Source: https://newmexicogov-my.sharepoint.com/:f:/g/personal/christine_fuller_newmexicogov_onmicrosoft_com/EoaWDUrKgw5NpxyRqgYpeMMB9xM6HiHeCt0mCjuvQCuY2A?e=Aa5N0v |
SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0 |
HTTP Parser: Number of links: 0 |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0&sso_reload=true |
HTTP Parser: Number of links: 0 |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0 |
HTTP Parser: Title: Redirecting does not match URL |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0&sso_reload=true |
HTTP Parser: Title: Sign in to your account does not match URL |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0&sso_reload=true |
HTTP Parser: <input type="password" .../> found |
Source: https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%2FNew%20Mexico%20Division%20of%20Vocational%20Rehabilitation&ga=1 |
HTTP Parser: No favicon |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0 |
HTTP Parser: No favicon |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0 |
HTTP Parser: No <meta name="author".. found |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0&sso_reload=true |
HTTP Parser: No <meta name="author".. found |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0&sso_reload=true |
HTTP Parser: No <meta name="author".. found |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0&sso_reload=true |
HTTP Parser: No <meta name="author".. found |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0 |
HTTP Parser: No <meta name="copyright".. found |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0&sso_reload=true |
HTTP Parser: No <meta name="copyright".. found |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0&sso_reload=true |
HTTP Parser: No <meta name="copyright".. found |
Source: https://login.microsoftonline.com/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=2F80E471D14378CCAEBF6D292A9EB70379B29120BA11D435%2D67B9E578AB8058839CEC01CE628F3678AF57DD2625442575C2819BFE5D02FEE5&redirect%5Furi=https%3A%2F%2Fnewmexicogov%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc7654a1%2D7000%2D6000%2D933a%2D41a164d2bcf0&sso_reload=true |
HTTP Parser: No <meta name="copyright".. found |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping6076_1908859899\LICENSE.txt |
