Report - outlookonline-b2920.firebaseapp.com/

Report Overview

URL

outlookonline-b2920.firebaseapp.com/
IP

199.36.158.100

ASN

#54113 FASTLY
Submitted

2023-06-10T12:09:04Z

Access

public
Tags

phishing
urlquery detections

Phishing - Generic phishing

Detections

urlquery

3
Network Intrusion Detection

0
Threat Detection Systems

1

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
aadcdn.msftauth.net (3)	1455	2018-11-19 11:50:32	2023-06-10 06:19:04	1541	21251	152.199.23.37
maxcdn.bootstrapcdn.com (1)	724	2014-06-18 02:37:31	2023-06-10 05:13:44	507	49869	104.18.11.207
stackpath.bootstrapcdn.com (1)	2467	2018-06-15 22:36:43	2023-06-10 05:18:06	460	51934	104.18.11.207
outlookonline-b2920.firebaseapp.com (1)	unknown	2022-11-21 20:03:45	2023-04-19 11:48:19	492	20892	199.36.158.100
cdnjs.cloudflare.com (1)	235	2015-04-17 22:46:33	2023-06-10 05:11:57	511	7178	104.17.25.14
code.jquery.com (2)	634	2012-05-21 19:28:02	2023-06-10 05:11:11	986	48628	69.16.175.10
cdn.jsdelivr.net (1)	439	2012-09-30 02:15:09	2023-06-10 08:35:34	459	1766	151.101.65.229
ocsp.pki.goog (3)	175	2018-07-01 08:43:07	2023-06-10 05:09:51	1016	2110	142.250.74.3
ocsp.globalsign.com (1)	2075	2012-07-20 19:46:16	2023-06-10 05:09:17	358	1920	104.18.20.226
ajax.googleapis.com (1)	12905	2013-08-16 11:51:31	2023-06-10 11:47:03	452	31012	142.250.74.42
login.live.com (1)	79	2012-05-21 09:00:20	2023-06-10 10:16:37	437	1907	40.126.32.75

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-06-09	medium	outlookonline-b2920.firebaseapp.com/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

HTTP Transactions (16)

URL IP Response Size

outlookonline-b2920.firebaseapp.com/

199.36.158.100

200 OK

20268

URL User Request GET HTTP/2

outlookonline-b2920.firebaseapp.com/
IP

199.36.158.100:443
ASN

#54113 FASTLY

Certificate

IssuerGoogle Trust Services LLC

Subjectfirebaseapp.com

FingerprintB0:E0:C7:02:C8:03:C6:35:EB:2E:6C:0D:88:2A:18:D3:8F:1A:5E:AB

ValidityWed, 10 May 2023 15:01:49 GMT - Tue, 08 Aug 2023 15:01:48 GMT

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (59764), with CRLF line terminators

Size

20268
Hash

680cf77ea7cc75e90ebc69346a9a1cc6

8dc46e00cea4fff179aed93ba28a181a5f2790ec

6a24a84e5d828974605dc5f83289dae3d3258dfca87ef78866480d9a67b4266a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic phishing
openphish	Outlook

HTTP Headers

                                        GET / HTTP/1.1
Host: outlookonline-b2920.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "646a3a0d5eca9bcbfd9f54d1343fbcbdbef23ac1bdb21b0d587d8d0bf70fe3c6-br"
last-modified: Mon, 21 Nov 2022 17:31:33 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Sat, 10 Jun 2023 12:08:46 GMT
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686398926.000811,VS0,VE216
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20268
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4int/js5AeODGNU4

142.250.74.3

472

URL

ocsp.pki.goog/s/gts1d4int/js5AeODGNU4
IP

142.250.74.3:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

c4253d21c3e6052eb3ffa07bbe4ca8c6

c9a620eb644d44fcb876ed554f9c499f82db25f4

52af867164d09969d8701d233a4219745125f8bf3eb8fa17f2f784bcb5e2a9d7

HTTP Headers

                                        POST /s/gts1d4int/js5AeODGNU4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 12:08:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.25.14

