login.live.com Open in urlscan Pro
2620:1ec:9::6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://1drv.ms/b/s!AvjMIIjqp-2PfdAfCFqgAVDqq08
Effective URL:
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1537213965&rver=6.7.6643.0&wp=MBI_SSL_SHARED&lc=1033&id=2502...
Submission: On September 17 via manual (September 17th 2018, 7:52:56 pm UTC) from US

Summary HTTP 73 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 73 HTTP transactions. The main IP is 2620:1ec:9::6, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is login.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 2 on June 29th 2018. Valid for: 2 years.

This is the only time login.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	204.79.197.213 204.79.197.213	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	204.79.197.217 204.79.197.217	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
26	2.16.186.25 2.16.186.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2.18.232.116 2.18.232.116	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	40.90.136.180 40.90.136.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
3	52.114.158.53 52.114.158.53	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	40.90.136.182 40.90.136.182	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
12	23.43.112.150 23.43.112.150	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2620:1ec:9::6 2620:1ec:9::6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	40.77.226.250 40.77.226.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2606:2800:133... 2606:2800:133:f17:19e8:2356:251b:2a9	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
4	2a02:26f0:6c0... 2a02:26f0:6c00:283::34ef	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a02:26f0:6c0... 2a02:26f0:6c00:29f::34ef	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
73	14

1 204.79.197.213 (Redmond, United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0011.a-msedge.net

1drv.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.79.197.217 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2.16.186.25 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-25.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.232.116 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-116.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.90.136.180 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: i-db3p-cor002.api.p001.1drv.com

skyapi.onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.114.158.53 (Redmond, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.90.136.182 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: i-db3p-cor001.api.p001.1drv.com

skyapi.onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.43.112.150 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-112-150.deploy.static.akamaitechnologies.com

r3.res.outlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:9::6 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

az725175.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:f17:19e8:2356:251b:2a9 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

swx.cdn.skype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:283::34ef (European Union)

ASN20940 (AKAMAI-ASN1, US)

auth.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00:29f::34ef (European Union)

ASN20940 (AKAMAI-ASN1, US)

auth.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	akamaihd.net spoprod-a.akamaihd.net	1 MB
12	outlook.com r3.res.outlook.com	513 KB
11	gfx.ms auth.gfx.ms	430 KB
8	live.com onedrive.live.com skyapi.onedrive.live.com login.live.com outlook.live.com Failed	70 KB
5	microsoft.com browser.pipe.aria.microsoft.com web.vortex.data.microsoft.com	3 KB
4	sharepointonline.com static2.sharepointonline.com	98 KB
1	skype.com swx.cdn.skype.com b.config.skype.com Failed	3 KB
1	msecnd.net az725175.vo.msecnd.net	17 KB
1	1drv.ms 1 redirects 1drv.ms	284 B
73	9

	Domain	Requested by
26	spoprod-a.akamaihd.net	onedrive.live.com spoprod-a.akamaihd.net
12	r3.res.outlook.com	spoprod-a.akamaihd.net r3.res.outlook.com
11	auth.gfx.ms	login.live.com auth.gfx.ms
5	skyapi.onedrive.live.com	spoprod-a.akamaihd.net skyapi.onedrive.live.com
4	static2.sharepointonline.com	onedrive.live.com spoprod-a.akamaihd.net
3	browser.pipe.aria.microsoft.com	spoprod-a.akamaihd.net r3.res.outlook.com
2	web.vortex.data.microsoft.com	az725175.vo.msecnd.net
2	onedrive.live.com	onedrive.live.com auth.gfx.ms
1	swx.cdn.skype.com	r3.res.outlook.com
1	az725175.vo.msecnd.net	spoprod-a.akamaihd.net
1	login.live.com	spoprod-a.akamaihd.net
1	1drv.ms	1 redirects
0	b.config.skype.com Failed	swx.cdn.skype.com
0	outlook.live.com Failed	r3.res.outlook.com
73	14

This site contains links to these domains. Also see Links.