Jump to behavior |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49735 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49743 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.5:49828 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.5:61589 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 52.168.112.67:443 -> 192.168.2.5:57817 version: TLS 1.2 |
Source: |
Binary string: Google.Widevine.CDM.dll.pdb source: Google.Widevine.CDM.dll.0.dr |
Source: chrome.exe |
Memory has grown: Private usage: 0MB later: 41MB |
Source: global traffic |
TCP traffic: 192.168.2.5:61446 -> 1.1.1.1:53 |
Source: global traffic |
TCP traffic: 192.168.2.5:57166 -> 1.1.1.1:53 |
Source: C:\Program Files\Google\Chrome\Application\chrome.exe |
HTTP traffic: Redirect from: newmexicogov-my.sharepoint.com to https://login.microsoftonline.com:443/04cdd62f-862f-4d4c-a1d9-440b676840d6/oauth2/authorize?client%5fid=00000003%2d0000%2d0ff1%2dce00%2d000000000000&response%5fmode=form%5fpost&response%5ftype=code%20id%5ftoken&resource=00000003%2d0000%2d0ff1%2dce00%2d000000000000&scope=openid&nonce=2f80e471d14378ccaebf6d292a9eb70379b29120ba11d435%2d67b9e578ab8058839cec01ce628f3678af57dd2625442575c2819bfe5d02fee5&redirect%5furi=https%3a%2f%2fnewmexicogov%2dmy%2esharepoint%2ecom%2f%5fforms%2fdefault%2easpx&state=od0w&claims=%7b%22id%5ftoken%22%3a%7b%22xms%5fcc%22%3a%7b%22values%22%3a%5b%22cp1%22%5d%7d%7d%7d&wsucxt=1&cobrandid=11bd8083%2d87e0%2d41b5%2dbb78%2d0bc43c8a8e8a&client%2drequest%2did=dc7654a1%2d7000%2d6000%2d933a%2d41a164d2bcf0 |
Source: global traffic |
HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Accept: */*APIKey: cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521AuthMsaDeviceTicket: t=GwAWAbuEBAAU2qcZHJoKGNizGOeyqM4OaIoSZ0MOZgAAENhIsZk1icdmK4NNtUk6KLPgAMvy17Udgd1MlHE7GXRAxu9wDd84HaOk1nGIMKru6radFnZDfu7zWhcmz9j72MdI/lM5JykN5JyMCsrKKjhnWsxMrSmUTHFAm4lCtsR/4kXJ5OVGBubVm1qKlLaqfTPe4/QIS6EsPZhp2A+GbXPmd9v7KWe0y9ZBVkGnVgT2XAL69MHD65Z2sZ/bvdyK2Z9GRgl5dhajOwb9unLzQz2LihgZzhVMiIEIlP0Ox0qtNEB072yB6rGFSpbQMfXp3Qm9wrLMHPG0cNIMKQ3+lgA3sY/VTGnPGJVnsHSsfW8D9dyBIAE=&p=Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.4.15.1Upload-Time: 1727470512019Host: self.events.data.microsoft.comContent-Length: 7974Connection: Keep-AliveCache-Control: no-cache |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 184.28.90.27 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.1.237.91 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 4.245.163.56 |
