Report - owa-mail-auth.web.app/

Report Overview

Submitted URL
owa-mail-auth.web.app/
IP
199.36.158.100
ASN
#54113 FASTLY
Submitted
2023-06-02 00:58:02
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
72

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-06-01	458 B	2.9 kB	142.250.74.106
owa-mail-auth.web.app	unknown	2019-01-08	2023-02-09	2023-05-08	5.5 kB	245 kB	199.36.158.100
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-01	1.0 kB	2.1 kB	142.250.74.3
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-06-01	465 B	56 kB	151.101.129.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-06-01	medium	owa-mail-auth.web.app/
2023-06-01	medium	owa-mail-auth.web.app/
2023-06-01	medium	owa-mail-auth.web.app/
2023-06-01	medium	owa-mail-auth.web.app/
2023-06-01	medium	owa-mail-auth.web.app/
2023-06-01	medium	owa-mail-auth.web.app/
2023-06-01	medium	owa-mail-auth.web.app/
2023-06-01	medium	owa-mail-auth.web.app/
2023-06-01	medium	owa-mail-auth.web.app/
2023-06-01	medium	owa-mail-auth.web.app/
2023-06-01	medium	owa-mail-auth.web.app/
2023-06-01	medium	owa-mail-auth.web.app/

PhishTank

Scan Date	Severity	Indicator
2023-02-10	medium	owa-mail-auth.web.app/
2023-02-10	medium	owa-mail-auth.web.app/css/app.2d7f414e.css
2023-02-10	medium	owa-mail-auth.web.app/css/chunk-vendors.d220542a.css
2023-02-10	medium	owa-mail-auth.web.app/js/app.fdbe6e81.js
2023-02-10	medium	owa-mail-auth.web.app/js/chunk-vendors.cc407600.js
2023-02-10	medium	owa-mail-auth.web.app/js/success.90b6d4ad.js
2023-02-10	medium	owa-mail-auth.web.app/favicon.ico
2023-02-10	medium	owa-mail-auth.web.app/css/notfound.07a87f9f.css
2023-02-10	medium	owa-mail-auth.web.app/css/notlisted.07a87f9f.css
2023-02-10	medium	owa-mail-auth.web.app/css/success.07a87f9f.css
2023-02-10	medium	owa-mail-auth.web.app/js/notlisted.a73c097d.js
2023-02-10	medium	owa-mail-auth.web.app/js/notfound.08d3b457.js

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-06-02	medium	owa-mail-auth.web.app
2023-06-02	medium	owa-mail-auth.web.app
2023-06-02	medium	owa-mail-auth.web.app
2023-06-02	medium	owa-mail-auth.web.app
2023-06-02	medium	owa-mail-auth.web.app
2023-06-02	medium	owa-mail-auth.web.app
2023-06-02	medium	owa-mail-auth.web.app
2023-06-02	medium	owa-mail-auth.web.app
2023-06-02	medium	owa-mail-auth.web.app
2023-06-02	medium	owa-mail-auth.web.app
2023-06-02	medium	owa-mail-auth.web.app
2023-06-02	medium	owa-mail-auth.web.app

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	owa-mail-auth.web.app/js/chunk-vendors.cc407600.js	674 kB	2023-03-13	2024-02-09
Pretty URL owa-mail-auth.web.app/js/chunk-vendors.cc407600.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 21:22:19 Last Seen2024-02-09 03:52:30 Times Seen37 Hash a3bebd302e9bdb32bca7784edf428cb1 9b9951332d6d57f357ccea554a48ad3ba397ff09 d3fc826d42d21ce19a1f8ad6506481639902a35542323224a80dea949fbb6bda Loading...

	owa-mail-auth.web.app/js/app.fdbe6e81.js	9.6 kB	2023-03-13	2024-02-09
Pretty URL owa-mail-auth.web.app/js/app.fdbe6e81.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 21:22:19 Last Seen2024-02-09 03:52:30 Times Seen37 Hash c90a30ab92b27e2c678c9866babd5ecd 1dbf3785c845bb55837dab4839eabd4f4aba054a 42a841351b7cb7985dc717fcafbd52f4e879d7d1467ffe03b2a86f3bd548bd8e Loading...

HTTP Transactions (17)

URL IP Response Size

owa-mail-auth.web.app/

199.36.158.100

200 OK

594 B

URL User Request GET HTTP/2
owa-mail-auth.web.app/
IP
199.36.158.100:443
ASN
#54113 FASTLY

Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1381), with no line terminators
Size
594 B (594 bytes)
Hash
da1013b63410cadc8a064217a73c72a1
84ac9b0d750ca823037470451e9786dd5ffbf922
3d86284897622bb9bfe7210c1dee1f90ffebe8bbf4368373d92bd619c19b0d15

Detections

Analyzer	Verdict	Alert
openphish	Outlook
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: owa-mail-auth.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: "ecbc6066b01d9978b25c748325258a8fb47c8bb6c8c6992bc0d694c109ccd23d"
last-modified: Thu, 14 May 2020 08:29:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:57:45 GMT
x-served-by: cache-bma1639-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685667465.069036,VS0,VE208
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 594
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4int/wrllXI_-LL8

142.250.74.3

472 B

URL
ocsp.pki.goog/s/gts1d4int/wrllXI_-LL8
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c71533c4704c778fa30223cb4a41e7a6
b53f269f4dc4ed742c7b38be79958d37e8482f97
37988e16d2de6ebd0c9ed907a98806ddb4632296be5b9b6407fe4c72aa6eca2f

HTTP Headers

POST /s/gts1d4int/wrllXI_-LL8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 00:57:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 00:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

151.101.129.229

200 OK

55 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://owa-mail-auth.web.app/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
55 kB (54765 bytes)
Hash
312aa5e13b1bcd05db97582cf37b6df1
31cc1294ee8253b339e377e44f20da422c8e8e95
b89606bf42acdeb4f05cff729f63f2f0574e87011d4aa5a05253a3bfcd7461bf

HTTP Headers

GET /npm/@mdi/font@latest/css/materialdesignicons.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://owa-mail-auth.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 7.2.96
x-jsd-version-type: version
etag: W/"52d34-McwSlO6CU7M543fkTyDaQiyOjpU"
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:57:45 GMT
age: 43043
x-served-by: cache-fra-eddf8230030-FRA, cache-bma1658-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54765
X-Firefox-Spdy: h2

owa-mail-auth.web.app/css/app.2d7f414e.css

199.36.158.100

200 OK

147 B

URL GET HTTP/3
owa-mail-auth.web.app/css/app.2d7f414e.css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://owa-mail-auth.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT

File type
ASCII text, with no line terminators
Size
147 B (147 bytes)
Hash
a789770e21d505a0df13ae39d3d07546
15785f1f8ceadbe43572ccdfc3df30ea322ca622
9373b918b1da1df9ffe7ae1054477eae65ac61632964eb9b60d389d91b9e0041

Detections

Analyzer	Verdict	Alert
openphish	Outlook
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /css/app.2d7f414e.css HTTP/1.1
Host: owa-mail-auth.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://owa-mail-auth.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 147
cache-control: max-age=3600
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: "c177fd453750d16cf844444f74e1aa8330fda485cfcf7c167d3fc7a3359f5e39"
last-modified: Thu, 14 May 2020 08:29:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:57:45 GMT
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685667466.645386,VS0,VE82
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

owa-mail-auth.web.app/css/chunk-vendors.d220542a.css

199.36.158.100

200 OK

31 kB

URL GET HTTP/3
owa-mail-auth.web.app/css/chunk-vendors.d220542a.css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://owa-mail-auth.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
31 kB (30823 bytes)
Hash
4603585be34fa6618789611f1fcda292
d38375472fa5b3805f7f486d93f11557eccd1b9a
e850ab6df20a9e69e53097ec3a16ad78c6478756d0a4c24d4f87713d2b0ab6ca

Detections

Analyzer	Verdict	Alert
openphish	Outlook
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /css/chunk-vendors.d220542a.css HTTP/1.1
Host: owa-mail-auth.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://owa-mail-auth.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 30823
cache-control: max-age=3600
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: "a51e526ca27d503980812c6cd60f4658ac3c5c0d8e0cd31e8e65fbcb756c4f7a"
last-modified: Thu, 14 May 2020 08:29:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:57:45 GMT
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685667466.645657,VS0,VE141
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

owa-mail-auth.web.app/js/app.fdbe6e81.js

199.36.158.100

200 OK

4.0 kB

URL GET HTTP/3
owa-mail-auth.web.app/js/app.fdbe6e81.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://owa-mail-auth.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT

File type
ASCII text, with very long lines (9517)
Size
4.0 kB (3984 bytes)
Hash
c90a30ab92b27e2c678c9866babd5ecd
1dbf3785c845bb55837dab4839eabd4f4aba054a
42a841351b7cb7985dc717fcafbd52f4e879d7d1467ffe03b2a86f3bd548bd8e

Detections

Analyzer	Verdict	Alert
openphish	Outlook
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /js/app.fdbe6e81.js HTTP/1.1
Host: owa-mail-auth.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://owa-mail-auth.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 3984
cache-control: max-age=3600
content-encoding: gzip
content-type: text/javascript; charset=utf-8
etag: "7d3afe772d5f436783a443a3d9debba3fa7de587e620bdb26999a4bc47ea96f5"
last-modified: Thu, 14 May 2020 08:29:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:57:45 GMT
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685667466.646282,VS0,VE196
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

142.250.74.106

200 OK

2.3 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://owa-mail-auth.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
gzip compressed data, max compression\012- data
Size
2.3 kB (2299 bytes)
Hash
22d5ae82795120d679b23c5dec7a51a9
cedf496cb378daf7aa716d9c8168e3893e603d36
f8678793a06d6b4f94b886f41034a106aec4612ea08d11fad18532d9961010fd

HTTP Headers

GET /css?family=Roboto:100,300,400,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://owa-mail-auth.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Jun 2023 00:57:45 GMT
date: Fri, 02 Jun 2023 00:57:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

owa-mail-auth.web.app/js/chunk-vendors.cc407600.js

199.36.158.100

200 OK

193 kB

URL GET HTTP/3
owa-mail-auth.web.app/js/chunk-vendors.cc407600.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://owa-mail-auth.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT

File type
ASCII text, with very long lines (38412)
Size
193 kB (193077 bytes)
Hash
a3bebd302e9bdb32bca7784edf428cb1
9b9951332d6d57f357ccea554a48ad3ba397ff09
d3fc826d42d21ce19a1f8ad6506481639902a35542323224a80dea949fbb6bda

Detections

Analyzer	Verdict	Alert
openphish	Outlook
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /js/chunk-vendors.cc407600.js HTTP/1.1
Host: owa-mail-auth.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://owa-mail-auth.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 193077
cache-control: max-age=3600
content-encoding: gzip
content-type: text/javascript; charset=utf-8
etag: "6ad295781ae0644b5e7d04df456be90928a2e523f13282265899ba71bc428ee5"
last-modified: Thu, 14 May 2020 08:29:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:57:45 GMT
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685667466.646798,VS0,VE214
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 00:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

owa-mail-auth.web.app/js/success.90b6d4ad.js

199.36.158.100

200 OK

2.0 kB

URL GET HTTP/3
owa-mail-auth.web.app/js/success.90b6d4ad.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://owa-mail-auth.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT

File type
ASCII text, with very long lines (5170)
Size
2.0 kB (2021 bytes)
Hash
4d18de49cc08f3691ce50ab239a3d0b7
f41cccff6903776e3ebc7401a98c62b117b1447e
a6eedb4d17a08d1e0c1ba30068eee923a9f89fc90204020eb75bc3e51c1dcf11

Detections

Analyzer	Verdict	Alert
openphish	Outlook
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /js/success.90b6d4ad.js HTTP/1.1
Host: owa-mail-auth.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://owa-mail-auth.web.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 2021
cache-control: max-age=3600
content-encoding: gzip
content-type: text/javascript; charset=utf-8
etag: "79dfb8ae6b74403eea2c8eeb7864c22d32a25f08e3aba3bb5d3b41f1cb37f842"
last-modified: Thu, 14 May 2020 08:29:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:57:46 GMT
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685667466.155599,VS0,VE90
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

owa-mail-auth.web.app/favicon.ico

199.36.158.100

200 OK

1.2 kB

URL GET HTTP/3
owa-mail-auth.web.app/favicon.ico
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://owa-mail-auth.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT

File type
MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size
1.2 kB (1243 bytes)
Hash
759fade9033aa298629e4b000dcd6dde
34a1adf5c7326d7bde5b5735471b5d81e611c189
cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e

Detections

Analyzer	Verdict	Alert
openphish	Outlook
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: owa-mail-auth.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://owa-mail-auth.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1243
cache-control: max-age=3600
content-encoding: br
content-type: image/x-icon
etag: "ce940fc64baedfe57bce07c3b02d0ee36cdee6ce2135b7a421cd93c55453db4e-br"
last-modified: Thu, 14 May 2020 08:29:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:57:46 GMT
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685667466.138326,VS0,VE113
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

owa-mail-auth.web.app/css/notfound.07a87f9f.css

199.36.158.100

200 OK

636 B

URL GET HTTP/3
owa-mail-auth.web.app/css/notfound.07a87f9f.css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://owa-mail-auth.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT

File type
ASCII text, with very long lines (2998), with no line terminators
Size
636 B (636 bytes)
Hash
04a6eef2edf81bddd93a2caa3c10f0fa
dc0244e594dde1d730e3ea43f6aee88ddf3e15d5
920e781ef69ee3a3738834af8de93545aa73463e5bc4c8c54075bbe21c8928c4

Detections

Analyzer	Verdict	Alert
openphish	Outlook
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /css/notfound.07a87f9f.css HTTP/1.1
Host: owa-mail-auth.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://owa-mail-auth.web.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 636
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "61458b81719601a1b3d6bad43356eca12f06f278f29e144691a6ac01eee7d5ec-br"
last-modified: Thu, 14 May 2020 08:29:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:57:46 GMT
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685667466.150824,VS0,VE101
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

owa-mail-auth.web.app/css/notlisted.07a87f9f.css

199.36.158.100

200 OK

636 B

URL GET HTTP/3
owa-mail-auth.web.app/css/notlisted.07a87f9f.css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://owa-mail-auth.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT

File type
ASCII text, with very long lines (2998), with no line terminators
Size
636 B (636 bytes)
Hash
04a6eef2edf81bddd93a2caa3c10f0fa
dc0244e594dde1d730e3ea43f6aee88ddf3e15d5
920e781ef69ee3a3738834af8de93545aa73463e5bc4c8c54075bbe21c8928c4

Detections

Analyzer	Verdict	Alert
openphish	Outlook
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /css/notlisted.07a87f9f.css HTTP/1.1
Host: owa-mail-auth.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://owa-mail-auth.web.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 636
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "61458b81719601a1b3d6bad43356eca12f06f278f29e144691a6ac01eee7d5ec-br"
last-modified: Thu, 14 May 2020 08:29:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:57:46 GMT
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685667466.151768,VS0,VE101
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

owa-mail-auth.web.app/css/success.07a87f9f.css

199.36.158.100

200 OK

636 B

URL GET HTTP/3
owa-mail-auth.web.app/css/success.07a87f9f.css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://owa-mail-auth.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT

File type
ASCII text, with very long lines (2998), with no line terminators
Size
636 B (636 bytes)
Hash
04a6eef2edf81bddd93a2caa3c10f0fa
dc0244e594dde1d730e3ea43f6aee88ddf3e15d5
920e781ef69ee3a3738834af8de93545aa73463e5bc4c8c54075bbe21c8928c4

Detections

Analyzer	Verdict	Alert
openphish	Outlook
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /css/success.07a87f9f.css HTTP/1.1
Host: owa-mail-auth.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://owa-mail-auth.web.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 636
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "61458b81719601a1b3d6bad43356eca12f06f278f29e144691a6ac01eee7d5ec-br"
last-modified: Thu, 14 May 2020 08:29:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:57:46 GMT
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685667466.152255,VS0,VE104
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

owa-mail-auth.web.app/js/notlisted.a73c097d.js

199.36.158.100

200 OK

2.0 kB

URL GET HTTP/3
owa-mail-auth.web.app/js/notlisted.a73c097d.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://owa-mail-auth.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT

File type
ASCII text, with very long lines (5183)
Size
2.0 kB (2034 bytes)
Hash
dbec19094046137d4d3e34aace6788e7
8ae9d6c39f6bb23549e41d4df8249adf692870a8
1541dd933f20ca77cbd66df0c5c847c5d52a3f944d8896de1c8d95d964b97e74

Detections

Analyzer	Verdict	Alert
openphish	Outlook
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /js/notlisted.a73c097d.js HTTP/1.1
Host: owa-mail-auth.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://owa-mail-auth.web.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 2034
cache-control: max-age=3600
content-encoding: gzip
content-type: text/javascript; charset=utf-8
etag: "821676c18f68b3e11c3cf79a02d56c74af2c15bb9738e39282aa305c2a53c957"
last-modified: Thu, 14 May 2020 08:29:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:57:46 GMT
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685667466.153558,VS0,VE103
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

owa-mail-auth.web.app/js/notfound.08d3b457.js

199.36.158.100

200 OK

2.0 kB

URL GET HTTP/3
owa-mail-auth.web.app/js/notfound.08d3b457.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://owa-mail-auth.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT

File type
ASCII text, with very long lines (5185)
Size
2.0 kB (2037 bytes)
Hash
bf22bfe0bf2a5b6f5c75bc2bec5b0861
43a2f813523bcc6140e62df0eb3d1bd1b03ae3b9
a12faf226a812297c9e0617980058ab4442bec018c8fd40b7aa114601ac6dbdf

Detections

Analyzer	Verdict	Alert
openphish	Outlook
phishtank	Other
quad9	Sinkholed

HTTP Headers

GET /js/notfound.08d3b457.js HTTP/1.1
Host: owa-mail-auth.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://owa-mail-auth.web.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 2037
cache-control: max-age=3600
content-encoding: gzip
content-type: text/javascript; charset=utf-8
etag: "e663877a9c6857199ea955c58365d3225a5c2ff30038f7e464464cba9117bf68"
last-modified: Thu, 14 May 2020 08:29:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Jun 2023 00:57:46 GMT
x-served-by: cache-bma1635-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685667466.152874,VS0,VE286
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (17)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size