Report - 1drv.ms/i/c/b830006f6a8f8199/EU3r_mgx4uhGn2owe7OJn0QBsN1w8wWTueEXwihKLMWjLw

Report Overview

Submitted URL
1drv.ms/i/c/b830006f6a8f8199/EU3r_mgx4uhGn2owe7OJn0QBsN1w8wWTueEXwihKLMWjLw
IP
13.107.42.12
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2024-05-07 20:39:18
Access
public
Website Title
OneDrive
Final URL
photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Tags
microsoft phishing
urlquery detections
Phishing - Microsoft

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
my.microsoftpersonalcontent.com	unknown	2020-06-18	2020-10-03	2024-05-07	794 B	6.6 kB	13.107.139.11
1drv.ms	62649	2013-08-28	2016-02-29	2024-05-07	529 B	728 B	13.107.42.12
photos.onedrive.com	unknown	1998-06-08	2015-11-24	2024-04-26	1.7 kB	7.7 kB	20.246.226.137
res.cdn.office.net	1292	1994-11-14	2021-09-30	2024-05-03	5.4 kB	533 kB	95.101.10.178
api-badgerp.svc.ms	unknown	2016-07-05	2023-11-07	2024-03-11	541 B	1.3 kB	13.107.136.10
browser.events.data.microsoft.com	290	1991-05-02	2018-05-25	2024-05-06	3.1 kB	2.9 kB	13.89.179.9

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	res.cdn.office.net/onedrvphotospcdn/locale/en/index.77213081.js	30 kB	2024-05-07	2024-05-07
Pretty URL res.cdn.office.net/onedrvphotospcdn/locale/en/index.77213081.js IP 95.101.10.178 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 22:39:19 Last Seen2024-05-07 22:39:19 Times Seen2 Hash 7c09c1bdd7d574738e08b4dfaf79f2ab c0e6df73d863887591a268e36668e9a9d4d59efd 115c301463231d8a719c1100516536fd49c9f205c7c7ad6665a86cb564a02d3f Loading...

	photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc	988 B	2024-05-07	2024-05-07
Pretty URL photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc IP 20.246.226.137 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 22:39:19 Last Seen2024-05-07 22:39:19 Times Seen1 Hash 3257d28f39fab81803a27f2d123239bd 33501ddd9ed783a5adee5ad5774b1f6b83e36289 a313227e4aee2d5f321da4ad4b95328cfe720d50db0155f2b4b2647bfe2022d7 Loading...

	photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc	8.8 kB	2024-05-07	2024-05-07
Pretty URL photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc IP 20.246.226.137 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 22:39:19 Last Seen2024-05-07 22:39:19 Times Seen1 Hash c0bbddf63f2998e5c68e59a86cc08e97 0a17d2b752a469e05d7ec9ad11925476b110a46d 8e0a4d6a2cada14436cdcc906791da6e56146d3d47303434da29e8974d8d2b24 Loading...

	res.cdn.office.net/onedrvphotospcdn/static/js/6591.1df16e13.js	470 kB	2024-03-21	2024-05-07
Pretty URL res.cdn.office.net/onedrvphotospcdn/static/js/6591.1df16e13.js IP 95.101.10.178 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-21 17:56:58 Last Seen2024-05-07 22:39:19 Times Seen7 Hash 2f3537770e22c2b81411268249056c92 362071602e72c67e59c65530b9f453c9c14373f9 ec9982a117c39355c322b31bebad13c886706bba0f35b4229b1d62534e239a22 Loading...

	res.cdn.office.net/onedrvphotospcdn/static/js/main.89350d24.js	372 kB	2024-05-07	2024-05-07
Pretty URL res.cdn.office.net/onedrvphotospcdn/static/js/main.89350d24.js IP 95.101.10.178 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 22:39:19 Last Seen2024-05-07 22:39:19 Times Seen2 Hash d1677ee6cb56c8380bea0b7405c898c3 6df1333a7ad653e898e0edc032cf25c16e6d5e31 c72d5c888507e7a6e74597919755fb1eac5784356613df1ce163a5b84f647fb5 Loading...

	res.cdn.office.net/onedrvphotospcdn/static/js/1785.e57d76b9.chunk.js	36 kB	2024-05-07	2024-05-07
Pretty URL res.cdn.office.net/onedrvphotospcdn/static/js/1785.e57d76b9.chunk.js IP 95.101.10.178 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 22:39:19 Last Seen2024-05-07 22:39:19 Times Seen2 Hash a616eb789d313d5bfc8d8319782e6845 88910768ae162d895af90ebc59ad35a130f2e5f1 8372195467eda936f937154272bb04cc194a56aec3e226b481c4313c4039d037 Loading...