Source: global traffic |
HTTP traffic detected: GET /:f:/g/personal/christine_fuller_newmexicogov_onmicrosoft_com/EoaWDUrKgw5NpxyRqgYpeMMB9xM6HiHeCt0mCjuvQCuY2A?e=Aa5N0v HTTP/1.1Host: newmexicogov-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%2FNew%20Mexico%20Division%20of%20Vocational%20Rehabilitation&ga=1 HTTP/1.1Host: newmexicogov-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzAyOTQ4NTdmMGU1ZDJkODRhZDdkNTQ3MjhiNTMzY2M4OTc1OTAzOWYzNGZjZjEyOGRkZDhlZDQ5MWM5ZDcxZWEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jMDI5NDg1N2YwZTVkMmQ4NGFkN2Q1NDcyOGI1MzNjYzg5NzU5MDM5ZjM0ZmNmMTI4ZGRkOGVkNDkxYzlkNzFlYSwxMzM3MTk0NDEzMDAwMDAwMDAsMCwxMzM3MjAzMDIzMDI4MTMyMzYsMC4wLjAuMCwyNTgsMDRjZGQ2MmYtODYyZi00ZDRjLWExZDktNDQwYjY3Njg0MGQ2LCwsY2I3NjU0YTEtZDAyNC02MDAwLTkzM2EtNGU1YzhkMjg1ZmY3LGNiNzY1NGExLWQwMjQtNjAwMC05MzNhLTRlNWM4ZDI4NWZmNyw3MXQvbUlzVlFVdXRpQUxMVDM3aC9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTQwODIsYlphUGIxWnVyYlR2aFlFTGVQUllwY2dtNVN3LG52bnoveVk4UzNTandqODBWZFhRblBjZmhhYUErQUpSUWhlempsZFZZcGpEVUE2RFJETmltL3J0ZHYyY1RoVVczNGtZam0xVENTNUlSRk5SdmVpWEhIUnNIMlJSSUVOK1ZDMjNvOHB2SmIxRUQ3RksxMWlGWXkxMXZRdkZJc0FYb2JUbWZZQUJIclBMaUtDNVQwWng0WVpvWmRzL3Q4N0dFcHJUK2ZNUm5lWmh3MFhCUlhveEovc3JFRFpqZzFQUGJTbW13RlQvbGcycldrUnRzVzBuU2ZiMTVicmhZK3U5dnFUSlM2VVFkdVMyQ3M1cGJCNTZ2d3F6T3FiWUllc1VBZlNGcGF6RVV2aGREa0trSnFkdmxzQUk2dy95akltUEVTQWk4SUFkVTJHZzRucHZDWDM3MitpV0tEdlNZUTB4Vmw2YkVjZ0JqcytaMUZuSWVQWC83Zz09PC9TUD4= |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1Host: newmexicogov-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzAyOTQ4NTdmMGU1ZDJkODRhZDdkNTQ3MjhiNTMzY2M4OTc1OTAzOWYzNGZjZjEyOGRkZDhlZDQ5MWM5ZDcxZWEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jMDI5NDg1N2YwZTVkMmQ4NGFkN2Q1NDcyOGI1MzNjYzg5NzU5MDM5ZjM0ZmNmMTI4ZGRkOGVkNDkxYzlkNzFlYSwxMzM3MTk0NDEzMDAwMDAwMDAsMCwxMzM3MjAzMDIzMDI4MTMyMzYsMC4wLjAuMCwyNTgsMDRjZGQ2MmYtODYyZi00ZDRjLWExZDktNDQwYjY3Njg0MGQ2LCwsY2I3NjU0YTEtZDAyNC02MDAwLTkzM2EtNGU1YzhkMjg1ZmY3LGNiNzY1NGExLWQwMjQtNjAwMC05MzNhLTRlNWM4ZDI4NWZmNyw3MXQvbUlzVlFVdXRpQUxMVDM3aC9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTQwODIsYlphUGIxWnVyYlR2aFlFTGVQUllwY2dtNVN3LG52bnoveVk4UzNTandqODBWZFhRblBjZmhhYUErQUpSUWhlempsZFZZcGpEVUE2RFJETmltL3J0ZHYyY1RoVVczNGtZam0xVENTNUlSRk5SdmVpWEhIUnNIMlJSSUVOK1ZDMjNvOHB2SmIxRUQ3RksxMWlGWXkxMXZRdkZJc0FYb2JUbWZZQUJIclBMaUtDNVQwWng0WVpvWmRzL3Q4N0dFcHJUK2ZNUm5lWmh3MFhCUlhveEovc3JFRFpqZzFQUGJTbW13RlQvbGcycldrUnRzVzBuU2ZiMTVicmhZK3U5dnFUSlM2VVFkdVMyQ3M1cGJCNTZ2d3F6T3FiWUllc1VBZlNGcGF6RVV2aGREa0trSnFkdmxzQUk2dy95akltUEVTQWk4SUFkVTJHZzRucHZDWDM3MitpV0tEdlNZUTB4Vmw2YkVjZ0JqcytaMUZuSWVQWC83Zz09PC9TUD4= |
Source: global traffic |
HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1Host: newmexicogov-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzAyOTQ4NTdmMGU1ZDJkODRhZDdkNTQ3MjhiNTMzY2M4OTc1OTAzOWYzNGZjZjEyOGRkZDhlZDQ5MWM5ZDcxZWEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jMDI5NDg1N2YwZTVkMmQ4NGFkN2Q1NDcyOGI1MzNjYzg5NzU5MDM5ZjM0ZmNmMTI4ZGRkOGVkNDkxYzlkNzFlYSwxMzM3MTk0NDEzMDAwMDAwMDAsMCwxMzM3MjAzMDIzMDI4MTMyMzYsMC4wLjAuMCwyNTgsMDRjZGQ2MmYtODYyZi00ZDRjLWExZDktNDQwYjY3Njg0MGQ2LCwsY2I3NjU0YTEtZDAyNC02MDAwLTkzM2EtNGU1YzhkMjg1ZmY3LGNiNzY1NGExLWQwMjQtNjAwMC05MzNhLTRlNWM4ZDI4NWZmNyw3MXQvbUlzVlFVdXRpQUxMVDM3aC9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTQwODIsYlphUGIxWnVyYlR2aFlFTGVQUllwY2dtNVN3LG52bnoveVk4UzNTandqODBWZFhRblBjZmhhYUErQUpSUWhlempsZFZZcGpEVUE2RFJETmltL3J0ZHYyY1RoVVczNGtZam0xVENTNUlSRk5SdmVpWEhIUnNIMlJSSUVOK1ZDMjNvOHB2SmIxRUQ3RksxMWlGWXkxMXZRdkZJc0FYb2JUbWZZQUJIclBMaUtDNVQwWng0WVpvWmRzL3Q4N0dFcHJUK2ZNUm5lWmh3MFhCUlhveEovc3JFRFpqZzFQUGJTbW13RlQvbGcycldrUnRzVzBuU2ZiMTVicmhZK3U5dnFUSlM2VVFkdVMyQ3M1cGJCNTZ2d3F6T3FiWUllc1VBZlNGcGF6RVV2aGREa0trSnFkdmxzQUk2dy95akltUEVTQWk4SUFkVTJHZzRucHZDWDM3MitpV0tEdlNZUTB4Vmw2YkVjZ0JqcytaMUZuSWVQWC83Zz09PC9TUD4= |
Source: global traffic |
HTTP traffic detected: GET /personal/christine_fuller_newmexicogov_onmicrosoft_com/_api/v2.1/graphql HTTP/1.1Host: newmexicogov-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzAyOTQ4NTdmMGU1ZDJkODRhZDdkNTQ3MjhiNTMzY2M4OTc1OTAzOWYzNGZjZjEyOGRkZDhlZDQ5MWM5ZDcxZWEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jMDI5NDg1N2YwZTVkMmQ4NGFkN2Q1NDcyOGI1MzNjYzg5NzU5MDM5ZjM0ZmNmMTI4ZGRkOGVkNDkxYzlkNzFlYSwxMzM3MTk0NDEzMDAwMDAwMDAsMCwxMzM3MjAzMDIzMDI4MTMyMzYsMC4wLjAuMCwyNTgsMDRjZGQ2MmYtODYyZi00ZDRjLWExZDktNDQwYjY3Njg0MGQ2LCwsY2I3NjU0YTEtZDAyNC02MDAwLTkzM2EtNGU1YzhkMjg1ZmY3LGNiNzY1NGExLWQwMjQtNjAwMC05MzNhLTRlNWM4ZDI4NWZmNyw3MXQvbUlzVlFVdXRpQUxMVDM3aC9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTQwODIsYlphUGIxWnVyYlR2aFlFTGVQUllwY2dtNVN3LG52bnoveVk4UzNTandqODBWZFhRblBjZmhhYUErQUpSUWhlempsZFZZcGpEVUE2RFJETmltL3J0ZHYyY1RoVVczNGtZam0xVENTNUlSRk5SdmVpWEhIUnNIMlJSSUVOK1ZDMjNvOHB2SmIxRUQ3RksxMWlGWXkxMXZRdkZJc0FYb2JUbWZZQUJIclBMaUtDNVQwWng0WVpvWmRzL3Q4N0dFcHJUK2ZNUm5lWmh3MFhCUlhveEovc3JFRFpqZzFQUGJTbW13RlQvbGcycldrUnRzVzBuU2ZiMTVicmhZK3U5dnFUSlM2VVFkdVMyQ3M1cGJCNTZ2d3F6T3FiWUllc1VBZlNGcGF6RVV2aGREa0trSnFkdmxzQUk2dy95akltUEVTQWk4SUFkVTJHZzRucHZDWDM3MitpV0tEdlNZUTB4Vmw2YkVjZ0JqcytaMUZuSWVQWC83Zz09PC9TUD4=; FeatureOverrides_experiments=[] |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/images/odbfavicon.ico?rev=47 HTTP/1.1Host: newmexicogov-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%2FNew%20Mexico%20Division%20of%20Vocational%20Rehabilitation&ga=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzAyOTQ4NTdmMGU1ZDJkODRhZDdkNTQ3MjhiNTMzY2M4OTc1OTAzOWYzNGZjZjEyOGRkZDhlZDQ5MWM5ZDcxZWEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jMDI5NDg1N2YwZTVkMmQ4NGFkN2Q1NDcyOGI1MzNjYzg5NzU5MDM5ZjM0ZmNmMTI4ZGRkOGVkNDkxYzlkNzFlYSwxMzM3MTk0NDEzMDAwMDAwMDAsMCwxMzM3MjAzMDIzMDI4MTMyMzYsMC4wLjAuMCwyNTgsMDRjZGQ2MmYtODYyZi00ZDRjLWExZDktNDQwYjY3Njg0MGQ2LCwsY2I3NjU0YTEtZDAyNC02MDAwLTkzM2EtNGU1YzhkMjg1ZmY3LGNiNzY1NGExLWQwMjQtNjAwMC05MzNhLTRlNWM4ZDI4NWZmNyw3MXQvbUlzVlFVdXRpQUxMVDM3aC9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTQwODIsYlphUGIxWnVyYlR2aFlFTGVQUllwY2dtNVN3LG52bnoveVk4UzNTandqODBWZFhRblBjZmhhYUErQUpSUWhlempsZFZZcGpEVUE2RFJETmltL3J0ZHYyY1RoVVczNGtZam0xVENTNUlSRk5SdmVpWEhIUnNIMlJSSUVOK1ZDMjNvOHB2SmIxRUQ3RksxMWlGWXkxMXZRdkZJc0FYb2JUbWZZQUJIclBMaUtDNVQwWng0WVpvWmRzL3Q4N0dFcHJUK2ZNUm5lWmh3MFhCUlhveEovc3JFRFpqZzFQUGJTbW13RlQvbGcycldrUnRzVzBuU2ZiMTVicmhZK3U5dnFUSlM2VVFkdVMyQ3M1cGJCNTZ2d3F6T3FiWUllc1VBZlNGcGF6RVV2aGREa0trSnFkdmxzQUk2dy95akltUEVTQWk4SUFkVTJHZzRucHZDWDM3MitpV0tEdlNZUTB4Vmw2YkVjZ0JqcytaMUZuSWVQWC83Zz09PC9TUD4=; FeatureOverrides_experiments=[] |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/images/odbfavicon.ico?rev=47 HTTP/1.1Host: newmexicogov-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzAyOTQ4NTdmMGU1ZDJkODRhZDdkNTQ3MjhiNTMzY2M4OTc1OTAzOWYzNGZjZjEyOGRkZDhlZDQ5MWM5ZDcxZWEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jMDI5NDg1N2YwZTVkMmQ4NGFkN2Q1NDcyOGI1MzNjYzg5NzU5MDM5ZjM0ZmNmMTI4ZGRkOGVkNDkxYzlkNzFlYSwxMzM3MTk0NDEzMDAwMDAwMDAsMCwxMzM3MjAzMDIzMDI4MTMyMzYsMC4wLjAuMCwyNTgsMDRjZGQ2MmYtODYyZi00ZDRjLWExZDktNDQwYjY3Njg0MGQ2LCwsY2I3NjU0YTEtZDAyNC02MDAwLTkzM2EtNGU1YzhkMjg1ZmY3LGNiNzY1NGExLWQwMjQtNjAwMC05MzNhLTRlNWM4ZDI4NWZmNyw3MXQvbUlzVlFVdXRpQUxMVDM3aC9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTQwODIsYlphUGIxWnVyYlR2aFlFTGVQUllwY2dtNVN3LG52bnoveVk4UzNTandqODBWZFhRblBjZmhhYUErQUpSUWhlempsZFZZcGpEVUE2RFJETmltL3J0ZHYyY1RoVVczNGtZam0xVENTNUlSRk5SdmVpWEhIUnNIMlJSSUVOK1ZDMjNvOHB2SmIxRUQ3RksxMWlGWXkxMXZRdkZJc0FYb2JUbWZZQUJIclBMaUtDNVQwWng0WVpvWmRzL3Q4N0dFcHJUK2ZNUm5lWmh3MFhCUlhveEovc3JFRFpqZzFQUGJTbW13RlQvbGcycldrUnRzVzBuU2ZiMTVicmhZK3U5dnFUSlM2VVFkdVMyQ3M1cGJCNTZ2d3F6T3FiWUllc1VBZlNGcGF6RVV2aGREa0trSnFkdmxzQUk2dy95akltUEVTQWk4SUFkVTJHZzRucHZDWDM3MitpV0tEdlNZUTB4Vmw2YkVjZ0JqcytaMUZuSWVQWC83Zz09PC9TUD4=; FeatureOverrides_experiments=[] |
Source: global traffic |
HTTP traffic detected: GET /personal/christine_fuller_newmexicogov_onmicrosoft_com/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%27&RootFolder=%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%2FNew%20Mexico%20Division%20of%20Vocational%20Rehabilitation&TryNewExperienceSingle=TRUE HTTP/1.1Host: newmexicogov-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzAyOTQ4NTdmMGU1ZDJkODRhZDdkNTQ3MjhiNTMzY2M4OTc1OTAzOWYzNGZjZjEyOGRkZDhlZDQ5MWM5ZDcxZWEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jMDI5NDg1N2YwZTVkMmQ4NGFkN2Q1NDcyOGI1MzNjYzg5NzU5MDM5ZjM0ZmNmMTI4ZGRkOGVkNDkxYzlkNzFlYSwxMzM3MTk0NDEzMDAwMDAwMDAsMCwxMzM3MjAzMDIzMDI4MTMyMzYsMC4wLjAuMCwyNTgsMDRjZGQ2MmYtODYyZi00ZDRjLWExZDktNDQwYjY3Njg0MGQ2LCwsY2I3NjU0YTEtZDAyNC02MDAwLTkzM2EtNGU1YzhkMjg1ZmY3LGNiNzY1NGExLWQwMjQtNjAwMC05MzNhLTRlNWM4ZDI4NWZmNyw3MXQvbUlzVlFVdXRpQUxMVDM3aC9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTQwODIsYlphUGIxWnVyYlR2aFlFTGVQUllwY2dtNVN3LG52bnoveVk4UzNTandqODBWZFhRblBjZmhhYUErQUpSUWhlempsZFZZcGpEVUE2RFJETmltL3J0ZHYyY1RoVVczNGtZam0xVENTNUlSRk5SdmVpWEhIUnNIMlJSSUVOK1ZDMjNvOHB2SmIxRUQ3RksxMWlGWXkxMXZRdkZJc0FYb2JUbWZZQUJIclBMaUtDNVQwWng0WVpvWmRzL3Q4N0dFcHJUK2ZNUm5lWmh3MFhCUlhveEovc3JFRFpqZzFQUGJTbW13RlQvbGcycldrUnRzVzBuU2ZiMTVicmhZK3U5dnFUSlM2VVFkdVMyQ3M1cGJCNTZ2d3F6T3FiWUllc1VBZlNGcGF6RVV2aGREa0trSnFkdmxzQUk2dy95akltUEVTQWk4SUFkVTJHZzRucHZDWDM3MitpV0tEdlNZUTB4Vmw2YkVjZ0JqcytaMUZuSWVQWC83Zz09PC9TUD4=; FeatureOverrides_experiments=[] |
Source: global traffic |
HTTP traffic detected: GET /personal/christine_fuller_newmexicogov_onmicrosoft_com/_api/web/GetListUsingPath(DecodedUrl=@a1)/RenderListDataAsStream?@a1=%27%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%27&TryNewExperienceSingle=TRUE HTTP/1.1Host: newmexicogov-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzAyOTQ4NTdmMGU1ZDJkODRhZDdkNTQ3MjhiNTMzY2M4OTc1OTAzOWYzNGZjZjEyOGRkZDhlZDQ5MWM5ZDcxZWEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jMDI5NDg1N2YwZTVkMmQ4NGFkN2Q1NDcyOGI1MzNjYzg5NzU5MDM5ZjM0ZmNmMTI4ZGRkOGVkNDkxYzlkNzFlYSwxMzM3MTk0NDEzMDAwMDAwMDAsMCwxMzM3MjAzMDIzMDI4MTMyMzYsMC4wLjAuMCwyNTgsMDRjZGQ2MmYtODYyZi00ZDRjLWExZDktNDQwYjY3Njg0MGQ2LCwsY2I3NjU0YTEtZDAyNC02MDAwLTkzM2EtNGU1YzhkMjg1ZmY3LGNiNzY1NGExLWQwMjQtNjAwMC05MzNhLTRlNWM4ZDI4NWZmNyw3MXQvbUlzVlFVdXRpQUxMVDM3aC9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTQwODIsYlphUGIxWnVyYlR2aFlFTGVQUllwY2dtNVN3LG52bnoveVk4UzNTandqODBWZFhRblBjZmhhYUErQUpSUWhlempsZFZZcGpEVUE2RFJETmltL3J0ZHYyY1RoVVczNGtZam0xVENTNUlSRk5SdmVpWEhIUnNIMlJSSUVOK1ZDMjNvOHB2SmIxRUQ3RksxMWlGWXkxMXZRdkZJc0FYb2JUbWZZQUJIclBMaUtDNVQwWng0WVpvWmRzL3Q4N0dFcHJUK2ZNUm5lWmh3MFhCUlhveEovc3JFRFpqZzFQUGJTbW13RlQvbGcycldrUnRzVzBuU2ZiMTVicmhZK3U5dnFUSlM2VVFkdVMyQ3M1cGJCNTZ2d3F6T3FiWUllc1VBZlNGcGF6RVV2aGREa0trSnFkdmxzQUk2dy95akltUEVTQWk4SUFkVTJHZzRucHZDWDM3MitpV0tEdlNZUTB4Vmw2YkVjZ0JqcytaMUZuSWVQWC83Zz09PC9TUD4=; FeatureOverrides_experiments=[] |
Source: global traffic |
HTTP traffic detected: GET /_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true HTTP/1.1Host: newmexicogov-my.sharepoint.comConnection: keep-aliveCache-Control: max-age=0Accept: */*Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://newmexicogov-my.sharepoint.com/personal/christine_fuller_newmexicogov_onmicrosoft_com/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fchristine%5Ffuller%5Fnewmexicogov%5Fonmicrosoft%5Fcom%2FDocuments%2FNew%20Mexico%20Division%20of%20Vocational%20Rehabilitation&ga=1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzAyOTQ4NTdmMGU1ZDJkODRhZDdkNTQ3MjhiNTMzY2M4OTc1OTAzOWYzNGZjZjEyOGRkZDhlZDQ5MWM5ZDcxZWEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jMDI5NDg1N2YwZTVkMmQ4NGFkN2Q1NDcyOGI1MzNjYzg5NzU5MDM5ZjM0ZmNmMTI4ZGRkOGVkNDkxYzlkNzFlYSwxMzM3MTk0NDEzMDAwMDAwMDAsMCwxMzM3MjAzMDIzMDI4MTMyMzYsMC4wLjAuMCwyNTgsMDRjZGQ2MmYtODYyZi00ZDRjLWExZDktNDQwYjY3Njg0MGQ2LCwsY2I3NjU0YTEtZDAyNC02MDAwLTkzM2EtNGU1YzhkMjg1ZmY3LGNiNzY1NGExLWQwMjQtNjAwMC05MzNhLTRlNWM4ZDI4NWZmNyw3MXQvbUlzVlFVdXRpQUxMVDM3aC9nLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTQwODIsYlphUGIxWnVyYlR2aFlFTGVQUllwY2dtNVN3LG52bnoveVk4UzNTandqODBWZFhRblBjZmhhYUErQUpSUWhlempsZFZZcGpEVUE2RFJETmltL3J0ZHYyY1RoVVczNGtZam0xVENTNUlSRk5SdmV |