Report - t.notificationmail.microsoft.com/r/?id=h62410b94,5e22fc48,5e22fc4a&e=b2NpZD1jbW1nZzUxYWlnaQ&s=E1ri3dk09

Report Overview

Submitted URL
t.notificationmail.microsoft.com/r/?id=h62410b94,5e22fc48,5e22fc4a&e=b2NpZD1jbW1nZzUxYWlnaQ&s=E1ri3dk09_QgLno9faLfzUxaP6cKbixiCsRBtD-Z5dA
IP
20.97.219.252
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2024-05-08 12:58:50
Access
public
Website Title
Sign in to your Microsoft account
Final URL
login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
onedrive.live.com	2251	1994-12-28	2014-02-19	2024-05-06	516 B	2.5 kB	13.107.137.11
login.live.com	79	1994-12-28	2012-05-21	2024-05-07	736 B	13 kB	20.190.177.149
logincdn.msauth.net	2330	2018-10-25	2019-04-23	2024-05-07	2.9 kB	285 kB	13.107.213.53
browser.events.data.microsoft.com	290	1991-05-02	2018-05-25	2024-05-06	1.5 kB	1.7 kB	20.42.73.28
ipv6.login.live.com	unknown	1994-12-28	2017-01-30	2024-03-15	1.0 kB	0 B	0.0.0.0
t.notificationmail.microsoft.com	unknown	1991-05-02	2022-08-12	2024-02-15	591 B	552 B	20.97.219.252
go.microsoft.com	225	1991-05-02	2014-12-16	2024-05-02	546 B	414 B	23.202.118.57

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/injections/js/bug1731825-office365-email-handling-prompt-autohide.js	995 B	2023-04-11	2024-05-20
Pretty URL moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/injections/js/bug1731825-office365-email-handling-prompt-autohide.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 22:15:44 Last Seen2024-05-20 00:53:54 Times Seen45585 Hash 7c873167b5d35fd9f6690071701d4669 f897afe9818a00a80e98bdbc67e7f67343f89378 014e00e9c71f02f5892cda29da8fd08058817ebd57a12cfee75236874f4e889a Loading...

	login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1	250 B	2023-03-07	2024-05-14
Pretty URL login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 IP 20.190.177.149 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:25:33 Last Seen2024-05-14 15:54:15 Times Seen1057 Hash 31726b85324d5d02fb7c6d8ea96988e3 e25a6e3372944a3788df8f36982700d9a7c552c4 6bb4231b11dd1282c63397c375c3b33bf2e35e61012989d98945f4046a8652ee Loading...

	login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1	18 kB	2024-05-08	2024-05-08
Pretty URL login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 IP 20.190.177.149 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 14:58:51 Last Seen2024-05-08 14:58:51 Times Seen1 Hash cf07c92c43637ed89b91f660d1c23cbd 7ba784e9b507a8ec65c57ef20c2f945eb758b8e5 844616977e09f6714f9dfd027151fe93fa6436dd491ec96fffe05f891e7ef691 Loading...

	login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1	5.0 kB	2024-03-30	2024-05-14
Pretty URL login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 IP 20.190.177.149 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-30 04:51:18 Last Seen2024-05-14 15:54:16 Times Seen36 Hash acd45ba989639e171d75fbbc13744116 4a70fbf82849190a501b46d4c8b3ce4df5848e2e 966d339dfc52150c6ccfd5a183b1c26e634e72f412671d1be17b235035fe17f6 Loading...

	logincdn.msauth.net/shared/5/js/login_en_48m7-j51eOWJoanMaXkRxA2.js	898 kB	2024-04-29	2024-05-10
Pretty URL logincdn.msauth.net/shared/5/js/login_en_48m7-j51eOWJoanMaXkRxA2.js IP 13.107.213.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-29 19:37:07 Last Seen2024-05-10 11:09:00 Times Seen31 Hash e3c9bbfa3e7578e589a1a9cc697911c4 7736a39c69da6656b0e060c0438575d78fc7cd6f c12f7a5abe7cb168ac56967598a9f30eb2c09c304ad374c35bea3475cb08c951 Loading...