HTTP Transactions (21)

URL IP Response Size

1drv.ms/i/c/b830006f6a8f8199/EU3r_mgx4uhGn2owe7OJn0QBsN1w8wWTueEXwihKLMWjLw

13.107.42.12

301 Moved Permanently

0 B

URL User Request GET HTTP/2
1drv.ms/i/c/b830006f6a8f8199/EU3r_mgx4uhGn2owe7OJn0QBsN1w8wWTueEXwihKLMWjLw
IP
13.107.42.12:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerMicrosoft Corporation
Subjectstorage.live.com
Fingerprint57:B0:C5:25:28:D0:75:FB:97:40:B6:55:BC:3F:15:BB:49:64:36:85
ValidityThu, 04 Jan 2024 21:21:38 GMT - Sun, 29 Dec 2024 21:21:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /i/c/b830006f6a8f8199/EU3r_mgx4uhGn2owe7OJn0QBsN1w8wWTueEXwihKLMWjLw HTTP/1.1
Host: 1drv.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
x-msnserver: DB3PPF65236FD0C
strict-transport-security: max-age=31536000; includeSubDomains
ms-cv: vqls5CoO0U6xINWXjsDpkQ.0
x-asmversion: UNKNOWN; 19.1402.419.2003
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B960CED494E44511BE2FBF40D93F2030 Ref B: OSL30EDGE0209 Ref C: 2024-05-07T20:38:52Z
date: Tue, 07 May 2024 20:38:51 GMT
content-length: 0
X-Firefox-Spdy: h2

photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc

20.246.226.137

200 OK

5.6 kB

URL User Request GET HTTP/1.1
photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
IP
20.246.226.137:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerMicrosoft Corporation
Subjectphotos.onedrive.com
FingerprintE4:CA:67:55:6F:6C:2B:AC:60:E8:C6:47:59:0A:6A:D1:27:13:42:3F
ValidityThu, 15 Feb 2024 22:38:01 GMT - Sun, 09 Feb 2025 22:38:01 GMT

File type
HTML document, ASCII text, with very long lines (11517), with no line terminators
Size
5.6 kB (5641 bytes)
Hash
c275ffcc564a6b3a82bbd6c151dfa995
c714e17be013046dbd226cc510a6655bef61cc74
9faef049ceb72a77f506409cf6007c8732dfb5d0fdb0fa77fc493d30ff79be22

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

GET /share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc HTTP/1.1
Host: photos.onedrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
X-Content-Type-Options: nosniff
ms-cv: 488a9e60e51f97d60be4334c8ed8fac0.0
Content-Type: text/html
Cache-Control: public
Report-To: {"group":"csp-endpoint","max_age":10886400,"endpoints":[{"url":"/tracing/csp"}]}
Content-Security-Policy-Report-Only: base-uri 'none'; default-src 'self'; connect-src 'self' blob: https://api.onedrive.com https://browser.pipe.aria.microsoft.com https://browser.events.data.microsoft.com https://graph.microsoft.com https://my.microsoftpersonalcontent.com/ https://my.msftsptest.com https://storage.live.com https://*.bing.com https://*.files.1drv.com https://*.storage.live.com https://*.svc.ms https://*.virtualearth.net; frame-src https://my.microsoftpersonalcontent.com/ https://reportabuse.azurefd.net https://support.office.com https://storage.live.com https://www.odwebp.svc.ms https://www.onedrive-tst.com; font-src 'self' data: https://static2.sharepointonline.com https://spoppe-b.azureedge.net https://res.cdn.office.net/onedrvphotospcdn/static/media/; img-src 'self' https: blob: data:; media-src 'self' https: blob: data:; object-src 'none'; script-src 'self' https://*.bing.com https://*.virtualearth.net https://res.cdn.office.net/onedrvphotospcdn/static/js/ 'nonce-xoGXuaROFUWEp87Io0VIbA==' 'sha512-vbYSQOA6u6/wrCKA/mBXAb7vMKSDADwUid65mifTqFe5T7ICKlDyflEeT5AO4hyi0bywodgCZg4isFnAqYZ4cA=='; style-src 'self' https://*.bing.com https://*.virtualearth.net https://res.cdn.office.net/onedrvphotospcdn/static/css/ 'unsafe-inline';  report-to csp-endpoint; report-uri /tracing/csp
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 07 May 2024 20:38:52 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

res.cdn.office.net/onedrvphotospcdn/static/css/main.2823238d.css

95.101.10.178

200 OK

12 kB

URL GET HTTP/2
res.cdn.office.net/onedrvphotospcdn/static/css/main.2823238d.css
IP
95.101.10.178:443
ASN
#20940 Akamai International B.V.

