onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/?authkey=%21AIimYHAmx_1D3Vw&cid=ED6655F71DE2D15B&id=ED6655F71DE2D15B%21105&parId=root&o=OneUp
Submission: On October 15 via api (October 15th 2020, 1:35:12 am UTC) from US

Summary HTTP 94 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 94 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 2 on June 25th 2019. Valid for: 2 years.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	104.109.90.22 104.109.90.22	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
56	2.16.186.40 2.16.186.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	13.104.158.180 13.104.158.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	52.114.158.50 52.114.158.50	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28e::38f3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
7	2a02:26f0:6c0... 2a02:26f0:6c00:292::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	40.77.226.250 40.77.226.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.241.138.222 34.241.138.222	16509 (AMAZON-02) (AMAZON-02)
2 2	216.58.206.6 216.58.206.6	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1 1	13.105.74.49 13.105.74.49	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.90.23.206 40.90.23.206	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
94	14

1 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.109.90.22 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-90-22.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2.16.186.40 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.104.158.180 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

skyapi.onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.114.158.50 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28e::38f3 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

shellprod.msocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

az725175.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00:292::4b36 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

shell.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c1.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.138.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-138-222.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.6 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.105.74.49 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.90.23.206 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	akamaihd.net spoprod-a.akamaihd.net	2 MB
15	microsoft.com 1 redirects browser.pipe.aria.microsoft.com web.vortex.data.microsoft.com c1.microsoft.com	6 KB
8	live.com 1 redirects onedrive.live.com skyapi.onedrive.live.com storage.live.com login.live.com	77 KB
7	office.net shell.cdn.office.net	159 KB
5	sharepointonline.com static2.sharepointonline.com	127 KB
2	doubleclick.net 2 redirects ad.doubleclick.net	1 KB
1	google.de adservice.google.de	172 B
1	google.com 1 redirects adservice.google.com	253 B
1	demdex.net dpm.demdex.net	2 KB
1	bing.com 1 redirects c.bing.com	433 B
1	msecnd.net az725175.vo.msecnd.net	18 KB
1	msocdn.com shellprod.msocdn.com	34 KB
94	12

	Domain	Requested by
56	spoprod-a.akamaihd.net	onedrive.live.com spoprod-a.akamaihd.net
12	browser.pipe.aria.microsoft.com	spoprod-a.akamaihd.net shell.cdn.office.net
7	shell.cdn.office.net	shellprod.msocdn.com
5	skyapi.onedrive.live.com	spoprod-a.akamaihd.net skyapi.onedrive.live.com
5	static2.sharepointonline.com	onedrive.live.com static2.sharepointonline.com
2	ad.doubleclick.net	2 redirects
2	c1.microsoft.com	1 redirects
1	login.live.com
1	storage.live.com	1 redirects
1	adservice.google.de
1	adservice.google.com	1 redirects
1	dpm.demdex.net	az725175.vo.msecnd.net
1	c.bing.com	1 redirects
1	web.vortex.data.microsoft.com	az725175.vo.msecnd.net
1	az725175.vo.msecnd.net	onedrive.live.com
1	shellprod.msocdn.com	onedrive.live.com
1	onedrive.live.com
94	17

This site contains links to these domains. Also see Links.

Domain
login.live.com
g.live.com

Subject Issuer	Validity	Valid
onedrive.com Microsoft IT TLS CA 2	`2019-06-25` - `2021-06-25`	2 years	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 02	`2020-09-08` - `2021-09-08`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
storage.live.com Microsoft IT TLS CA 1	`2020-07-13` - `2022-07-13`	2 years	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2020-09-14` - `2021-09-09`	a year	crt.sh
*.msocdn.com Microsoft IT TLS CA 1	`2019-10-17` - `2021-10-17`	2 years	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2020-03-18` - `2022-03-18`	2 years	crt.sh
*.cdn.office.net Microsoft IT TLS CA 5	`2020-04-15` - `2022-04-15`	2 years	crt.sh
*.vortex.data.microsoft.com Microsoft RSA TLS CA 02	`2020-10-05` - `2021-10-05`	a year	crt.sh
c.msn.com Microsoft RSA TLS CA 01	`2020-10-07` - `2021-10-07`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2020-10-07` - `2021-10-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/?authkey=%21AIimYHAmx_1D3Vw&cid=ED6655F71DE2D15B&id=ED6655F71DE2D15B%21105&parId=root&o=OneUp
Frame ID: 231CFC379CB5A40621BAFB7695B637CC
Requests: 91 HTTP requests in this frame

Frame: https://skyapi.onedrive.live.com/xmlproxy.htm?domain=live.com
Frame ID: BA09639F62F5A0B97C240525B6AC737C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

94
Requests

99 %
HTTPS

29 %
IPv6

12
Domains

17
Subdomains

14
IPs

5
Countries

2550 kB
Transfer

10816 kB
Size

6
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1602725696&rver=7.3.6962.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2F%3Fauthkey%3D%2521AIimYHAmx_1D3Vw%26cid%3DED6655F71DE2D15B%26id%3DED6655F71DE2D15B%2521105%26parId%3Droot%26o%3DOneUp%26mkt%3Den-US&lc=1033&id=250206&cbcxt=sky&mkt=en-US&lw=1&fl=easi2
Title: Sign in

Search URL Search Domain Scan URL

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1602725696&rver=7.3.6962.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AIimYHAmx%255F1D3Vw%26id%3Droot&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AIimYHAmx%255F1D3Vw%26id%3Droot
Title: My files

Search URL Search Domain Scan URL

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1602725696&rver=7.3.6962.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AIimYHAmx%255F1D3Vw%26id%3Droot%26qt%3Dmru&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AIimYHAmx%255F1D3Vw%26id%3Droot%26qt%3Dmru
Title: Recent

Search URL Search Domain Scan URL

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1602725696&rver=7.3.6962.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AIimYHAmx%255F1D3Vw%26v%3Dphotos%26id%3Droot%26qt%3Dallmyphotos&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AIimYHAmx%255F1D3Vw%26v%3Dphotos%26id%3Droot%26qt%3Dallmyphotos
Title: Photos

Search URL Search Domain Scan URL

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1602725696&rver=7.3.6962.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AIimYHAmx%255F1D3Vw%26id%3Droot%26qt%3Dsharedby&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AIimYHAmx%255F1D3Vw%26id%3Droot%26qt%3Dsharedby
Title: Shared

Search URL Search Domain Scan URL

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1602725696&rver=7.3.6962.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AIimYHAmx%255F1D3Vw%26id%3Droot%26qt%3Drecyclebin&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AIimYHAmx%255F1D3Vw%26id%3Droot%26qt%3Drecyclebin
Title: Recycle bin

Search URL Search Domain Scan URL

URL: https://g.live.com/8SESkyDrive/SkyDriveApps?biciid=lhnlink
Title: Get the OneDrive apps

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=C2B3FE52166E4C2298C7273FE7A7C074&RedC=c1.microsoft.com&MXFR=380526D15AA66AE703DF29B55EA66CF0 HTTP 302
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=C2B3FE52166E4C2298C7273FE7A7C074&MUID=0B65218B3F736A4D0E622EEF3E186B3C

Request Chain 69

https://ad.doubleclick.net/ddm/activity/src=6952136;type=store0;cat=jsll;u58=97668ec896164b44bbaffa0c4ef5a1e5;match_id=97668ec896164b44bbaffa0c4ef5a1e5;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=6952136;dc_pre=CMbQur-6tewCFVZDkQUdtbsC_g;type=store0;cat=jsll;u58=97668ec896164b44bbaffa0c4ef5a1e5;match_id=97668ec896164b44bbaffa0c4ef5a1e5;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/p/src=6952136;dc_pre=CMbQur-6tewCFVZDkQUdtbsC_g;type=store0;cat=jsll;u58=97668ec896164b44bbaffa0c4ef5a1e5;match_id=97668ec896164b44bbaffa0c4ef5a1e5;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;~oref=https://onedrive.live.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=6952136;dc_pre=CMbQur-6tewCFVZDkQUdtbsC_g;type=store0;cat=jsll;u58=97668ec896164b44bbaffa0c4ef5a1e5;match_id=97668ec896164b44bbaffa0c4ef5a1e5;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;~oref=https://onedrive.live.com/

Request Chain 72

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1602725698562 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1602725698&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

94 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
onedrive.live.com/ 372 KB
64 KB 185ms
166ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Domain/Path	Expires	Name / Value
.live.com/	1969-12-31 23:59:59	Name: SAToken1 Value:
.live.com/	1970-01-19 13:22:10	Name: wla42 Value:
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 1
.live.com/	1969-12-31 23:59:59	Name: SAToken0 Value:
.live.com/	1969-12-31 23:59:59	Name: xid Value: f594c411-1411-4544-8b36-895355752157&&RD0004FFA751D7&335
.live.com/	1969-12-31 23:59:59	Name: E Value: P:tVr8hapw2Ig=:MUfjkeNqJjtSIlOgoMwGHKgCyb/tSy6lf8mtiG75zkc=:F

Source	Level	URL Text
console-api	warning	URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-10-02_20201002.001/odconedrive-b9c3cb39.js(Line 21) Message: Promise with no error callback:22
console-api	log	URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod-amd_2020-10-02_20201002.001/odconedrive-b9c3cb39.js(Line 21) Message: [object Object]

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

94 Requests

99 %HTTPS

29 %IPv6

12 Domains

17 Subdomains

14 IPs

5 Countries

2550 kBTransfer

10816 kBSize

6 Cookies

7 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

99 %
HTTPS

29 %
IPv6

12
Domains

17
Subdomains

14
IPs

5
Countries

2550 kB
Transfer

10816 kB
Size

6
Cookies

94 HTTP transactions
2 data transactions