login.live.com Open in urlscan Pro
2a01:111:200a:8::ff05 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://onedrive.live.com/redir?resid=A70AC13F60F704E8!155&authkey=!AD2MYE3pAdgyH40&ithint=file%2cpdf&e=eWzyzH
Effective URL:
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1564618794&rver=7.1.6819.0&wp=MBI_SSL_SHARED&lc=1033&id=2502...
Submission: On August 01 via manual (August 1st 2019, 12:20:32 am UTC) from GB

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 71 HTTP transactions. The main IP is 2a01:111:200a:8::ff05, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is login.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 2 on June 29th 2018. Valid for: 2 years.

This is the only time login.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
36	2.16.186.25 2.16.186.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2.19.34.64 2.19.34.64	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	40.90.142.224 40.90.142.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
6	52.114.132.73 52.114.132.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
10	2a02:26f0:6c0... 2a02:26f0:6c00:29d::38f3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	184.30.222.6 184.30.222.6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2620:1ec:21::11 2620:1ec:21::11	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2a01:111:200a... 2a01:111:200a:8::ff05	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
71	11

2 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2.16.186.25 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-25.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.34.64 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-34-64.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 40.90.142.224 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: i-am3p-cor003.api.p001.1drv.com

skyapi.onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.114.132.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:6c00:29d::38f3 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

shellprod.msocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.222.6 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-30-222-6.deploy.static.akamaitechnologies.com

r3.res.outlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::11 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

outlook.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:111:200a:8::ff05 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

az725175.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	akamaihd.net spoprod-a.akamaihd.net	3 MB
10	msocdn.com shellprod.msocdn.com	243 KB
9	live.com onedrive.live.com skyapi.onedrive.live.com outlook.live.com storage.live.com Failed login.live.com	86 KB
6	microsoft.com browser.pipe.aria.microsoft.com web.vortex.data.microsoft.com Failed c1.microsoft.com Failed	2 KB
4	sharepointonline.com static2.sharepointonline.com	97 KB
1	msecnd.net az725175.vo.msecnd.net	18 KB
1	outlook.com r3.res.outlook.com	23 KB
0	msauth.net Failed logincdn.msauth.net Failed
71	8

	Domain	Requested by
36	spoprod-a.akamaihd.net	onedrive.live.com spoprod-a.akamaihd.net
10	shellprod.msocdn.com	spoprod-a.akamaihd.net shellprod.msocdn.com
6	browser.pipe.aria.microsoft.com	spoprod-a.akamaihd.net shellprod.msocdn.com
5	skyapi.onedrive.live.com	spoprod-a.akamaihd.net skyapi.onedrive.live.com
4	static2.sharepointonline.com	onedrive.live.com spoprod-a.akamaihd.net
2	onedrive.live.com	onedrive.live.com
1	az725175.vo.msecnd.net	spoprod-a.akamaihd.net
1	login.live.com	spoprod-a.akamaihd.net
1	outlook.live.com	shellprod.msocdn.com
1	r3.res.outlook.com	spoprod-a.akamaihd.net
0	logincdn.msauth.net Failed	login.live.com
0	c1.microsoft.com Failed
0	web.vortex.data.microsoft.com Failed	az725175.vo.msecnd.net
0	storage.live.com Failed	onedrive.live.com
71	14

This site contains no links.

Subject Issuer	Validity	Valid
onedrive.com Microsoft IT TLS CA 2	`2019-06-25` - `2021-06-25`	2 years	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-10-18` - `2019-10-18`	a year	crt.sh
*.sharepointonline.com Microsoft IT TLS CA 2	`2017-11-03` - `2019-11-03`	2 years	crt.sh
storage.live.com Microsoft IT TLS CA 2	`2018-08-29` - `2020-08-29`	2 years	crt.sh
*.events.data.microsoft.com Microsoft IT TLS CA 1	`2019-03-26` - `2021-03-26`	2 years	crt.sh
*.msocdn.com Microsoft IT TLS CA 4	`2018-01-02` - `2020-01-02`	2 years	crt.sh
*.res.outlook.com Microsoft IT TLS CA 5	`2017-11-27` - `2019-11-27`	2 years	crt.sh
Outlook.live.com DigiCert Cloud Services CA-1	`2019-07-12` - `2021-07-12`	2 years	crt.sh
*.login.live.com Microsoft IT TLS CA 2	`2018-06-29` - `2020-06-29`	2 years	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1564618794&rver=7.1.6819.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AD2MYE3pAdgyH40%26id%3DA70AC13F60F704E8%2521155%26cid%3Da70ac13f60f704e8&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AD2MYE3pAdgyH40%26id%3DA70AC13F60F704E8%2521155%26cid%3Da70ac13f60f704e8
Frame ID: 52DD1576D93232B460FB7935A151C1A5
Requests: 66 HTTP requests in this frame