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint21:55:DF:8C:D8:DA:80:F2:04:7A:B9:66:BA:AC:C0:DC:D7:DB:46:D5
ValidityTue, 20 Feb 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT

File type
ASCII text
Size
12 kB (12227 bytes)
Hash
30cc8ea1e8ec898b9760f3b83412db22
5ae60ec55fd3b7d2349415798aab4499690e6eca
ce107aaff4ee7c6421513a579d8049d82728301704719c5501b01ec5323010e8

HTTP Headers

GET /onedrvphotospcdn/static/css/main.2823238d.css HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://photos.onedrive.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 03 May 2024 14:39:20 GMT
x-ms-request-id: a52e3fac-d01e-0042-502a-9f4617000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Tue, 07 May 2024 20:38:53 GMT
alt-svc: h3=":443"; ma=93600
content-length: 12227
akamai-request-bc: [a=95.101.10.174,b=39255961,c=g,n=NO__OSLO,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.ae0a655f.1715114333.256ff99&TotalRTCDNTime=4&CompressionType=gzip&FileSize="}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=4, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

res.cdn.office.net/onedrvphotospcdn/static/js/main.89350d24.js

95.101.10.178

200 OK

114 kB

URL GET HTTP/2
res.cdn.office.net/onedrvphotospcdn/static/js/main.89350d24.js
IP
95.101.10.178:443
ASN
#20940 Akamai International B.V.

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint21:55:DF:8C:D8:DA:80:F2:04:7A:B9:66:BA:AC:C0:DC:D7:DB:46:D5
ValidityTue, 20 Feb 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
114 kB (113734 bytes)
Hash
d1677ee6cb56c8380bea0b7405c898c3
6df1333a7ad653e898e0edc032cf25c16e6d5e31
c72d5c888507e7a6e74597919755fb1eac5784356613df1ce163a5b84f647fb5

HTTP Headers

GET /onedrvphotospcdn/static/js/main.89350d24.js HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://photos.onedrive.com/
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 07 May 2024 15:35:47 GMT
x-ms-request-id: 6fed68bd-a01e-0015-6394-a0e824000000
content-encoding: gzip
content-length: 113734
cache-control: max-age=630720000
date: Tue, 07 May 2024 20:38:53 GMT
alt-svc: h3=":443"; ma=93600
vary: Accept-Encoding
akamai-request-bc: [a=95.101.10.174,b=39255952,c=g,n=NO__OSLO,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.ae0a655f.1715114333.256ff90&TotalRTCDNTime=2&CompressionType=gzip&FileSize=113734"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=2, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

res.cdn.office.net/onedrvphotospcdn/locale/en/index.77213081.js

95.101.10.178

200 OK

10 kB

URL GET HTTP/2
res.cdn.office.net/onedrvphotospcdn/locale/en/index.77213081.js
IP
95.101.10.178:443
ASN
#20940 Akamai International B.V.

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint21:55:DF:8C:D8:DA:80:F2:04:7A:B9:66:BA:AC:C0:DC:D7:DB:46:D5
ValidityTue, 20 Feb 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (29990), with no line terminators
Size
10 kB (10293 bytes)
Hash
7c09c1bdd7d574738e08b4dfaf79f2ab
c0e6df73d863887591a268e36668e9a9d4d59efd
115c301463231d8a719c1100516536fd49c9f205c7c7ad6665a86cb564a02d3f

HTTP Headers

GET /onedrvphotospcdn/locale/en/index.77213081.js HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://photos.onedrive.com/
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 03 May 2024 14:39:17 GMT
x-ms-request-id: 64be662f-101e-0000-7a64-9fff97000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Tue, 07 May 2024 20:38:53 GMT
content-length: 10293
akamai-request-bc: [a=95.101.10.174,b=39255953,c=g,n=NO__OSLO,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.ae0a655f.1715114333.256ff91&TotalRTCDNTime=0&CompressionType=gzip&FileSize="}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=0, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

res.cdn.office.net/onedrvphotospcdn/static/css/6591.4172fb72.css

95.101.10.178

200 OK

19 kB

URL GET HTTP/2
res.cdn.office.net/onedrvphotospcdn/static/css/6591.4172fb72.css
IP
95.101.10.178:443
ASN
#20940 Akamai International B.V.