Domain
signup.live.com

Subject Issuer	Validity	Valid
onedrive.com Microsoft IT TLS CA 1	`2017-08-02` - `2019-08-02`	2 years	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-01-23` - `2019-01-19`	a year	crt.sh
*.sharepointonline.com Microsoft IT TLS CA 2	`2017-11-03` - `2019-11-03`	2 years	crt.sh
storage.live.com Microsoft IT TLS CA 2	`2018-08-29` - `2020-08-29`	2 years	crt.sh
*.pipe.aria.microsoft.com Microsoft IT TLS CA 1	`2017-09-06` - `2019-09-06`	2 years	crt.sh
*.res.outlook.com Microsoft IT TLS CA 5	`2017-11-27` - `2019-11-27`	2 years	crt.sh
*.login.live.com Microsoft IT TLS CA 2	`2018-06-29` - `2020-06-29`	2 years	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
*.vortex.data.microsoft.com Microsoft IT TLS CA 5	`2018-01-30` - `2020-01-30`	2 years	crt.sh
msagfx.live.com Microsoft IT TLS CA 4	`2017-07-27` - `2019-07-17`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1537213965&rver=6.7.6643.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521ANAfCFqgAVDqq08%26id%3D8FEDA7EA8820CCF8%2521125%26cid%3D8feda7ea8820ccf8&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521ANAfCFqgAVDqq08%26id%3D8FEDA7EA8820CCF8%2521125%26cid%3D8feda7ea8820ccf8
Frame ID: BB05DE5D810FDB52FBFE086C7FE835A6
Requests: 66 HTTP requests in this frame

Frame: https://skyapi.onedrive.live.com/xmlproxy.htm?domain=live.com
Frame ID: 2EA9224E1BB61BDB9B889E1A2D1C14E1
Requests: 5 HTTP requests in this frame

Frame: https://outlook.live.com/owa/SuiteServiceProxy.aspx?suiteServiceReturnUrl=https%3A%2F%2Fonedrive.live.com%2F%3Fcid%3D8feda7ea8820ccf8%26id%3D8FEDA7EA8820CCF8%2521125%26authkey%3D%2521ANAfCFqgAVDqq08&returnUrl=https%3A%2F%2Fonedrive.live.com%2F%3Fcid%3D8feda7ea8820ccf8%26id%3D8FEDA7EA8820CCF8%2521125%26authkey%3D%2521ANAfCFqgAVDqq08
Frame ID: E67377CC9014181BA36B45B37137E954
Requests: 1 HTTP requests in this frame

Frame: https://onedrive.live.com/preload?view=Folders.All&id=250206&mkt=EN-US
Frame ID: 395FD3981FD84BAE7D048FE37EB8776A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://1drv.ms/b/s!AvjMIIjqp-2PfdAfCFqgAVDqq08 HTTP 301
https://onedrive.live.com/redir?resid=8FEDA7EA8820CCF8!125&authkey=!ANAfCFqgAVDqq08&ithint=file%2cpdf Page URL
https://onedrive.live.com/?cid=8feda7ea8820ccf8&id=8FEDA7EA8820CCF8%21125&ithint=file,pdf&authkey=!ANA... Page URL
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1537213965&rver=6.7.6643.0&wp=MBI_SSL_SH... Page URL

Detected technologies

Knockout.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^ko$/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^webpackJsonp$/i

Page Statistics

73
Requests

93 %
HTTPS

29 %
IPv6

9
Domains

14
Subdomains

14
IPs

4
Countries

2628 kB
Transfer

9845 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://signup.live.com/?wa=wsignin1.0&rpsnv=13&ct=1537213965&rver=6.7.6643.0&wp=MBI_SSL_SHARED&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521ANAfCFqgAVDqq08%26id%3D8FEDA7EA8820CCF8%2521125%26cid%3D8feda7ea8820ccf8&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521ANAfCFqgAVDqq08%26id%3D8FEDA7EA8820CCF8%2521125%26cid%3D8feda7ea8820ccf8&contextid=392036BF778CFD71&bk=1537213967&uiflavor=web&uaid=450796992c8048e29bfeeb4db2589296&mkt=EN-US&lc=1033
Title: Create one!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://1drv.ms/b/s!AvjMIIjqp-2PfdAfCFqgAVDqq08 HTTP 301
https://onedrive.live.com/redir?resid=8FEDA7EA8820CCF8!125&authkey=!ANAfCFqgAVDqq08&ithint=file%2cpdf Page URL
https://onedrive.live.com/?cid=8feda7ea8820ccf8&id=8FEDA7EA8820CCF8%21125&ithint=file,pdf&authkey=!ANAfCFqgAVDqq08 Page URL
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1537213965&rver=6.7.6643.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521ANAfCFqgAVDqq08%26id%3D8FEDA7EA8820CCF8%2521125%26cid%3D8feda7ea8820ccf8&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521ANAfCFqgAVDqq08%26id%3D8FEDA7EA8820CCF8%2521125%26cid%3D8feda7ea8820ccf8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://1drv.ms/b/s!AvjMIIjqp-2PfdAfCFqgAVDqq08 HTTP 301
https://onedrive.live.com/redir?resid=8FEDA7EA8820CCF8!125&authkey=!ANAfCFqgAVDqq08&ithint=file%2cpdf

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

redir Show response
onedrive.live.com/
Redirect Chain

https://1drv.ms/b/s!AvjMIIjqp-2PfdAfCFqgAVDqq08
https://onedrive.live.com/redir?resid=8FEDA7EA8820CCF8!125&authkey=!ANAfCFqgAVDqq08&ithint=file%2cpdf

6 KB
3 KB

133ms
115ms

Document
text/html

204.79.197.217
Microsoft Corpora...

General

Domain/Path	Expires	Name / Value
.login.live.com/	1969-12-31 23:59:59	Name: MSPOK Value: $uuid-02c35fe7-f10e-4661-81ea-73350ef479b9
login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: lt=1537213967&co=1&id=250206
login.live.com/	1969-12-31 23:59:59	Name: CkTst Value: G1537213967811
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 450796992c8048e29bfeeb4db2589296
.live.com/	1969-12-31 23:59:59	Name: E Value: P:l4N7I9cc1og=:5cmU3ghf6OYjS+Q4uHuGYF/FOqs/H47Om4MO/IOSDj0=:F
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 3
.live.com/	1969-12-31 23:59:59	Name: xid Value: 76f42875-e006-4f88-857e-72cef5ee0c24&&DB5SCH102220808&305
.live.com/	1970-01-18 19:10:18	Name: wla42 Value:
.live.com/	1969-12-31 23:59:59	Name: SAToken1 Value:
.live.com/	1969-12-31 23:59:59	Name: SAToken0 Value:

Source	Level	URL Text
console-api	warning	URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odconedrive-f27aef31.js(Line 1) Message: Promise with no error callback:12
console-api	log	URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odconedrive-f27aef31.js(Line 1) Message: [object Object]
console-api	log	URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odconedrive-f27aef31.js(Line 1) Message: GraphError: Cannot request a token for an unauthenticated user. at e.r (https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odconedrive-f27aef31.js:1:264885) at new e (https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odconedrive-f27aef31.js:1:263326) at https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odconedrive-f27aef31.js:1:261021 at e.then (https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odconedriveprefetch-52a68f1d.js:15:20827) at e.catch (https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odconedriveprefetch-52a68f1d.js:15:20916) at e.send (https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odconedrive-f27aef31.js:1:260984) at e.getAnomalies (https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odcransomwaredetection-7d1feb83.js:1:532402) at e.getActiveAnomaly (https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odcransomwaredetection-7d1feb83.js:1:532097) at e.checkActiveAnomalies (https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odconedrive-f27aef31.js:1:301376) at https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odcbasepage-c1f45481.js:1:10323
console-api	warning	URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odconedrive-f27aef31.js(Line 1) Message: Promise with no error callback:16
console-api	log	URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2018-08-17_20180820.001/odconedrive-f27aef31.js(Line 1) Message: [object Object]

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

login.live.com Open in urlscan Pro 2620:1ec:9::6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

93 %HTTPS

29 %IPv6

9 Domains

14 Subdomains

14 IPs

4 Countries

2628 kBTransfer

9845 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.live.com Open in urlscan Pro
2620:1ec:9::6 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

93 %
HTTPS

29 %
IPv6

9
Domains

14
Subdomains

14
IPs

4
Countries

2628 kB
Transfer

9845 kB
Size

10
Cookies

73 HTTP transactions
0 data transactions