Frame: https://skyapi.onedrive.live.com/xmlproxy.htm?domain=live.com
Frame ID: 5A83844A853DE8BB754134B6AEECB15B
Requests: 5 HTTP requests in this frame

Frame: https://outlook.live.com/owa/SuiteServiceProxy.aspx?suiteServiceReturnUrl=https%3A%2F%2Fonedrive.live.com%2F%3Fcid%3Da70ac13f60f704e8%26id%3DA70AC13F60F704E8%2521155%26authkey%3D%2521AD2MYE3pAdgyH40&returnUrl=https%3A%2F%2Fonedrive.live.com%2F%3Fcid%3Da70ac13f60f704e8%26id%3DA70AC13F60F704E8%2521155%26authkey%3D%2521AD2MYE3pAdgyH40&apiver=1
Frame ID: 97E2F6F640A913E90865285FC8DFF473
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://onedrive.live.com/redir?resid=A70AC13F60F704E8!155&authkey=!AD2MYE3pAdgyH40&ithint=file%2cpdf&... Page URL
https://onedrive.live.com/?cid=a70ac13f60f704e8&id=A70AC13F60F704E8%21155&ithint=file,pdf&authkey=!AD2... Page URL
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1564618794&rver=7.1.6819.0&wp=MBI_SSL_SH... Page URL

Page Statistics

71
Requests

94 %
HTTPS

30 %
IPv6

8
Domains

14
Subdomains

11
IPs

3
Countries

3068 kB
Transfer

12958 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://onedrive.live.com/redir?resid=A70AC13F60F704E8!155&authkey=!AD2MYE3pAdgyH40&ithint=file%2cpdf&e=eWzyzH Page URL
https://onedrive.live.com/?cid=a70ac13f60f704e8&id=A70AC13F60F704E8%21155&ithint=file,pdf&authkey=!AD2MYE3pAdgyH40 Page URL
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1564618794&rver=7.1.6819.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AD2MYE3pAdgyH40%26id%3DA70AC13F60F704E8%2521155%26cid%3Da70ac13f60f704e8&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fauthkey%3D%2521AD2MYE3pAdgyH40%26id%3DA70AC13F60F704E8%2521155%26cid%3Da70ac13f60f704e8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 redir Show response
onedrive.live.com/ 6 KB
3 KB 153ms
112ms Document
text/html 13.107.42.13
Microsoft Corpora...

General

Source	Level	URL Text
console-api	warning	URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2019-07-12_20190718.003/odconedriveprefetch-61925ab2.js(Line 15) Message: Some icons were re-registered. Applications should only call registerIcons for any given icon once. Redefining what an icon is may have unintended consequences. Duplicates include: GlobalNavButton, ChevronDown, ChevronUp, Edit, Add, Cancel, More, Settings, Mail, People (+ 82 more)
console-api	warning	URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2019-07-12_20190718.003/odconedrive-c68ae071.js(Line 1) Message: Promise with no error callback:25
console-api	log	URL: https://spoprod-a.akamaihd.net/files/odsp-next-prod_2019-07-12_20190718.003/odconedrive-c68ae071.js(Line 1) Message: [object Object]

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

login.live.com Open in urlscan Pro 2a01:111:200a:8::ff05 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

71 Requests

94 %HTTPS

30 %IPv6

8 Domains

14 Subdomains

11 IPs

3 Countries

3068 kBTransfer

12958 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.live.com Open in urlscan Pro
2a01:111:200a:8::ff05 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

94 %
HTTPS

30 %
IPv6

8
Domains

14
Subdomains

11
IPs

3
Countries

3068 kB
Transfer

12958 kB
Size

0
Cookies

71 HTTP transactions
1 data transactions