200 OK

6157

URL GET HTTP/2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP

104.17.25.14:443
ASN

#13335 CLOUDFLARENET

Requested by

https://outlookonline-b2920.firebaseapp.com/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F

ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (19015)

Size

6157
Hash

70d3fda195602fe8b75e0097eed74dde

c3b977aa4b8dfb69d651e07015031d385ded964b

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

HTTP Headers

                                        GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://outlookonline-b2920.firebaseapp.com
DNT: 1
Connection: keep-alive
Referer: https://outlookonline-b2920.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:08:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3778822
expires: Thu, 30 May 2024 12:08:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLrW%2FBNqUsE3qPvnxyQxoQA9zF1eqYF7K48aG6TboTh0FIqitU%2BY%2BJt4ZMLrBChQXy1D440kiKPdOFE0F2PmiW1%2BgjNwSFvDFxPMD7wJAeyQfWsSSt0nDIk%2FFQC56%2Brqn6iBdrGK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d51806a6f8ab524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

69.16.175.10

200 OK

23856

URL GET HTTP/2

code.jquery.com/jquery-3.2.1.slim.min.js
IP

69.16.175.10:443
ASN

#20446 STACKPATH-CDN

Requested by

https://outlookonline-b2920.firebaseapp.com/
Certificate

IssuerSectigo Limited

Subject*.jquery.com

Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83

ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (32012)

Size

23856
Hash

5f48fc77cac90c4778fa24ec9c57f37d

9e89d1515bc4c371b86f4cb1002fd8e377c1829f

9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

HTTP Headers

                                        GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://outlookonline-b2920.firebaseapp.com
DNT: 1
Connection: keep-alive
Referer: https://outlookonline-b2920.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:08:46 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1686398926.dop222.sk1.t,1686398926.cds209.sk1.hn,1686398926.cds235.sk1.c
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js

151.101.65.229

200 OK

983

URL GET HTTP/2

cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js
IP

151.101.65.229:443
ASN

#54113 FASTLY

Requested by

https://outlookonline-b2920.firebaseapp.com/
Certificate

IssuerGlobalSign nv-sa

Subjectjsdelivr.net

Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F

ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

Magic

ASCII text, with very long lines (1993)

Size

983
Hash

c0ac9c9487d60de96dc68dbb25bd8dd6

99419b0be4b85422ff84870e54dbd8a52dc6dab1

76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c

HTTP Headers

                                        GET /npm/jquery.session@1.0.0/jquery.session.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://outlookonline-b2920.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.0.0
x-jsd-version-type: version
etag: W/"91d-mUGbC+S4VCL/hIcOVNvYpS3G2rE"
content-encoding: br
accept-ranges: bytes
date: Sat, 10 Jun 2023 12:08:46 GMT
age: 2800976
x-served-by: cache-fra-eddf8230025-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 983
X-Firefox-Spdy: h2

aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

152.199.23.37

200 OK

1435

URL GET HTTP/2

aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
IP

152.199.23.37:443
ASN

#15133 EDGECAST

Requested by

https://outlookonline-b2920.firebaseapp.com/
Certificate

IssuerDigiCert Inc

Subjectaadcdn.msftauth.net

Fingerprint99:06:D8:1E:EC:BF:DB:78:DF:F4:89:A3:ED:23:07:3D:79:F1:16:D6

ValidityTue, 31 Jan 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT

Magic

SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators

Size

1435
Hash

ee5c8d9fb6248c938fd0dc19370e90bd

d01a22720918b781338b5bbf9202b241a5f99ee4

04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

HTTP Headers

                                        GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://outlookonline-b2920.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 12671064
cache-control: public, max-age=31536000
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
content-type: image/svg+xml
date: Sat, 10 Jun 2023 12:08:46 GMT
etag: 0x8D79A1B9F5E121A
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (ska/F7B5)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: fc3f3f64-801e-006c-6456-2890f5000000
x-ms-version: 2009-09-19
content-length: 1435
X-Firefox-Spdy: h2

aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg

152.199.23.37

200 OK

673

URL GET HTTP/2

aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
IP

152.199.23.37:443
ASN

#15133 EDGECAST

Requested by

https://outlookonline-b2920.firebaseapp.com/
Certificate

IssuerDigiCert Inc

Subjectaadcdn.msftauth.net

Fingerprint99:06:D8:1E:EC:BF:DB:78:DF:F4:89:A3:ED:23:07:3D:79:F1:16:D6

ValidityTue, 31 Jan 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT

Magic

SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1864), with no line terminators

Size

673
Hash

bc3d32a696895f78c19df6c717586a5d

9191cb156a30a3ed79c44c0a16c95159e8ff689d

0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

HTTP Headers

                                        GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://outlookonline-b2920.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 25700370
cache-control: public, max-age=31536000
content-md5: DhdidjYrlCeaRJJRG/y9mA==
content-type: image/svg+xml
date: Sat, 10 Jun 2023 12:08:46 GMT
etag: 0x8D7B007297AE131
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (ska/F795)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 82e0eb20-701e-0011-72d5-b19fa0000000
x-ms-version: 2009-09-19
content-length: 673
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.3:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

039bd5f5536d1b489d46e52d9cd5a21e

88770d7c23bb9aefa7d8fad6262332c0a682a0d3

6195b2c8747988942a35a477b811d323d137e697b23c6670d093a1b10c4879c9

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 12:08:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

1462

URL

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP

104.18.20.226:0
ASN

#13335 CLOUDFLARENET

Magic

data

Size

1462
Hash

36454a386442b4863bdd73d380c8ed3b

8116a455291b49e701854f67eecfc1293aaf71ff

4cdf4426907187a22f0182300e95d51acd6dcf9872b92d487786b07313a13c0e

HTTP Headers

                                        POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 12:08:46 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "CCCDACF43ED7861C270D538FF956023C053C129F"
Expires: Sat, 10 Jun 2023 23:00:00 GMT
Last-Modified: Sat, 10 Jun 2023 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2784
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d51806bde021bfa-OSL

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.42

200 OK

30028

URL GET HTTP/2

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP

142.250.74.42:443
ASN

#15169 GOOGLE

Requested by

https://outlookonline-b2920.firebaseapp.com/
Certificate

IssuerGoogle Trust Services LLC

Subjectupload.video.google.com

Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

ASCII text, with very long lines (32065)

Size

30028
Hash

2f6b11a7e914718e0290410e85366fe9

69bb69e25ca7d5ef0935317584e6153f3fd9a88c

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

                                        GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://outlookonline-b2920.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 23:50:16 GMT
expires: Tue, 04 Jun 2024 23:50:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 389910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

69.16.175.10

200 OK

23856

URL GET HTTP/2

code.jquery.com/jquery-3.2.1.slim.min.js
IP

69.16.175.10:443
ASN

#20446 STACKPATH-CDN

Requested by

https://outlookonline-b2920.firebaseapp.com/
Certificate

IssuerSectigo Limited

Subject*.jquery.com

Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83

ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (32012)

Size

23856
Hash

5f48fc77cac90c4778fa24ec9c57f37d

9e89d1515bc4c371b86f4cb1002fd8e377c1829f

9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

HTTP Headers

                                        GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://outlookonline-b2920.firebaseapp.com
DNT: 1
Connection: keep-alive
Referer: https://outlookonline-b2920.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:08:46 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1686398926.dop222.sk1.t,1686398926.cds209.sk1.hn,1686398926.cds235.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.3:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

039bd5f5536d1b489d46e52d9cd5a21e

88770d7c23bb9aefa7d8fad6262332c0a682a0d3

6195b2c8747988942a35a477b811d323d137e697b23c6670d093a1b10c4879c9

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 12:08:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico

152.199.23.37

200 OK

17174

URL GET HTTP/2

aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
IP

152.199.23.37:443
ASN

#15133 EDGECAST

Requested by

https://outlookonline-b2920.firebaseapp.com/
Certificate

IssuerDigiCert Inc

Subjectaadcdn.msftauth.net

Fingerprint99:06:D8:1E:EC:BF:DB:78:DF:F4:89:A3:ED:23:07:3D:79:F1:16:D6

ValidityTue, 31 Jan 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT

Magic

MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data

Size

17174
Hash

12e3dac858061d088023b2bd48e2fa96

e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5

90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

HTTP Headers

                                        GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://outlookonline-b2920.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 898418
cache-control: public, max-age=31536000
content-md5: EuPayFgGHQiAI7K9SOL6lg==
content-type: image/x-icon
date: Sat, 10 Jun 2023 12:08:46 GMT
etag: 0x8D8731240E548EB
last-modified: Sun, 18 Oct 2020 03:02:30 GMT
server: ECAcc (ska/F738)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 003b7cc6-501e-0067-4768-9344ba000000
x-ms-version: 2009-09-19
content-length: 17174
X-Firefox-Spdy: h2

40.126.32.75

200 OK

1132

URL GET HTTP/1.1

login.live.com/Me.htm?v=3
IP

40.126.32.75:443
ASN

#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by

https://outlookonline-b2920.firebaseapp.com/
Certificate

IssuerDigiCert Inc

Subjectlogin.live.com

FingerprintAC:32:CF:1B:3D:B4:E1:1D:74:B7:6E:1E:74:B6:48:F3:5E:1B:90:C9

ValiditySun, 02 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT

Magic

HTML document, ASCII text, with very long lines (2345), with CRLF line terminators

Size

1132
Hash

e86ef8b6111e5fb1d1665bcdc90888c9

994bf7651cb967cd9053056af2d69acb74db7f29

3410242720de50b090d07a23aee2dad879b31d36f2615732962ec4cfa8a9d458

HTTP Headers

                                        GET /Me.htm?v=3 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://outlookonline-b2920.firebaseapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Cache-Control: max-age=315360000
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Tue, 07 Jun 2033 12:08:46 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: C107_BL2
x-ms-request-id: 7ce78166-f808-480c-809e-01b3decfaa60
PPServer: PPV: 30 H: BL02EPF00006701 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=b2022d2e5e4d466388889e57ada68d9d; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=N&lt=1686398926&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Sat, 10 Jun 2023 12:08:46 GMT
Content-Length: 1132

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.11.207

200 OK

48944

URL GET HTTP/2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP

104.18.11.207:443
ASN

#13335 CLOUDFLARENET

Requested by

https://outlookonline-b2920.firebaseapp.com/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A

ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (48664)

Size

48944
Hash

14d449eb8876fa55e1ef3c2cc52b0c17

a9545831803b1359cfeed47e3b4d6bae68e40e99

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

HTTP Headers

                                        GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://outlookonline-b2920.firebaseapp.com
DNT: 1
Connection: keep-alive
Referer: https://outlookonline-b2920.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:08:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: c5b8c62989fa3083e66bcb40bd2db0b8
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d51806a6889fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.11.207

200 OK

51039

URL GET HTTP/2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP

104.18.11.207:443
ASN

#13335 CLOUDFLARENET

Requested by

https://outlookonline-b2920.firebaseapp.com/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A

ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (50758)

Size

51039
Hash

67176c242e1bdc20603c878dee836df3

27a71b00383d61ef3c489326b3564d698fc1227c

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

                                        GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://outlookonline-b2920.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:08:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 29442774
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d51806a7bb2b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

#1 JS:Script (size: 35)

#2 JS:Script (size: 69597)

#3 JS:Script (size: 19188)

#4 JS:Script (size: 51039)

#5 JS:Script (size: 48944)

#6 JS:Script (size: 85578)

#7 JS:Script (size: 2333)

#8 JS:Script (size: 3480)

#9 JS:Script (size: 140)

HTTP Transactions (16)

URL User Request GET HTTP/2

IP

ASN

Certificate

Magic

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

Magic

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

Magic

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

Magic

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

Magic

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN