkYzYyZTliY2JkYTAxMGJiYmRhZmZhM2VlNDQxMGVkOTE5MDBiZjUwMGUwMjY2YzNlNjEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jMmQyNTNlZWNhN2M1N2RjNjJlOWJjYmRhMDEwYmJiZGFmZmEzZWU0NDEwZWQ5MTkwMGJmNTAwZTAyNjZjM2U2MSwxMzM4NDk4OTY3ODAwMDAwMDAsMCwxMzM4NTA3NTc3OTA3MDEyNjgsMC4wLjAuMCwyNTgsNmY3MDhjOTAtNjVhZS00ZjAyLWFlMTUtZjdiNTJiNWQ0NGE0LCwsNmY1ZDUxMjQtNGI4Ny00NTM5LTlmYWMtM2FiMDVlMDliYWRkLDZmNWQ1MTI0LTRiODctNDUzOS05ZmFjLTNhYjA1ZTA5YmFkZCw3RDN5dWUrWjZrV3lFc01raEFDZzh3LDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTM1NzIsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLHFaOWt4R3o4RzlSb2hrakt4b24zVlhzV2NBRjI4aVJRNmJPc0FhVDdaN1RBVFdEdmY3Q0ZvcTI2TnZ1SCtza1d3MTZCdmVmODFmTE5CbkREeGUvMTFibFBkbUxKdVVQdnJqRm9SOUVuVkh5NERmN1dNazgvZEZGMTNXZ1lWOFd4QUlFb0VsZUFHOGhuVHRYYTRuTXU0SzM4N2R6L2dCYWp3RGpDdXliTzFMN1F6VGJKWWljTTRNWXAzY21RTWR3WWpZSGg3WTh3N2J1WnJBMmkrZVJHeGR4UDBWZWErKytsL3kxSmROVjR0M2I4RGQzSlVPMGs1M0NJYVhpcnZzZXorU0Q3aWtEZDNyVE5aVkE0ckkyc0pBYzQ5WjRoeFgyQS85NHpVbTlDR2tHYzBFR3ZzWEpsV3FncklYU2FGM1ozbDNaV21lRlgraHM0ZUdlNkFzQnlLZz09PC9TUD4= |
| Source: global traffic | HTTP traffic detected: GET /personal/jmaldonado_mfsus_com/_api/v2.1/drives/b!nW6iQvGdAE-qetVqlyvDRrh_bBcVVUFOpvuhp5PdeZ-IgjmDnIDFSYQTfXrZeC6w/items/01UC4W2QBYF7NSSA3FGZC2VJBOCIBRHZDW/streams/content_preview_Ofv.json/streamContent?tempauth=v1.eyJzaXRlaWQiOiI0MmEyNmU5ZC05ZGYxLTRmMDAtYWE3YS1kNTZhOTcyYmMzNDYiLCJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvbWZzdXMtbXkuc2hhcmVwb2ludC5jb21ANmY3MDhjOTAtNjVhZS00ZjAyLWFlMTUtZjdiNTJiNWQ0NGE0IiwiZXhwIjoiMTc0MDU1MTc3OSJ9.CiMKCXNoYXJpbmdpZBIWN0QzeXVlK1o2a1d5RXNNa2hBQ2c4dwoLCgRzbmlkEgMxMDQSCwi8wKL-wvnqPRAFGgw4LjQ2LjEyMy4xODkiFG1pY3Jvc29mdC5zaGFyZXBvaW50KiwzbC8ycE56MWRRSThMclJCU1QwL0d2WFc2a1ZvVXhqZmNHL2lIRVg3Uk1JPTC6ATgBQhChhQ__0zAAgBZEzNoKqA-rShBoYXNoZWRwcm9vZnRva2VuYgR0cnVlcmEwaC5mfG1lbWJlcnNoaXB8dXJuJTNhc3BvJTNhYW5vbiMyZDI1M2VlY2E3YzU3ZGM2MmU5YmNiZGEwMTBiYmJkYWZmYTNlZTQ0MTBlZDkxOTAwYmY1MDBlMDI2NmMzZTYxegEwwgFhMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jMmQyNTNlZWNhN2M1N2RjNjJlOWJjYmRhMDEwYmJiZGFmZmEzZWU0NDEwZWQ5MTkwMGJmNTAwZTAyNjZjM2U2McgBAQ.7-Aft3l0je9L038zbtW6zw2_PAE69pwo-ZwQqScqjnA&usecachedssr=1&prefetchSSRCorrelationId=ff0f85a1-30d3-8000-1644-ccda0aa80fab HTTP/1.1Host: mfsus-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://mfsus-my.sharepoint.com/personal/jmaldonado_mfsus_com/_layouts/15/Doc.aspx?sourcedoc=%7B29db2f38-6503-4536-aaa4-2e120313e476%7D&action=default&slrid=fd0f85a1-10a2-8000-1a73-b507b8f48a5b&originalPath=aHR0cHM6Ly9tZnN1cy1teS5zaGFyZXBvaW50LmNvbS86dTovcC9qbWFsZG9uYWRvL0VUZ3YyeWtEWlRaRnFxUXVFZ01UNUhZQm1MbXA2V2M2ODFDUWR6elFoRmNZSlE_cnRpbWU9dmhzYUQ5eFYzVWc&CID=4bdf9ee6-3edc-4723-8c5c-bd35d1945668&_SRM=0:G:241Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzJkMjUzZWVjYTdjNTdkYzYyZTliY2JkYTAxMGJiYmRhZmZhM2VlNDQxMGVkOTE5MDBiZjUwMGUwMjY2YzNlNjEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jMmQyNTNlZWNhN2M1N2RjNjJlOWJjYmRhMDEwYmJiZGFmZmEzZWU0NDEwZWQ5MTkwMGJmNTAwZTAyNjZjM2U2MSwxMzM4NDk4OTY3ODAwMDAwMDAsMCwxMzM4NTA3NTc3OTA3MDEyNjgsMC4wLjAuMCwyNTgsNmY3MDhjOTAtNjVhZS00ZjAyLWFlMTUtZjdiNTJiNWQ0NGE0LCwsNmY1ZDUxMjQtNGI4Ny00N |
Edit tour
chrome.exe (PID: 5948 cmdline: 