	unknown	23 B	2023-04-10	2024-05-16
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 20:39:00 Last Seen2024-05-16 20:46:06 Times Seen1453 Hash a34459a777b4853cc0b6b99c1b519ed8 a114e3509ea887cb8b532a7da24f3dc5de66d219 096e484edb287943f6455826128e4cc9721e410f75f521ad6fc886dba56d1963 Loading...

	logincdn.msauth.net/shared/5/chunks/oneds-analytics-js_54b1724af1b05e2ba3db_en.js	91 kB	2024-04-11	2024-05-14
Pretty URL logincdn.msauth.net/shared/5/chunks/oneds-analytics-js_54b1724af1b05e2ba3db_en.js IP 13.107.213.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 02:24:08 Last Seen2024-05-14 15:54:16 Times Seen72 Hash d390aa6a6d257834d807d8e7ddc90968 6a6efd105dbbeb099d25998a38875808d83af5c8 d755d7ce744425dee51a3bd8cba9b2a789d96c584c9958082b557feb70f226d9 Loading...

	login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1	181 B	2023-03-07	2024-05-16
Pretty URL login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 IP 20.190.177.149 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:25:33 Last Seen2024-05-16 20:46:06 Times Seen1137 Hash e139c6c6a0ac0f3ce81b88b4cae154e7 584d4e57fcb53ddadf45b358c0e54921b4fa16af 9caac3eac998cfada6982c3751066c50b72b40abc446789e791f760e9a89b730 Loading...

	login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1	896 B	2023-03-07	2024-05-16
Pretty URL login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 IP 20.190.177.149 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:53 Last Seen2024-05-16 20:46:06 Times Seen434 Hash ea11dc29cc107ad5cddc5c6c6cb9b7d7 2663e82c5ee7b5a261668e2130983c774e15a1d8 da7c2ce0351c80a1f61bf9c04b316e5dbfdd15d9c107614f3581bde880ef5997 Loading...

		Size	First Seen	Last Seen
	#1 Write - aeaf311f7c9c4fb33a72c9d4cda55e2f	62 B	2023-03-07	2024-05-16
Pretty Observations First Seen2023-03-07 01:28:04 Last Seen2024-05-16 20:46:06 Times Seen3033 Hash aeaf311f7c9c4fb33a72c9d4cda55e2f c6ef54340c06b2b0d1920b45d279439d101c77e3 9060f7f21935005d8aa85f5d626dcdc17518492b8f3f6c7208b9f2dfc3db68ce Loading...

HTTP Transactions (13)