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint21:55:DF:8C:D8:DA:80:F2:04:7A:B9:66:BA:AC:C0:DC:D7:DB:46:D5
ValidityTue, 20 Feb 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT

File type
assembler source, ASCII text
Size
19 kB (19278 bytes)
Hash
4a09d16a43bf3622057ae1bcd27ac03b
6b04bda153cf64be59b97a7d7de454c77c360b8b
e23cb909f4b417088aa58db12559b987e0220508fa40dc9836ca3914a33664d1

HTTP Headers

GET /onedrvphotospcdn/static/css/6591.4172fb72.css HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://photos.onedrive.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 03 May 2024 14:39:22 GMT
x-ms-request-id: bb2173fa-b01e-0044-4c88-9e75a8000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Tue, 07 May 2024 20:38:53 GMT
content-length: 19278
akamai-request-bc: [a=95.101.10.174,b=39256029,c=g,n=NO__OSLO,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.ae0a655f.1715114333.256ffdd&TotalRTCDNTime=3&CompressionType=gzip&FileSize="}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=3, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

res.cdn.office.net/onedrvphotospcdn/static/js/6591.1df16e13.js

95.101.10.178

200 OK

143 kB

URL GET HTTP/2
res.cdn.office.net/onedrvphotospcdn/static/js/6591.1df16e13.js
IP
95.101.10.178:443
ASN
#20940 Akamai International B.V.

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint21:55:DF:8C:D8:DA:80:F2:04:7A:B9:66:BA:AC:C0:DC:D7:DB:46:D5
ValidityTue, 20 Feb 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65465)
Size
143 kB (142566 bytes)
Hash
2f3537770e22c2b81411268249056c92
362071602e72c67e59c65530b9f453c9c14373f9
ec9982a117c39355c322b31bebad13c886706bba0f35b4229b1d62534e239a22

HTTP Headers

GET /onedrvphotospcdn/static/js/6591.1df16e13.js HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://photos.onedrive.com/
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Wed, 01 May 2024 23:11:26 GMT
x-ms-request-id: 8eab35af-901e-001e-1f35-9c134f000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Tue, 07 May 2024 20:38:53 GMT
content-length: 142566
akamai-request-bc: [a=95.101.10.174,b=39255973,c=g,n=NO__OSLO,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.ae0a655f.1715114333.256ffa5&TotalRTCDNTime=1&CompressionType=gzip&FileSize="}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=1, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

res.cdn.office.net/onedrvphotospcdn/static/js/1785.e57d76b9.chunk.js

95.101.10.178

200 OK

11 kB

URL GET HTTP/2
res.cdn.office.net/onedrvphotospcdn/static/js/1785.e57d76b9.chunk.js
IP
95.101.10.178:443
ASN
#20940 Akamai International B.V.

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint21:55:DF:8C:D8:DA:80:F2:04:7A:B9:66:BA:AC:C0:DC:D7:DB:46:D5
ValidityTue, 20 Feb 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (35505)
Size
11 kB (10601 bytes)
Hash
a616eb789d313d5bfc8d8319782e6845
88910768ae162d895af90ebc59ad35a130f2e5f1
8372195467eda936f937154272bb04cc194a56aec3e226b481c4313c4039d037

HTTP Headers

GET /onedrvphotospcdn/static/js/1785.e57d76b9.chunk.js HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://photos.onedrive.com/
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 01 May 2024 23:11:25 GMT
x-ms-request-id: 70724739-201e-0024-3655-9c0937000000
content-encoding: gzip
content-length: 10601
cache-control: max-age=630720000
date: Tue, 07 May 2024 20:38:53 GMT
vary: Accept-Encoding
akamai-request-bc: [a=95.101.10.174,b=39257011,c=g,n=NO__OSLO,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.ae0a655f.1715114333.25703b3&TotalRTCDNTime=1&CompressionType=gzip&FileSize=10601"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=1, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

res.cdn.office.net/onedrvphotospcdn/static/css/1785.98b51d38.chunk.css

95.101.10.178

200 OK

1.0 kB

URL GET HTTP/2
res.cdn.office.net/onedrvphotospcdn/static/css/1785.98b51d38.chunk.css
IP
95.101.10.178:443
ASN
#20940 Akamai International B.V.

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint21:55:DF:8C:D8:DA:80:F2:04:7A:B9:66:BA:AC:C0:DC:D7:DB:46:D5
ValidityTue, 20 Feb 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT

File type
ASCII text
Size
1.0 kB (1016 bytes)
Hash
2585df02455c77881b3af8c2fcd951b7
6527c938f14d9aca471a335f2f174c706cbaa357
b021fbf2e26bdd195b7552c6ab112927253ae9854a4212d420763c62447d214c

HTTP Headers

GET /onedrvphotospcdn/static/css/1785.98b51d38.chunk.css HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://photos.onedrive.com/
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 03 May 2024 14:39:21 GMT
x-ms-request-id: 32788753-c01e-0013-0bf9-9edb9b000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Tue, 07 May 2024 20:38:53 GMT
content-length: 1016
akamai-request-bc: [a=95.101.10.174,b=39257010,c=g,n=NO__OSLO,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.ae0a655f.1715114333.25703b2&TotalRTCDNTime=0&CompressionType=gzip&FileSize="}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=0, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

res.cdn.office.net/onedrvphotospcdn/static/js/4345.ae1dba3d.chunk.js

95.101.10.178

200 OK

136 kB

URL GET HTTP/3
res.cdn.office.net/onedrvphotospcdn/static/js/4345.ae1dba3d.chunk.js
IP
95.101.10.178:443
ASN
#20940 Akamai International B.V.

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint21:55:DF:8C:D8:DA:80:F2:04:7A:B9:66:BA:AC:C0:DC:D7:DB:46:D5
ValidityTue, 20 Feb 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65459)
Size
136 kB (135798 bytes)
Hash
cfabaf495246a38def3d35cf880257c0
004d6b51f3c172620e10e14f3c8ff3c1edebce32
1570c12c074c161355a93833cfb54c3316334542ba63f847574561fe8e4b24b6

HTTP Headers

GET /onedrvphotospcdn/static/js/4345.ae1dba3d.chunk.js HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://photos.onedrive.com/
X-Moz: prefetch
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
last-modified: Fri, 03 May 2024 14:39:17 GMT
x-ms-request-id: e3c5a65a-c01e-004e-76dd-9dd11f000000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=630720000
date: Tue, 07 May 2024 20:38:53 GMT
alt-svc: h3=":443"; ma=93600
content-length: 135798
akamai-request-bc: [a=95.101.10.174,b=39257134,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.ae0a655f.1715114333.257042e&TotalRTCDNTime=2&CompressionType=gzip&FileSize="}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=2, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai

res.cdn.office.net/onedrvphotospcdn/static/js/9667.9cb3fd9a.chunk.js

95.101.10.178

200 OK

1.7 kB

URL GET HTTP/3
res.cdn.office.net/onedrvphotospcdn/static/js/9667.9cb3fd9a.chunk.js
IP
95.101.10.178:443
ASN
#20940 Akamai International B.V.

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint21:55:DF:8C:D8:DA:80:F2:04:7A:B9:66:BA:AC:C0:DC:D7:DB:46:D5
ValidityTue, 20 Feb 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (5174)
Size
1.7 kB (1749 bytes)
Hash
cb1b86c33970085a863a32eb58f4901a
da936b52287513d81a32ea62febf29b9544ff6ce
f4c7d7f3f1c681fa1d98e86dbedb5e14a42cb38e2a7c4311bacdfb7ded1ef43e

HTTP Headers

GET /onedrvphotospcdn/static/js/9667.9cb3fd9a.chunk.js HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://photos.onedrive.com/
X-Moz: prefetch
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
last-modified: Tue, 30 Apr 2024 17:00:32 GMT
x-ms-request-id: 12e3915b-201e-0056-1cd8-9b0e78000000
content-encoding: gzip
content-length: 1749
cache-control: max-age=630720000
date: Tue, 07 May 2024 20:38:53 GMT
alt-svc: h3=":443"; ma=93600
vary: Accept-Encoding
akamai-request-bc: [a=95.101.10.174,b=39257135,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.ae0a655f.1715114333.257042f&TotalRTCDNTime=2&CompressionType=gzip&FileSize=1749"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=2, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai

res.cdn.office.net/onedrvphotospcdn/static/media/onedrive.png

95.101.10.178

200 OK

13 kB

URL GET HTTP/3
res.cdn.office.net/onedrvphotospcdn/static/media/onedrive.png
IP
95.101.10.178:443
ASN
#20940 Akamai International B.V.

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint21:55:DF:8C:D8:DA:80:F2:04:7A:B9:66:BA:AC:C0:DC:D7:DB:46:D5
ValidityTue, 20 Feb 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Size
13 kB (13207 bytes)
Hash
a5be2243b086faa67cfaff096c868b69
e31da8db2e9a704f3d1f623f7fe056d950d115f6
d4f2bea38808dbe57c015ece97f0ceef00fa57e85bd8bc8509e1028c8e26d2ef

HTTP Headers

GET /onedrvphotospcdn/static/media/onedrive.png HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://photos.onedrive.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 13207
content-type: image/png
last-modified: Fri, 03 May 2024 14:39:21 GMT
x-ms-request-id: 4ff5d468-a01e-003a-1120-a0e5ef000000
cache-control: max-age=630720000
date: Tue, 07 May 2024 20:38:53 GMT
alt-svc: h3=":443"; ma=93600
akamai-request-bc: [a=95.101.10.174,b=39257132,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.ae0a655f.1715114333.257042c&TotalRTCDNTime=4&CompressionType=&FileSize=13207"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=4, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai

photos.onedrive.com/tracing/csp

20.246.226.137

204 No Content

0 B

URL POST HTTP/1.1
photos.onedrive.com/tracing/csp
IP
20.246.226.137:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerMicrosoft Corporation
Subjectphotos.onedrive.com
FingerprintE4:CA:67:55:6F:6C:2B:AC:60:E8:C6:47:59:0A:6A:D1:27:13:42:3F
ValidityThu, 15 Feb 2024 22:38:01 GMT - Sun, 09 Feb 2025 22:38:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

POST /tracing/csp HTTP/1.1
Host: photos.onedrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1860
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
X-Content-Type-Options: nosniff
ms-cv: 2f4cdb034f8df7a0b82fcdb1aacd0aba.0
Date: Tue, 07 May 2024 20:38:54 GMT
Connection: keep-alive
Keep-Alive: timeout=5

photos.onedrive.com/tracing/csp

20.246.226.137

204 No Content

0 B

URL POST HTTP/1.1
photos.onedrive.com/tracing/csp
IP
20.246.226.137:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerMicrosoft Corporation
Subjectphotos.onedrive.com
FingerprintE4:CA:67:55:6F:6C:2B:AC:60:E8:C6:47:59:0A:6A:D1:27:13:42:3F
ValidityThu, 15 Feb 2024 22:38:01 GMT - Sun, 09 Feb 2025 22:38:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft

HTTP Headers

POST /tracing/csp HTTP/1.1
Host: photos.onedrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1860
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
X-Content-Type-Options: nosniff
ms-cv: 143f612f2f73bedeaf5daf280c5e0f18.0
Date: Tue, 07 May 2024 20:38:54 GMT
Connection: keep-alive
Keep-Alive: timeout=5

api-badgerp.svc.ms/v1.0/token

13.107.136.10

503 Service Unavailable

981 B

URL OPTIONS HTTP/2
api-badgerp.svc.ms/v1.0/token
IP
13.107.136.10:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerMicrosoft Corporation
Subjectsvc.ms
Fingerprint76:6D:28:DB:9D:06:38:CD:2A:35:0C:FD:C3:D5:35:49:8B:D0:C0:C7
ValidityWed, 27 Sep 2023 21:57:58 GMT - Sat, 21 Sep 2024 21:57:58 GMT

File type
HTML document, ASCII text, with very long lines (981), with no line terminators
Size
981 B (981 bytes)
Hash
b5cf322f0834ab65370a5e2bacadce35
41582e1c298dd0862b886dbfdd358d2a4380a14f
cbd0556adf6a72b6e8447b2f7376088a28c7918c20879aee4afa7f508169b18e

HTTP Headers

OPTIONS /v1.0/token HTTP/1.1
Host: api-badgerp.svc.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: https://photos.onedrive.com/
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 503 Service Unavailable
cache-control: no-store
content-length: 981
content-type: text/html
x-azure-externalerror: 0x800705b4,DNSTimeout
x-msedge-ref: Ref A: CF8EE88FD25244539CA9B10C9C0D95BD Ref B: OSL30EDGE0309 Ref C: 2024-05-07T20:38:54Z
date: Tue, 07 May 2024 20:38:56 GMT
X-Firefox-Spdy: h2

res.cdn.office.net/onedrvphotospcdn/static/media/AzDevMDL2.acb0b44d.woff

95.101.10.178

200 OK

59 kB

URL GET HTTP/3
res.cdn.office.net/onedrvphotospcdn/static/media/AzDevMDL2.acb0b44d.woff
IP
95.101.10.178:443
ASN
#20940 Akamai International B.V.

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerDigiCert Inc
Subject*.res.outlook.com
Fingerprint21:55:DF:8C:D8:DA:80:F2:04:7A:B9:66:BA:AC:C0:DC:D7:DB:46:D5
ValidityTue, 20 Feb 2024 00:00:00 GMT - Thu, 20 Feb 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 58692, version 0.0
Size
59 kB (58692 bytes)
Hash
a6c73d473f2d65ee2e527bfc9fdb8713
600220e76be27a0bc5c8e324860efb38f5553f28
a7c7ed4e07275bee5282978fba7ad3624060f36470dbb73acd067c5416f20671

HTTP Headers

GET /onedrvphotospcdn/static/media/AzDevMDL2.acb0b44d.woff HTTP/1.1
Host: res.cdn.office.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Referer: https://res.cdn.office.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 58692
last-modified: Fri, 03 May 2024 14:39:19 GMT
x-ms-request-id: b665bc9b-801e-002d-1b04-9e4ce4000000
cache-control: max-age=630720000
date: Tue, 07 May 2024 20:38:57 GMT
alt-svc: h3=":443"; ma=93600
akamai-request-bc: [a=95.101.10.174,b=39262004,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.ae0a655f.1715114337.2571734&TotalRTCDNTime=2&CompressionType=&FileSize=58692"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=2, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff
x-cdn-provider: Akamai

browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

13.89.179.9

200 OK

0 B

URL OPTIONS HTTP/2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
IP
13.89.179.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerMicrosoft Corporation
Subject*.events.data.microsoft.com
Fingerprint29:9F:60:88:78:23:9D:24:60:B8:2E:13:B5:87:2A:4D:B5:97:77:02
ValiditySat, 30 Mar 2024 21:44:48 GMT - Tue, 25 Mar 2025 21:44:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Referer: https://photos.onedrive.com/
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, 3600
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-max-age: 3600
access-control-allow-origin: https://photos.onedrive.com
date: Tue, 07 May 2024 20:38:56 GMT
X-Firefox-Spdy: h2

browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

13.89.179.9

200 OK

153 B

URL OPTIONS HTTP/2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
IP
13.89.179.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerMicrosoft Corporation
Subject*.events.data.microsoft.com
Fingerprint29:9F:60:88:78:23:9D:24:60:B8:2E:13:B5:87:2A:4D:B5:97:77:02
ValiditySat, 30 Mar 2024 21:44:48 GMT - Tue, 25 Mar 2025 21:44:48 GMT

File type
JSON text data
Size
153 B (153 bytes)
Hash
6c7f7c4f74d8358208d8487378ec3e56
a2387332bfb387e222213dc02edb56e96b13044f
0e249715aa8db2281ebe6c5563f05549689a17800ca93e5a113e705bcb92a768

HTTP Headers

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://photos.onedrive.com/
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.2
apikey: a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
upload-time: 1715114336508
time-delta-to-apply-millis: use-collector-delta
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 7257
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=1e8f19bef7d34ec0b7f3a911c1f35050&HASH=1e8f&LV=202405&V=4&LU=1715114337599; Domain=.microsoft.com; Expires=Wed, 07 May 2025 20:38:57 GMT; Path=/;Secure; SameSite=None
MS0=88049e712de7485e9a45c49e908a8820; Domain=.microsoft.com; Expires=Tue, 07 May 2024 21:08:57 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 1091
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://photos.onedrive.com
access-control-expose-headers: time-delta-millis
date: Tue, 07 May 2024 20:38:57 GMT
X-Firefox-Spdy: h2

browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

13.89.179.9

200 OK

0 B

URL OPTIONS HTTP/2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
IP
13.89.179.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerMicrosoft Corporation
Subject*.events.data.microsoft.com
Fingerprint29:9F:60:88:78:23:9D:24:60:B8:2E:13:B5:87:2A:4D:B5:97:77:02
ValiditySat, 30 Mar 2024 21:44:48 GMT - Tue, 25 Mar 2025 21:44:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Referer: https://photos.onedrive.com/
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, 3600
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-max-age: 3600
access-control-allow-origin: https://photos.onedrive.com
date: Tue, 07 May 2024 20:38:58 GMT
X-Firefox-Spdy: h2

browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

13.89.179.9

200 OK

153 B

URL OPTIONS HTTP/2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
IP
13.89.179.9:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerMicrosoft Corporation
Subject*.events.data.microsoft.com
Fingerprint29:9F:60:88:78:23:9D:24:60:B8:2E:13:B5:87:2A:4D:B5:97:77:02
ValiditySat, 30 Mar 2024 21:44:48 GMT - Tue, 25 Mar 2025 21:44:48 GMT

File type
JSON text data
Size
153 B (153 bytes)
Hash
976c13c74846d7e75ecfb427e8c1a99b
dd44da37d7b581970123484a54c05a21d6f420d4
eac3157e32dad3dcca256de27043561d52f47dc31141d7fb221d0514c0469b2e

HTTP Headers

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://photos.onedrive.com/
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.2
apikey: a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
upload-time: 1715114339120
time-delta-to-apply-millis: 1091
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 1418
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Cookie: MC1=GUID=1e8f19bef7d34ec0b7f3a911c1f35050&HASH=1e8f&LV=202405&V=4&LU=1715114337599; MS0=88049e712de7485e9a45c49e908a8820
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 213
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://photos.onedrive.com
access-control-expose-headers: time-delta-millis
date: Tue, 07 May 2024 20:38:59 GMT
X-Firefox-Spdy: h2

my.microsoftpersonalcontent.com/_api/v2.1/drives/B830006F6A8F8199/items/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?select=createdBy%2CcreatedDateTime%2Cdescription%2CdriveId%2Cfile%2CfileSystemInfo%2Cid%2Cimage%2ClastModifiedDateTime%2Clocation%2Cname%2CparentReference%2Cphoto%2Cshared%2CsharepointIds%2Csize%2Ctags%2Cvideo%2Cviewpoint%2CwebUrl%2CaccessViewpoint&expand=tags

13.107.139.11

401 Unauthorized

4.1 kB

URL GET HTTP/2
my.microsoftpersonalcontent.com/_api/v2.1/drives/B830006F6A8F8199/items/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?select=createdBy%2CcreatedDateTime%2Cdescription%2CdriveId%2Cfile%2CfileSystemInfo%2Cid%2Cimage%2ClastModifiedDateTime%2Clocation%2Cname%2CparentReference%2Cphoto%2Cshared%2CsharepointIds%2Csize%2Ctags%2Cvideo%2Cviewpoint%2CwebUrl%2CaccessViewpoint&expand=tags
IP
13.107.139.11:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://photos.onedrive.com/share/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?cid=B830006F6A8F8199&resId=B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44&ithint=photo&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL2kvYy9iODMwMDA2ZjZhOGY4MTk5L0VVM3JfbWd4NHVoR24yb3dlN09KbjBRQnNOMXc4d1dUdWVFWHdpaEtMTVdqTHc
Certificate
IssuerDigiCert Inc
Subjectmicrosoftpersonalcontent.com
Fingerprint8D:45:20:83:71:A9:95:4C:21:2F:47:9A:5A:42:12:B8:53:C3:5B:6D
ValidityTue, 26 Mar 2024 00:00:00 GMT - Wed, 26 Mar 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT)
Size
4.1 kB (4064 bytes)
Hash
0b1117d0c44e0f6bccf5fac21b1c7ed8
6c56eb0d795c442d74f3ec01383380cc870dc3b1
3cd23971649e5080b23b9a866c2e9e5c1d9c79a4db71425b978ac1b55741ecb9

HTTP Headers

GET /_api/v2.1/drives/B830006F6A8F8199/items/B830006F6A8F8199!s68feeb4de23146e89f6a307bb3899f44?select=createdBy%2CcreatedDateTime%2Cdescription%2CdriveId%2Cfile%2CfileSystemInfo%2Cid%2Cimage%2ClastModifiedDateTime%2Clocation%2Cname%2CparentReference%2Cphoto%2Cshared%2CsharepointIds%2Csize%2Ctags%2Cvideo%2Cviewpoint%2CwebUrl%2CaccessViewpoint&expand=tags HTTP/1.1
Host: my.microsoftpersonalcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://photos.onedrive.com/
Origin: https://photos.onedrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 401 Unauthorized
cache-control: no-cache, no-store
pragma: no-cache
content-type: application/json
content-encoding: gzip
expires: -1
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
www-authenticate: Wlid1.1 realm="WindowsLive", fault="BadContextToken", policy="MBI_SSL", ver="7.5.0.0", target="ssl.live.com", siteId="ssl.live.com"
x-networkstatistics: 0,525568,0,0,156119,0,52807
x-sharepointhealthscore: 2
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Type, Content-Version, CTag, ETag, Location, RateLimit-Limit, RateLimit-Remaining, RateLimit-Reset, Retry-After, spclientservicerequestduration, SPRequestDuration, SPRequestGuid, Timing-Allow-Origin, Transfer-Encoding, WWW-Authenticate, X-Fluid-Epoch, X-Fluid-Retries, X-Fluid-SLTelemetry, X-Fluid-Telemetry, X-MoveState, x-ms-diagnostics, Reauthid, X-Cache-Origin, X-MSEdge-Ref
x-vroomversion: 2.1
x-aspnet-version: 4.0.30319
x-databoundary: NONE
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: 4b6f26a1-b007-5000-5698-af716d1e447d
request-id: 4b6f26a1-b007-5000-5698-af716d1e447d
ms-cv: oSZvSwewAFBWmK9xbR5EfQ.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-SVG20r5a&frontEnd=AFD&RemoteIP=91.90.42.0"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.office365.com *.powerapps.com *.yammer.com engage.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.24817
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B83D9F8461344890985490ED01F71AAB Ref B: SVG20EDGE0108 Ref C: 2024-05-07T20:38:54Z
date: Tue, 07 May 2024 20:38:53 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN