urlscan.io logo urlscan.io
SecurityTrails logo

firebasestorage.googleapis.com Open in urlscan Pro
2a00:1450:4001:810::200a  Public Scan

Go To Rescan Add Verdict Report
URL: https://firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/index1.html?alt=media&token=11958c2a-34a6-4ed1-a1b5-081ec066cb...
Submission: On January 08 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 7 domains to perform 13 HTTP transactions. The main IP is 2a00:1450:4001:810::200a, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is firebasestorage.googleapis.com. The Cisco Umbrella rank of the primary domain is 6961.
TLS certificate: Issued by GTS CA 1C3 on November 29th 2021. Valid for: 3 months.
This is the only time firebasestorage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
2 2.16.186.40 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 40.90.136.182 8075 (MICROSOFT...)
5 5 20.190.160.2 8075 (MICROSOFT...)
1 2 13.107.42.12 8068 (MICROSOFT...)
1 13.107.43.12 8068 (MICROSOFT...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 13.95.147.73 8075 (MICROSOFT...)
1 13.107.42.13 8068 (MICROSOFT...)
13 11
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebasestorage.googleapis.com
2    2.16.186.40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com
spoprod-a.akamaihd.net
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    40.90.136.182 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: i-db3p-cor001.api.p001.1drv.com
skyapi.onedrive.live.com
5    20.190.160.2 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    13.107.42.12 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: 1drv.ms
auth.blu.livefilestore.com
1    13.107.43.12 (Des Moines, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bay.livefilestore.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.bing.com
1    13.95.147.73 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.sfx.ms
1    13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
onedrive.live.com
Apex Domain
Subdomains		 Transfer
8 live.com
skyapi.onedrive.live.com — Cisco Umbrella Rank: 23123
login.live.com — Cisco Umbrella Rank: 54
onedrive.live.com — Cisco Umbrella Rank: 2322
7 KB
3 livefilestore.com
auth.blu.livefilestore.com — Cisco Umbrella Rank: 42264
c.bay.livefilestore.com — Cisco Umbrella Rank: 237786
1 KB
3 googleapis.com
firebasestorage.googleapis.com — Cisco Umbrella Rank: 6961
ajax.googleapis.com — Cisco Umbrella Rank: 258
1 MB
2 akamaihd.net
spoprod-a.akamaihd.net — Cisco Umbrella Rank: 2056
5 KB
1 sfx.ms
p.sfx.ms — Cisco Umbrella Rank: 17746
456 B
1 bing.com
www.bing.com — Cisco Umbrella Rank: 82
1 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 616
11 KB
13 7
Domain Requested by
5 login.live.com 5 redirects
2 auth.blu.livefilestore.com 1 redirects firebasestorage.googleapis.com
2 skyapi.onedrive.live.com firebasestorage.googleapis.com
skyapi.onedrive.live.com
2 ajax.googleapis.com firebasestorage.googleapis.com
2 spoprod-a.akamaihd.net firebasestorage.googleapis.com
1 onedrive.live.com p.sfx.ms
1 p.sfx.ms firebasestorage.googleapis.com
1 www.bing.com firebasestorage.googleapis.com
1 c.bay.livefilestore.com firebasestorage.googleapis.com
1 maxcdn.bootstrapcdn.com firebasestorage.googleapis.com
1 firebasestorage.googleapis.com
13 11

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
storage.live.com
Microsoft RSA TLS CA 01		 2021-08-19 -
2022-08-19		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
onedrive.com
Microsoft RSA TLS CA 01		 2021-08-13 -
2022-08-13		 a year crt.sh

This page contains 6 frames:

Primary Page: https://firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/index1.html?alt=media&token=11958c2a-34a6-4ed1-a1b5-081ec066cb95&data=ZXZhbi5ncmVzaGFtQG1pY2hlbGluLmNvbQ==
Frame ID: 8F24CFDAE5A55CDE78089C29B5E43A38
Requests: 10 HTTP requests in this frame

Frame: https://skyapi.onedrive.live.com/xmlproxy.htm?domain=live.com
Frame ID: 41050CDB99C2C4117B4AFDAE6728E01B
Requests: 2 HTTP requests in this frame

Frame: https://auth.blu.livefilestore.com/storageservice/passport/login.aspx?sid=ec0148e6-5323-4398-9eae-8ecbe6fc3f31
Frame ID: C938E7A8292C8C0FCB0A57DE4CB40BC7
Requests: 1 HTTP requests in this frame

Frame: https://c.bay.livefilestore.com/storageservice/passport/check.gif
Frame ID: 51474EC96029326711E2916697D080D9
Requests: 1 HTTP requests in this frame

Frame: https://www.bing.com/secure/Passport.aspx?nocontent=1
Frame ID: 3854A867BBAFE72CE1529AA99668FC35
Requests: 1 HTTP requests in this frame

Frame: https://onedrive.live.com/sa
Frame ID: 815FCF53B4D1AE24152BAD89A4F22EA9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Documents - OneDrive

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

36 %
IPv6

7
Domains

11
Subdomains

11
IPs

4
Countries

1297 kB
Transfer

1521 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1628696546&rver=7.3.6962.0&wp=MBI_SSL&wreply=https%3a%2f%2fauth.blu.livefilestore.com%2fstorageservice%2fpassport%2flogin.aspx%3fcid%3d-8767167358199991219%26cru%3dhttps%253a%252f%252fonedrive.live.com%252fCookieToss%253fv%253d3%2526i%253d0&lc=1033&id=250915 HTTP 302
  • https://auth.blu.livefilestore.com/storageservice/passport/login.aspx?cid=-8767167358199991219&cru=https%3a%2f%2fonedrive.live.com%2fCookieToss%3fv%3d3%26i%3d0 HTTP 302
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1641672479&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fauth.blu.livefilestore.com%2Fstorageservice%2Fpassport%2Flogin.aspx%3Fsid%3Dec0148e6-5323-4398-9eae-8ecbe6fc3f31&lc=1033&id=250915 HTTP 302
  • https://auth.blu.livefilestore.com/storageservice/passport/login.aspx?sid=ec0148e6-5323-4398-9eae-8ecbe6fc3f31
Request Chain 7
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1628696546&rver=7.3.6962.0&wp=MBI_SSL&wreply=https%3a%2f%2fauth-blu.files.1drv.com%2fstorageservice%2fpassport%2flogin.aspx%3fcid%3d-8767167358199991219%26cru%3dhttps%253a%252f%252fonedrive.live.com%252fCookieToss%253fv%253d3%2526i%253d1&lc=1033&id=250915 HTTP 302
  • https://c.bay.livefilestore.com/storageservice/passport/check.gif
Request Chain 8
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1628696548&rver=6.0.5286.0&wp=MBI_SSL&wreply=https:%2F%2Fwww.bing.com%2Fsecure%2FPassport.aspx%3Fnocontent%3D1&lc=4096&id=264960&checkda=1 HTTP 302
  • https://www.bing.com/secure/Passport.aspx?nocontent=1
Request Chain 9
  • https://login.live.com/oauth20_authorize.srf?client_id=00000000481710A4&scope=onedrive%5Fimplicit%2Eaccess&res=success&resuictx=selection&response_type=token&redirect_uri=https%3A%2F%2Fp.sfx.ms%2Fsa.html&display=none HTTP 302
  • https://p.sfx.ms/sa.html

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index1.html
firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/ 		1 MB
1 MB 		Document
General
Check archive.org
Download Go to
Full URL
https://firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/index1.html?alt=media&token=11958c2a-34a6-4ed1-a1b5-081ec066cb95&data=ZXZhbi5ncmVzaGFtQG1pY2hlbGluLmNvbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
98a3bbd96524f2acec1fec8a942f39567e0415e927277562789b3c5eccef93c0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycdtTKjFMK2oXKZ9LC_Hpp7CmoG7AzRBtZrCYVzVRpK46aCY7vym0P0HflMYlrDFHciq0FHMTlRHdS3liN4etbL4
expires
Sat, 08 Jan 2022 20:07:59 GMT
date
Sat, 08 Jan 2022 20:07:59 GMT
cache-control
private, max-age=0
last-modified
Thu, 26 Aug 2021 05:25:29 GMT
etag
"9696cb73b716ea4495d32e30b1c853fe"
x-goog-generation
1629955529421905
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1220485
x-goog-meta-firebasestoragedownloadtokens
0fafe0e5-b82c-4e80-b6f8-eb5a6bf7c92e
content-type
text/html
content-disposition
inline; filename*=utf-8''index1.html
x-goog-hash
crc32c=s8F1eQ== md5=lpbLc7cW6kSV0y4wschT/g==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
1220485
server
UploadServer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
officebrowserfeedback.css
spoprod-a.akamaihd.net/files/odsp-web-prod_2021-07-30.004/@ms-ofb/officebrowserfeedback/styles/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/odsp-web-prod_2021-07-30.004/@ms-ofb/officebrowserfeedback/styles/officebrowserfeedback.css
Requested by
Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/index1.html?alt=media&token=11958c2a-34a6-4ed1-a1b5-081ec066cb95&data=ZXZhbi5ncmVzaGFtQG1pY2hlbGluLmNvbQ==
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b25c4ba730dd61f23a4321cc92fb0a3a32d33af51e784394984532da078e3735

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firebasestorage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 08 Jan 2022 20:07:59 GMT
content-encoding
gzip
content-md5
ijv1zN0XlJCoA3HmG9LYkw==
content-length
3492
x-ms-lease-status
unlocked
last-modified
Mon, 02 Aug 2021 17:23:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D955DA394A44DD
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
4caf9db5-801e-0099-03aa-88f990000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=17887900
x-ms-version
2009-09-19
timing-allow-origin
*
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/index1.html?alt=media&token=11958c2a-34a6-4ed1-a1b5-081ec066cb95&data=ZXZhbi5ncmVzaGFtQG1pY2hlbGluLmNvbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firebasestorage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 15:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Jan 2023 15:29:12 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/index1.html?alt=media&token=11958c2a-34a6-4ed1-a1b5-081ec066cb95&data=ZXZhbi5ncmVzaGFtQG1pY2hlbGluLmNvbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firebasestorage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 20:07:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752, 617, 617, 617, 617, 617, 617, 617, 617, 617
age
12357259
cdn-cachedat
2021-08-02 15:29:35
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a809d8824c97646676d59c5f9e3e6bf6
cf-ray
6ca80e247c9a3744-MXP
cdn-requestcountrycode
EG
cdn-status
200
cdn-requestpullsuccess
True
pdf.png
spoprod-a.akamaihd.net/files/fabric-cdn-prod_20201207.001/assets/item-types/16_2x/ 		537 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spoprod-a.akamaihd.net/files/fabric-cdn-prod_20201207.001/assets/item-types/16_2x/pdf.png
Requested by
Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/index1.html?alt=media&token=11958c2a-34a6-4ed1-a1b5-081ec066cb95&data=ZXZhbi5ncmVzaGFtQG1pY2hlbGluLmNvbQ==
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
95cb17d401e0e3a6a3add8daf788324afa9bf61d83b6dcaee2dfed97eff4c82b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firebasestorage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 08 Jan 2022 20:07:59 GMT
last-modified
Mon, 07 Dec 2020 19:53:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
jDJs6P5kLz4wNfibVVsk4g==
etag
0x8D89AE9C2FB617E
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
b3cc23d5-e01e-00b0-7b7b-e9e452000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=8243072
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
537
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/index1.html?alt=media&token=11958c2a-34a6-4ed1-a1b5-081ec066cb95&data=ZXZhbi5ncmVzaGFtQG1pY2hlbGluLmNvbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firebasestorage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 20:11:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jan 2023 20:11:41 GMT
xmlproxy.htm
skyapi.onedrive.live.com/ Frame 4105 		215 B
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://skyapi.onedrive.live.com/xmlproxy.htm?domain=live.com
Requested by
Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/index1.html?alt=media&token=11958c2a-34a6-4ed1-a1b5-081ec066cb95&data=ZXZhbi5ncmVzaGFtQG1pY2hlbGluLmNvbQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.90.136.182 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
i-db3p-cor001.api.p001.1drv.com
Software
/
Resource Hash
1d4327acd4d0472e2744eddc9878e1d3824d366a6194320bed25cb3fea946355
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://firebasestorage.googleapis.com/

Response headers

content-length
185
content-type
text/html
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 16:27:52 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-msnserver
DB5SCH102220723
strict-transport-security
max-age=31536000; includeSubDomains
ms-cv
P9e7yolf6UKEkmLVs1i8+g.0
x-asmversion
UNKNOWN; 19.813.1129.2003
date
Sat, 08 Jan 2022 20:07:59 GMT
login.aspx
auth.blu.livefilestore.com/storageservice/passport/ Frame C938
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1628696546&rver=7.3.6962.0&wp=MBI_SSL&wreply=https%3a%2f%2fauth.blu.livefilestore.com%2fstorageservice%2fpassport%2flogin.aspx%3...
  • https://auth.blu.livefilestore.com/storageservice/passport/login.aspx?cid=-8767167358199991219&cru=https%3a%2f%2fonedrive.live.com%2fCookieToss%3fv%3d3%26i%3d0
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1641672479&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fauth.blu.livefilestore.com%2Fstorageservice%2Fpassport%2Flogin.aspx%3Fs...
  • https://auth.blu.livefilestore.com/storageservice/passport/login.aspx?sid=ec0148e6-5323-4398-9eae-8ecbe6fc3f31
18 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.blu.livefilestore.com/storageservice/passport/login.aspx?sid=ec0148e6-5323-4398-9eae-8ecbe6fc3f31
Requested by
Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/index1.html?alt=media&token=11958c2a-34a6-4ed1-a1b5-081ec066cb95&data=ZXZhbi5ncmVzaGFtQG1pY2hlbGluLmNvbQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.12 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
1drv.ms
Software
/
Resource Hash
4a65d51c4a6d1bdac4500bd11294823c0c199bfb85a3400818bed353e51ac7d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://firebasestorage.googleapis.com/

Response headers

cache-control
no-store
content-length
38
content-type
text/plain
content-encoding
gzip
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-msnserver
BL6PPFAEE3B6389
strict-transport-security
max-age=31536000; includeSubDomains
ms-cv
aJJz6C6X7EyOoccNSEvqNQ.0
x-asmversion
UNKNOWN; 19.813.1129.2003
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: CB69599EF6DF485CB1394ABD60DE85D8 Ref B: FRAEDGE1210 Ref C: 2022-01-08T20:08:00Z
date
Sat, 08 Jan 2022 20:07:59 GMT

Redirect headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
Sat, 08 Jan 2022 20:07:00 GMT
Location
https://auth.blu.livefilestore.com/storageservice/passport/login.aspx?sid=ec0148e6-5323-4398-9eae-8ecbe6fc3f31
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy
strict-origin-when-cross-origin
x-ms-route-info
R3_BL2
x-ms-request-id
6b882ebc-acdc-431f-8493-beabc2c75773
PPServer
PPV: 30 H: BL02PFC71CDA904 V: 0
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Date
Sat, 08 Jan 2022 20:07:59 GMT
Content-Length
0
check.gif
c.bay.livefilestore.com/storageservice/passport/ Frame 5147
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1628696546&rver=7.3.6962.0&wp=MBI_SSL&wreply=https%3a%2f%2fauth-blu.files.1drv.com%2fstorageservice%2fpassport%2flogin.aspx%3fci...
  • https://c.bay.livefilestore.com/storageservice/passport/check.gif
0
440 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.bay.livefilestore.com/storageservice/passport/check.gif
Requested by
Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/index1.html?alt=media&token=11958c2a-34a6-4ed1-a1b5-081ec066cb95&data=ZXZhbi5ncmVzaGFtQG1pY2hlbGluLmNvbQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.43.12 Des Moines, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://firebasestorage.googleapis.com/

Response headers

p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-msnserver
BY3PPF6E4B11B9E
strict-transport-security
max-age=31536000; includeSubDomains
ms-cv
TTl2dkE38k+c3bH92LEC1Q.0
x-qosstats
{"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-throwsite
292f.6f50
x-clienterrorcode
InvalidPath
x-errorcodechain
InvalidRequest
x-asmversion
UNKNOWN; 19.823.1213.2020
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 7CAB7F389E5742978B7DB1247530AD48 Ref B: VIEEDGE2519 Ref C: 2022-01-08T20:07:59Z
date
Sat, 08 Jan 2022 20:07:59 GMT
content-length
0

Redirect headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
Sat, 08 Jan 2022 20:06:59 GMT
Location
https://c.bay.livefilestore.com/storageservice/passport/check.gif
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy
strict-origin-when-cross-origin
x-ms-route-info
R3_BL2
x-ms-request-id
afe6edaa-9743-43c1-8f22-9e19fa3d6304
PPServer
PPV: 30 H: BL02EPF000016B8 V: 0
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Date
Sat, 08 Jan 2022 20:07:58 GMT
Content-Length
0
Passport.aspx
www.bing.com/secure/ Frame 3854
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1628696548&rver=6.0.5286.0&wp=MBI_SSL&wreply=https:%2F%2Fwww.bing.com%2Fsecure%2FPassport.aspx%3Fnocontent%3D1&lc=4096&id=264960&checkda=1
  • https://www.bing.com/secure/Passport.aspx?nocontent=1
0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bing.com/secure/Passport.aspx?nocontent=1
Requested by
Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/index1.html?alt=media&token=11958c2a-34a6-4ed1-a1b5-081ec066cb95&data=ZXZhbi5ncmVzaGFtQG1pY2hlbGluLmNvbQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://firebasestorage.googleapis.com/

Response headers

cache-control
private
content-length
1
content-type
text/html
content-encoding
br
vary
Accept-Encoding
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-snr-routing
1
x-cache
CONFIG_NOCACHE
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 03EFC5034B41417D8C69AC788EB7110B Ref B: FRAEDGE1310 Ref C: 2022-01-08T20:07:59Z
date
Sat, 08 Jan 2022 20:07:58 GMT

Redirect headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
Sat, 08 Jan 2022 20:06:59 GMT
Location
https://www.bing.com/secure/Passport.aspx?nocontent=1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy
strict-origin-when-cross-origin
x-ms-route-info
R3_BL2
x-ms-request-id
0d659176-1843-4c60-814c-67f0e4390ca6
PPServer
PPV: 30 H: BL02PF45A95606B V: 0
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Date
Sat, 08 Jan 2022 20:07:58 GMT
Content-Length
0
sa.html
p.sfx.ms/ Frame 815F
Redirect Chain
  • https://login.live.com/oauth20_authorize.srf?client_id=00000000481710A4&scope=onedrive%5Fimplicit%2Eaccess&res=success&resuictx=selection&response_type=token&redirect_uri=https%3A%2F%2Fp.sfx.ms%2Fs...
  • https://p.sfx.ms/sa.html
175 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.sfx.ms/sa.html
Requested by
Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/odrv-3c4a4.appspot.com/o/index1.html?alt=media&token=11958c2a-34a6-4ed1-a1b5-081ec066cb95&data=ZXZhbi5ncmVzaGFtQG1pY2hlbGluLmNvbQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.147.73 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
97fce3c671997c4f61562dd2ea5696766099235e9558e5721b5d7ba44914f725

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://firebasestorage.googleapis.com/

Response headers

cache-control
public,max-age=86400
content-type
text/html
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 21:04:58 GMT
accept-ranges
bytes
etag
"03921c7f6dbd71:0"
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-msnserver
RD0003FF24232A
x-odwebserver
westeurope1-odwebp
date
Sat, 08 Jan 2022 20:07:59 GMT
content-length
243

Redirect headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
Sat, 08 Jan 2022 20:06:59 GMT
Location
https://p.sfx.ms/sa.html#error=access_denied&error_description=Silent+authentication+was+denied.+The+user+must+first+sign+in+and+if+needed+grant+the+client+application+access+to+the+scope+'onedrive_implicit.access'.
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
X-WLID-Error
0x8004100C
Referrer-Policy
strict-origin-when-cross-origin
x-ms-route-info
R3_BL2
x-ms-request-id
8dddf14d-bc49-48fa-935b-83426d368042
PPServer
PPV: 30 H: BL02PFB50916876 V: 0
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Date
Sat, 08 Jan 2022 20:07:59 GMT
Content-Length
0
truncated
/ 		33 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fc455c0c1f031f2bf3f9aa40c98f4c3de6cb619ac6d6c153319b69d88d2b811

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firebasestorage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
497823a2547236b2688eefcc8b4a60bfa7d4eea23dcb55ff081e70494a6906b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firebasestorage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df

Request headers

Referer
Origin
https://firebasestorage.googleapis.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
font/woff;charset=utf-8
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0225b2fd4c0dd7b6bf19366ceff48779ffb7a4d6c024a219689263d7124312c0

Request headers

Referer
Origin
https://firebasestorage.googleapis.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
font/woff;charset=utf-8
xmlproxy.js
skyapi.onedrive.live.com/ Frame 4105 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skyapi.onedrive.live.com/xmlproxy.js?.
Requested by
Host: skyapi.onedrive.live.com
URL: https://skyapi.onedrive.live.com/xmlproxy.htm?domain=live.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.90.136.182 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
i-db3p-cor001.api.p001.1drv.com
Software
/
Resource Hash
7675ff937276a1b69ca7fa830c5a55996c63afaf45f3fc751cbc4517ef3bb2a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://skyapi.onedrive.live.com/xmlproxy.htm?domain=live.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-msnserver
DB5SCH102220723
last-modified
Thu, 02 Dec 2021 16:27:54 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sat, 08 Jan 2022 20:07:59 GMT
content-type
text/javascript
ms-cv
pcnuSdOc8ke8TgGgdjQLGg.0
content-encoding
gzip
x-asmversion
UNKNOWN; 19.813.1129.2003
content-length
981
sa
onedrive.live.com/ Frame 815F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onedrive.live.com/sa
Requested by
Host: p.sfx.ms
URL: https://p.sfx.ms/sa.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e2d3239efdeae721dd7cc59d99ed8c42b855782e251d5e470fef2f063dd1bc6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://p.sfx.ms/

Response headers

cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-msnserver
RDE42AAC88CA3D
x-odwebserver
canadacentral0-odwebpl
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 2DBA09D5C81942288211DE1EC54A0BC7 Ref B: FRAEDGE0808 Ref C: 2022-01-08T20:07:59Z
date
Sat, 08 Jan 2022 20:07:59 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onsecuritypolicyviolation object| onslotchange function| $ function| jQuery object| jQuery112406469568195358124 object| modal object| encString object| error string| lnk string| email undefined| domain undefined| dom undefined| submit undefined| dot

9 Cookies

Domain/Path Name / Value
.bing.com/ Name: SUID
Value: M
.bing.com/ Name: MUID
Value: 3B982B53021A666A1FF33A7503C867BD
.bing.com/ Name: SRCHD
Value: AF=NOFORM
.bing.com/ Name: SRCHUID
Value: V=2&GUID=42A61421C5A9454AA063F2C0CB1E060F&dmnchg=1
.bing.com/ Name: SRCHUSR
Value: DOB=20220108
.bing.com/ Name: SRCHHPGUSR
Value: SRCHLANG=de
.bing.com/ Name: _SS
Value: SID=223DCE4E30C16F591529DF6831136ED3
.login.live.com/ Name: uaid
Value: 2ff1f3a462d34cbbb600dcedfdbc3c55
.login.live.com/ Name: MSPRequ
Value: id=250915&lt=1641672480&co=2

3 Console Messages

Source Level URL
Text
security error URL: https://onedrive.live.com/sa(Line 14)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://onedrive.live.com') does not match the recipient window's origin ('https://firebasestorage.googleapis.com').
network error URL: https://c.bay.livefilestore.com/storageservice/passport/check.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://auth.blu.livefilestore.com/storageservice/passport/login.aspx?sid=ec0148e6-5323-4398-9eae-8ecbe6fc3f31
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
auth.blu.livefilestore.com
c.bay.livefilestore.com
firebasestorage.googleapis.com
login.live.com
maxcdn.bootstrapcdn.com
onedrive.live.com
p.sfx.ms
skyapi.onedrive.live.com
spoprod-a.akamaihd.net
www.bing.com
13.107.42.12
13.107.42.13
13.107.43.12
13.95.147.73
2.16.186.40
20.190.160.2
2606:4700::6812:acf
2620:1ec:c11::200
2a00:1450:4001:801::200a
2a00:1450:4001:810::200a
40.90.136.182
0225b2fd4c0dd7b6bf19366ceff48779ffb7a4d6c024a219689263d7124312c0
1d4327acd4d0472e2744eddc9878e1d3824d366a6194320bed25cb3fea946355
497823a2547236b2688eefcc8b4a60bfa7d4eea23dcb55ff081e70494a6906b2
4a65d51c4a6d1bdac4500bd11294823c0c199bfb85a3400818bed353e51ac7d0
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7675ff937276a1b69ca7fa830c5a55996c63afaf45f3fc751cbc4517ef3bb2a7
95cb17d401e0e3a6a3add8daf788324afa9bf61d83b6dcaee2dfed97eff4c82b
97fce3c671997c4f61562dd2ea5696766099235e9558e5721b5d7ba44914f725
98a3bbd96524f2acec1fec8a942f39567e0415e927277562789b3c5eccef93c0
9fc455c0c1f031f2bf3f9aa40c98f4c3de6cb619ac6d6c153319b69d88d2b811
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df
b25c4ba730dd61f23a4321cc92fb0a3a32d33af51e784394984532da078e3735
e2d3239efdeae721dd7cc59d99ed8c42b855782e251d5e470fef2f063dd1bc6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d