	URL	IP	Response	Size
	t.notificationmail.microsoft.com/r/?id=h62410b94,5e22fc48,5e22fc4a&e=b2NpZD1jbW1nZzUxYWlnaQ&s=E1ri3dk09_QgLno9faLfzUxaP6cKbixiCsRBtD-Z5dA	20.97.219.252	302 Found	17 B
URL User Request GET HTTP/1.1 t.notificationmail.microsoft.com/r/?id=h62410b94,5e22fc48,5e22fc4a&e=b2NpZD1jbW1nZzUxYWlnaQ&s=E1ri3dk09_QgLno9faLfzUxaP6cKbixiCsRBtD-Z5dA IP 20.97.219.252:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Certificate IssuerMicrosoft Corporation Subjectnotificationmail.microsoft.com FingerprintA9:09:63:9C:0A:BB:D9:9A:61:7A:22:AD:A1:3F:C1:59:17:0F:00:8C ValidityWed, 05 Jul 2023 23:01:36 GMT - Thu, 27 Jun 2024 23:59:59 GMT File type ASCII text, with no line terminators Size 17 B (17 bytes) Hash edf537e37d4549950774190c58f93b76 4e2078632eccec8993f151be9338bbcb88ce6f58 afff9c63cfeacd26e5d4000edf576f1386d6729dca783eb45004f484a73a3514 HTTP Headers GET /r/?id=h62410b94,5e22fc48,5e22fc4a&e=b2NpZD1jbW1nZzUxYWlnaQ&s=E1ri3dk09_QgLno9faLfzUxaP6cKbixiCsRBtD-Z5dA HTTP/1.1 Host: t.notificationmail.microsoft.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Date: Wed, 08 May 2024 12:58:24 GMT Server: Apache P3P: CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV" Location: http://go.microsoft.com/fwlink/?LinkId=733395&ocid=cmmgg51aigi Connection: close Set-Cookie: AMCV_EA76ADE95776D2EC7F000101%40AdobeOrg=MCMID%7C18548475201323007993818205860056793087; Domain=microsoft.com; Path=/; Expires=Thu, 07-Nov-2024 04:18:24 GMT nlid=62410b94\|5e22fc48; Domain=microsoft.com; Path=/ Content-Length: 17 X-Robots-Tag: noindex Content-Type: text/plain; charset=utf-8

	go.microsoft.com/fwlink/?LinkId=733395&ocid=cmmgg51aigi	23.202.118.57	302 Moved Temporarily	0 B
URL User Request GET HTTP/1.1 go.microsoft.com/fwlink/?LinkId=733395&ocid=cmmgg51aigi IP 23.202.118.57:80 ASN #16625 AKAMAI-AS File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /fwlink/?LinkId=733395&ocid=cmmgg51aigi HTTP/1.1 Host: go.microsoft.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Cookie: AMCV_EA76ADE95776D2EC7F000101%40AdobeOrg=MCMID%7C18548475201323007993818205860056793087; nlid=62410b94\|5e22fc48 Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 302 Moved Temporarily Content-Length: 0 Server: Kestrel Location: https://onedrive.live.com/?v=upgrade&hideLeftNav=true&ocid=cmmgg51aigi Request-Context: appId=cid-v1:7d63747b-487e-492a-872d-762362f77974 X-Response-Cache-Status: True Expires: Wed, 08 May 2024 12:58:25 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Wed, 08 May 2024 12:58:25 GMT Connection: keep-alive`

	onedrive.live.com/?v=upgrade&hideLeftNav=true&ocid=cmmgg51aigi	13.107.137.11	302 Found	451 B
URL User Request GET HTTP/2 onedrive.live.com/?v=upgrade&hideLeftNav=true&ocid=cmmgg51aigi IP 13.107.137.11:443 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Certificate IssuerMicrosoft Corporation Subjectonedrive.com Fingerprint74:60:B4:06:AB:E1:E4:E4:BC:D5:29:ED:EC:F2:EC:D4:C3:67:DD:8A ValidityFri, 29 Mar 2024 05:42:16 GMT - Mon, 24 Mar 2025 05:42:16 GMT File type HTML document, ASCII text, with very long lines (379), with CRLF line terminators Size 451 B (451 bytes) Hash 1cf8f3f15d4ffefb033f23325fb9e194 048dcb32afc700f963b700c507ab15da190734bc 6de3463480d786cdebb34e222d7cebf0693285cbc543a91bd0ecf87311c5884d HTTP Headers GET /?v=upgrade&hideLeftNav=true&ocid=cmmgg51aigi HTTP/1.1 Host: onedrive.live.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found cache-control: no-cache, no-store pragma: no-cache content-length: 451 content-type: text/html; charset=utf-8 expires: -1 location: https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" set-cookie: RpsContextCookie=UHJldmlvdXNSZXF1ZXN0Q29ycmVsYXRpb25JZD0wMDAwMDAwMCUyRDAwMDAlMkQwMDAwJTJEMDAwMCUyRDAwMDAwMDAwMDAwMCZSZXR1cm5Vcmw9aHR0cHMlM0ElMkYlMkZvbmVkcml2ZSUyRWxpdmUlMkVjb20lMkYlM0Z2JTNEdXBncmFkZSUyNmhpZGVMZWZ0TmF2JTNEdHJ1ZSUyNm9jaWQlM0RjbW1nZzUxYWlnaQ==; expires=Wed, 08-May-2024 13:08:25 GMT; path=/; SameSite=None; secure; HttpOnly x-networkstatistics: 0,525568,0,0,15931,0,30231 x-sharepointhealthscore: 3 x-aspnet-version: 4.0.30319 x-databoundary: EU x-1dscollectorurl: https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/ x-ariacollectorurl: https://eu-mobile.events.data.microsoft.com/Collector/3.0 sprequestguid: 57a726a1-7071-8000-a4a0-9fc7c177ed9c request-id: 57a726a1-7071-8000-a4a0-9fc7c177ed9c ms-cv: oSanV3FwAICkoJ/HwXftnA.0 report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-SVG20r5b&frontEnd=AFD&RemoteIP=91.90.42.0"}]} nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} strict-transport-security: max-age=31536000 sprequestduration: 69 spiislatency: 26 x-powered-by: ASP.NET microsoftsharepointteamservices: 16.0.0.24817 x-content-type-options: nosniff x-ms-invokeapp: 1; RequireReadOnly x-cache: CONFIG_NOCACHE x-msedge-ref: Ref A: 9A417504279543B88B1300135CDBE7B7 Ref B: SVG20EDGE0421 Ref C: 2024-05-08T12:58:25Z date: Wed, 08 May 2024 12:58:24 GMT X-Firefox-Spdy: h2

	login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1	20.190.177.149	200 OK	11 kB
URL User Request GET HTTP/1.1 login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 IP 20.190.177.149:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Certificate IssuerDigiCert Inc Subjectlogin.live.com Fingerprint7C:A4:1B:29:3E:A1:BF:5E:7E:96:CD:E4:E3:B6:B5:D3:02:3B:E8:6E ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (26336) Size 11 kB (11052 bytes) Hash 5d489b9113a163ef1dc23cefa031bddd deb408d7d8f981399bc0e6c11ad222d3f8617d9c 02f4643ee9886e5fc9be9d93a863a1c6e1cf8a754a4a563bf4669c46251b165b HTTP Headers GET /login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 HTTP/1.1 Host: login.live.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Cache-Control: no-store, no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Wed, 08 May 2024 12:57:25 GMT Vary: Accept-Encoding P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" X-DNS-Prefetch-Control: on Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net/>; rel=dns-prefetch, <https://acctcdn.msftauth.net/>; rel=dns-prefetch, <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch, <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://logincdn.msauth.net/>; rel=dns-prefetch, <https://logincdn.msftauth.net/>; rel=dns-prefetch, <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: C535_BL2 x-ms-request-id: 3a173ea2-6276-4945-8e85-d50b1ed7de20 PPServer: PPV: 30 H: BL02EPF0001D8D0 V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Set-Cookie: uaid=b0a47085621547a0a08b957de2b30501; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly MSPRequ=id=250206&lt=1715173105&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly MSCC=91.90.42.154-NO; expires=Mon, 02-Jun-2025 12:58:25 GMT; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly MSPOK=$uuid-2c8feb07-7c21-44ee-8ad6-d8392abf49ed; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly OParams=11O.DrWUWClgC75kKFZKa7lxV6YLNqf1ZYuG0Xnh8iBIsQpgsa!0Bg3T8ZDjvbs5ECZzGJlcm6l6LEIjsmIvbxHV!9ruz57pH!vf24zJGYDCllTa8yG5PorPUlyYUHi83!LQXWFgesg1tDFqIFlbEGglYZsat1KjsWb!64zbVKW9HbC0pI1o8jW1rbIzt2CLY4!NJRrHtr9I8ieFnaj1!HjO7TdcjSZng8aXIonaDNk5iUlQWrVjI4bxdzYtjmn0wr73nccvF5bkiJXFlbi5dGPo90IaH5o3ViQsjVauebHkcJbyFJWQqFnk3pH4S6jpFWzO4lopSMIrJloKAG1doifQtzNCb5lHrAUMBYFQFD9ojliu2hMgwDBrifq6qWO*UqQJI68imeMagiI$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Date: Wed, 08 May 2024 12:58:25 GMT Content-Length: 11052

	logincdn.msauth.net/shared/5/js/login_en_48m7-j51eOWJoanMaXkRxA2.js	13.107.213.53	200 OK	227 kB
URL GET HTTP/2 logincdn.msauth.net/shared/5/js/login_en_48m7-j51eOWJoanMaXkRxA2.js IP 13.107.213.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 Certificate IssuerMicrosoft Corporation Subjectidentitycdn.msauth.net Fingerprint8F:BB:C6:02:63:00:DB:52:8E:2F:75:54:B7:75:9D:43:C4:31:CF:5B ValidityThu, 11 Apr 2024 16:30:31 GMT - Sun, 06 Apr 2025 16:30:31 GMT File type JavaScript source, ASCII text, with very long lines (65470) Size 227 kB (227361 bytes) Hash e3c9bbfa3e7578e589a1a9cc697911c4 7736a39c69da6656b0e060c0438575d78fc7cd6f c12f7a5abe7cb168ac56967598a9f30eb2c09c304ad374c35bea3475cb08c951 HTTP Headers `GET /shared/5/js/login_en_48m7-j51eOWJoanMaXkRxA2.js HTTP/1.1 Host: logincdn.msauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.live.com/ Origin: https://login.live.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Wed, 08 May 2024 12:58:26 GMT content-type: application/x-javascript content-length: 227361 cache-control: public, max-age=31536000 content-encoding: gzip last-modified: Thu, 18 Apr 2024 00:21:14 GMT etag: 0x8DC5F3D7578728F x-ms-request-id: ae10afe7-801e-002a-310c-9f7ab8000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240508T125826Z-er15bb998b7xtmtcmf2e4fhuaw00000003zg000000006na7 x-fd-int-roxy-purgeid: 67912908 x-cache: TCP_HIT accept-ranges: bytes X-Firefox-Spdy: h2

	logincdn.msauth.net/shared/5/chunks/oneds-analytics-js_54b1724af1b05e2ba3db_en.js	13.107.213.53	200 OK	33 kB
URL GET HTTP/2 logincdn.msauth.net/shared/5/chunks/oneds-analytics-js_54b1724af1b05e2ba3db_en.js IP 13.107.213.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 Certificate IssuerMicrosoft Corporation Subjectidentitycdn.msauth.net Fingerprint8F:BB:C6:02:63:00:DB:52:8E:2F:75:54:B7:75:9D:43:C4:31:CF:5B ValidityThu, 11 Apr 2024 16:30:31 GMT - Sun, 06 Apr 2025 16:30:31 GMT File type JavaScript source, ASCII text, with very long lines (65436) Size 33 kB (32821 bytes) Hash d390aa6a6d257834d807d8e7ddc90968 6a6efd105dbbeb099d25998a38875808d83af5c8 d755d7ce744425dee51a3bd8cba9b2a789d96c584c9958082b557feb70f226d9 HTTP Headers `GET /shared/5/chunks/oneds-analytics-js_54b1724af1b05e2ba3db_en.js HTTP/1.1 Host: logincdn.msauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.live.com/ Origin: https://login.live.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Wed, 08 May 2024 12:58:26 GMT content-type: application/x-javascript content-length: 32821 cache-control: public, max-age=31536000 content-encoding: gzip last-modified: Sat, 30 Mar 2024 01:22:56 GMT etag: 0x8DC5057EDD0C741 x-ms-request-id: fceb0845-401e-000a-3427-9feb8b000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240508T125826Z-er15bb998b7xtmtcmf2e4fhuaw00000003zg000000006naf x-fd-int-roxy-purgeid: 67912908 x-cache: TCP_HIT accept-ranges: bytes X-Firefox-Spdy: h2

	logincdn.msauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg	13.107.213.53	200 OK	1.4 kB
URL GET HTTP/2 logincdn.msauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg IP 13.107.213.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 Certificate IssuerMicrosoft Corporation Subjectidentitycdn.msauth.net Fingerprint8F:BB:C6:02:63:00:DB:52:8E:2F:75:54:B7:75:9D:43:C4:31:CF:5B ValidityThu, 11 Apr 2024 16:30:31 GMT - Sun, 06 Apr 2025 16:30:31 GMT File type SVG Scalable Vector Graphics image Size 1.4 kB (1435 bytes) Hash ee5c8d9fb6248c938fd0dc19370e90bd d01a22720918b781338b5bbf9202b241a5f99ee4 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a HTTP Headers `GET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1 Host: logincdn.msauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.live.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Wed, 08 May 2024 12:58:26 GMT content-type: image/svg+xml content-length: 1435 cache-control: public, max-age=31536000 content-encoding: gzip last-modified: Tue, 27 Jun 2023 15:44:25 GMT etag: 0x8DB772562988611 x-ms-request-id: 7d5e65f6-401e-001a-4c25-9f5ba9000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240508T125826Z-er15bb998b7xtmtcmf2e4fhuaw00000003zg000000006nam x-fd-int-roxy-purgeid: 67912908 x-cache: TCP_HIT accept-ranges: bytes X-Firefox-Spdy: h2

	logincdn.msauth.net/shared/5/images/2_bc3d32a696895f78c19d.svg	13.107.213.53	200 OK	673 B
URL GET HTTP/2 logincdn.msauth.net/shared/5/images/2_bc3d32a696895f78c19d.svg IP 13.107.213.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 Certificate IssuerMicrosoft Corporation Subjectidentitycdn.msauth.net Fingerprint8F:BB:C6:02:63:00:DB:52:8E:2F:75:54:B7:75:9D:43:C4:31:CF:5B ValidityThu, 11 Apr 2024 16:30:31 GMT - Sun, 06 Apr 2025 16:30:31 GMT File type SVG Scalable Vector Graphics image Size 673 B (673 bytes) Hash bc3d32a696895f78c19df6c717586a5d 9191cb156a30a3ed79c44c0a16c95159e8ff689d 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68 HTTP Headers `GET /shared/5/images/2_bc3d32a696895f78c19d.svg HTTP/1.1 Host: logincdn.msauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.live.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Wed, 08 May 2024 12:58:26 GMT content-type: image/svg+xml content-length: 673 cache-control: public, max-age=31536000 content-encoding: gzip last-modified: Tue, 27 Jun 2023 15:44:22 GMT etag: 0x8DB7725611C3E0C x-ms-request-id: d9c41f78-101e-006f-3efd-9e2ea3000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240508T125826Z-er15bb998b7xtmtcmf2e4fhuaw00000003zg000000006nan x-fd-int-roxy-purgeid: 67912908 x-cache: TCP_HIT accept-ranges: bytes X-Firefox-Spdy: h2

	logincdn.msauth.net/16.000.30185.3/images/favicon.ico	13.107.213.53	200 OK	17 kB
URL GET HTTP/2 logincdn.msauth.net/16.000.30185.3/images/favicon.ico IP 13.107.213.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 Certificate IssuerMicrosoft Corporation Subjectidentitycdn.msauth.net Fingerprint8F:BB:C6:02:63:00:DB:52:8E:2F:75:54:B7:75:9D:43:C4:31:CF:5B ValidityThu, 11 Apr 2024 16:30:31 GMT - Sun, 06 Apr 2025 16:30:31 GMT File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Size 17 kB (17174 bytes) Hash 12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 HTTP Headers `GET /16.000.30185.3/images/favicon.ico HTTP/1.1 Host: logincdn.msauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.live.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Wed, 08 May 2024 12:58:27 GMT content-type: image/x-icon content-length: 17174 cache-control: public, max-age=604800 last-modified: Sat, 20 Apr 2024 02:19:39 GMT etag: 0x8DC60E05507C943 x-ms-request-id: 5a480e24-d01e-0073-2cdf-9c6a98000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240508T125827Z-er15bb998b7xtmtcmf2e4fhuaw00000003zg000000006nat x-fd-int-roxy-purgeid: 67912908 x-cache: TCP_HIT accept-ranges: bytes X-Firefox-Spdy: h2

	logincdn.msauth.net/shared/5/images/signin_options_4e48046ce74f4b89d450.svg	13.107.213.53	200 OK	621 B
URL GET HTTP/2 logincdn.msauth.net/shared/5/images/signin_options_4e48046ce74f4b89d450.svg IP 13.107.213.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 Certificate IssuerMicrosoft Corporation Subjectidentitycdn.msauth.net Fingerprint8F:BB:C6:02:63:00:DB:52:8E:2F:75:54:B7:75:9D:43:C4:31:CF:5B ValidityThu, 11 Apr 2024 16:30:31 GMT - Sun, 06 Apr 2025 16:30:31 GMT File type SVG Scalable Vector Graphics image Size 621 B (621 bytes) Hash 4e48046ce74f4b89d45037c90576bfac 4a41b3b51ed787f7b33294202da72220c7cd2c32 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93 HTTP Headers `GET /shared/5/images/signin_options_4e48046ce74f4b89d450.svg HTTP/1.1 Host: logincdn.msauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.live.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Wed, 08 May 2024 12:58:27 GMT content-type: image/svg+xml content-length: 621 cache-control: public, max-age=31536000 content-encoding: gzip last-modified: Tue, 27 Jun 2023 15:44:30 GMT etag: 0x8DB772565B93440 x-ms-request-id: dde73f1b-101e-0043-6f17-9d4b89000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240508T125827Z-er15bb998b7xtmtcmf2e4fhuaw00000003zg000000006nb5 x-fd-int-roxy-purgeid: 67912908 x-cache: TCP_HIT accept-ranges: bytes X-Firefox-Spdy: h2

	browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0	20.42.73.28	200 OK	0 B
URL POST HTTP/2 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 IP 20.42.73.28:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 Certificate IssuerMicrosoft Corporation Subject.events.data.microsoft.com FingerprintD4:6A:66:98:6E:27:A7:BF:67:5A:A2:31:67:A0:5A:62:35:AC:EF:1B ValiditySun, 31 Mar 2024 03:05:47 GMT - Wed, 26 Mar 2025 03:05:47 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1 Host: browser.events.data.microsoft.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time Referer: https://login.live.com/ Origin: https://login.live.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK cache-control: public, 3600 content-length: 0 server: Microsoft-HTTPAPI/2.0 strict-transport-security: max-age=31536000 access-control-allow-credentials: true access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody access-control-max-age: 3600 access-control-allow-origin: https://login.live.com date: Wed, 08 May 2024 12:58:29 GMT X-Firefox-Spdy: h2

	browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0	20.42.73.28	200 OK	153 B
URL POST HTTP/2 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 IP 20.42.73.28:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 Certificate IssuerMicrosoft Corporation Subject.events.data.microsoft.com FingerprintD4:6A:66:98:6E:27:A7:BF:67:5A:A2:31:67:A0:5A:62:35:AC:EF:1B ValiditySun, 31 Mar 2024 03:05:47 GMT - Wed, 26 Mar 2025 03:05:47 GMT File type JSON text data Size 153 B (153 bytes) Hash cbeb4088d446208166af2ce0845cd7d1 b5157667c66b3e689e30406766fe7ef75a2770d1 0b457785149788d332a1db1d7b5070e7306c8890184c44af016fc53dcdf55724 HTTP Headers POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1 Host: browser.events.data.microsoft.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.live.com/ Client-Id: NO_AUTH client-version: 1DS-Web-JS-3.2.15 apikey: 69adc3c768bd4dc08c19416121249fcc-66f1668a-797b-4249-95e3-6c6651768c28-7293 upload-time: 1715173109405 time-delta-to-apply-millis: use-collector-delta cache-control: no-cache, no-store content-type: application/x-json-stream Content-Length: 3114 Origin: https://login.live.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache TE: trailers HTTP/2 200 OK content-length: 153 content-type: application/json server: Microsoft-HTTPAPI/2.0 strict-transport-security: max-age=31536000 p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" set-cookie: MC1=GUID=98fbcaca946a4fbcb3478d38ce2ce047&HASH=98fb&LV=202405&V=4&LU=1715173109866; Domain=.microsoft.com; Expires=Thu, 08 May 2025 12:58:29 GMT; Path=/;Secure; SameSite=None MS0=f491e5220e424a62a3080d12a470b6e8; Domain=.microsoft.com; Expires=Wed, 08 May 2024 13:28:29 GMT; Path=/;Secure; SameSite=None time-delta-millis: 461 access-control-allow-headers: P3P,Set-Cookie,time-delta-millis access-control-allow-methods: POST access-control-allow-credentials: true access-control-allow-origin: https://login.live.com access-control-expose-headers: time-delta-millis date: Wed, 08 May 2024 12:58:29 GMT X-Firefox-Spdy: h2

	ipv6.login.live.com/ipv6.png?uaid=b0a47085621547a0a08b957de2b30501	0.0.0.0		0 B
URL GET ipv6.login.live.com/ipv6.png?uaid=b0a47085621547a0a08b957de2b30501 IP 0.0.0.0:0 ASN #0 Requested by https://login.live.com/login.srf?wa=wsignin1%2E0&rpsnv=151&ct=1715173105&rver=7%2E5%2E2146%2E0&wp=MBI%5FSSL&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%5Fforms%2Fdefault%2Easpx%3Fapr%3D1&lc=1033&id=250206&guests=1&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&aadredir=1 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ipv6.png?uaid=b0a47085621547a0a08b957de2b30501 HTTP/1.1 Host: ipv6.login.live.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.live.com/ DNT: 1 Connection: keep-alive Cookie: uaid=b0a47085621547a0a08b957de2b30501; MSPRequ=id=250206&lt=1715173105&co=1; MSCC=91.90.42.154-NO; MSPOK=$uuid-2c8feb07-7c21-44ee-8ad6-d8392abf49ed; OParams=11O.DrWUWClgC75kKFZKa7lxV6YLNqf1ZYuG0Xnh8iBIsQpgsa!0Bg3T8ZDjvbs5ECZzGJlcm6l6LEIjsmIvbxHV!9ruz57pH!vf24zJGYDCllTa8yG5PorPUlyYUHi83!LQXWFgesg1tDFqIFlbEGglYZsat1KjsWb!64zbVKW9HbC0pI1o8jW1rbIzt2CLY4!NJRrHtr9I8ieFnaj1!HjO7TdcjSZng8aXIonaDNk5iUlQWrVjI4bxdzYtjmn0wr73nccvF5bkiJXFlbi5dGPo90IaH5o3ViQsjVauebHkcJbyFJWQqFnk3pH4S6jpFWzO4lopSMIrJloKAG1doifQtzNCb5lHrAUMBYFQFD9ojliu2hMgwDBrifq6qWO*UqQJI68imeMagiI$ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL