login.live.com
Open in
urlscan Pro
131.253.61.98
Public Scan
Submitted URL: https://web.skype.com/
Effective URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1522964568&rver=7.0.6730.0&wp=MBI_SSL&wreply=https%3A%2F%2Fl...
Submission: On April 05 via manual from GT
Effective URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1522964568&rver=7.0.6730.0&wp=MBI_SSL&wreply=https%3A%2F%2Fl...
Submission: On April 05 via manual from GT
Summary
This website contacted 7 IPs
in 3 countries
across 4 domains to perform 17 HTTP transactions.
The main IP is 131.253.61.98, located in
United States and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US.
The main domain is login.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 1 on August 12th 2017. Valid for: 2 years.
This is the only time login.live.com was scanned on urlscan.io!
TLS certificate: Issued by Microsoft IT TLS CA 1 on August 12th 2017. Valid for: 2 years.
This is the only time login.live.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 40.115.3.28 40.115.3.28 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
| 2 | 93.184.221.200 93.184.221.200 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
| 1 1 | 52.138.209.16 52.138.209.16 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
| 1 | 131.253.61.98 131.253.61.98 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
| 7 | 2.19.41.58 2.19.41.58 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 3 | 2.18.233.62 2.18.233.62 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 | 131.253.61.102 131.253.61.102 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
| 17 | 7 |
1
40.115.3.28
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
| web.skype.com |
2
93.184.221.200
(United States)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
| s4w.cdn.skype.com |
1
52.138.209.16
(Redmond, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
| login.skype.com |
1
131.253.61.98
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
| login.live.com |
3
2.18.233.62
(European Union)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
| i.s-microsoft.com |
1
131.253.61.102
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
| login.live.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 7 |
gfx.ms
auth.gfx.ms |
134 KB |
| 4 |
skype.com
1 redirects
web.skype.com s4w.cdn.skype.com login.skype.com |
12 KB |
| 3 |
s-microsoft.com
i.s-microsoft.com |
149 KB |
| 2 |
live.com
login.live.com |
9 KB |
| 17 | 4 |
| Domain | Requested by | |
|---|---|---|
| 7 | auth.gfx.ms |
login.live.com
|
| 3 | i.s-microsoft.com |
auth.gfx.ms
|
| 2 | login.live.com |
auth.gfx.ms
|
| 2 | s4w.cdn.skype.com |
web.skype.com
|
| 1 | login.skype.com | 1 redirects |
| 1 | web.skype.com | |
| 17 | 6 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| signup.live.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| web.skype.com Microsoft IT TLS CA 4 |
2018-04-04 - 2020-04-04 |
2 years | crt.sh |
| *.vo.msecnd.net Microsoft IT TLS CA 2 |
2018-03-30 - 2020-03-30 |
2 years | crt.sh |
| login.live.com Microsoft IT TLS CA 1 |
2017-08-12 - 2019-08-12 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1522964568&rver=7.0.6730.0&wp=MBI_SSL&wreply=https%3A%2F%2Flw.skype.com%2Flogin%2Foauth%2Fproxy%3Fclient_id%3D578134%26redirect_uri%3Dhttps%253A%252F%252Fweb.skype.com%252F%26state%3D6463f325-662d-4472-9e2b-20fd652fa667%26site_name%3Dlw.skype.com&lc=1033&id=293290&mkt=en&psi=skype&lw=1&cobrandid=90010&client_flight=hsu%2CReservedFlight33%2CReservedFlight67
Frame ID: 2E10DD4D18239F1DE26B0354F959F292
Requests: 17 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://web.skype.com/ Page URL
-
https://login.skype.com/login?client_id=578134&redirect_uri=https%3A%2F%2Fweb.skype.com%2F&state=646...
HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1522964568&rver=7.0.6730.0&wp=MBI_SSL&wr... Page URL
Detected technologies
Knockout.js
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^ko$/i
Microsoft HTTPAPI
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /Microsoft-HTTPAPI(?:\/([\d.]+))?/i
webpack
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^webpackJsonp$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://signup.live.com/signup?wa=wsignin1.0&rpsnv=13&ct=1522964568&rver=7.0.6730.0&wp=MBI_SSL&wreply=https%3A%2F%2Flw.skype.com%2Flogin%2Foauth%2Fproxy%3Fclient_id%3D578134%26redirect_uri%3Dhttps%253A%252F%252Fweb.skype.com%252F%26state%3D6463f325-662d-4472-9e2b-20fd652fa667%26site_name%3Dlw.skype.com&id=293290&psi=skype&lw=1&cobrandid=90010&client_flight=hsu%2CReservedFlight33%2CReservedFlight67&contextid=F8D39BE458E94F4E&bk=1522964568&uiflavor=web&uaid=126310f22ad04b31aa7f224f95b0955f&mkt=EN-US&lc=1033
Title: Create one!
Title: Create one!
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://web.skype.com/ Page URL
-
https://login.skype.com/login?client_id=578134&redirect_uri=https%3A%2F%2Fweb.skype.com%2F&state=6463f325-662d-4472-9e2b-20fd652fa667
HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1522964568&rver=7.0.6730.0&wp=MBI_SSL&wreply=https%3A%2F%2Flw.skype.com%2Flogin%2Foauth%2Fproxy%3Fclient_id%3D578134%26redirect_uri%3Dhttps%253A%252F%252Fweb.skype.com%252F%26state%3D6463f325-662d-4472-9e2b-20fd652fa667%26site_name%3Dlw.skype.com&lc=1033&id=293290&mkt=en&psi=skype&lw=1&cobrandid=90010&client_flight=hsu%2CReservedFlight33%2CReservedFlight67 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
web.skype.com/ |
961 B 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
checkBrowserSupport.js
s4w.cdn.skype.com/0-239-0/js/ |
999 B 647 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.js
s4w.cdn.skype.com/0-239-0/js/ |
20 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
 Cookie set
login.srf
login.live.com/ Redirect Chain
|
26 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Default1033.css
auth.gfx.ms/16.000.27732.36/ |
74 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
DefaultLoginPaginatedStrings.EN.js
auth.gfx.ms/16.000.27732.36/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
DefaultLogin_PCore.js
auth.gfx.ms/16.000.27732.36/ |
360 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
latest.woff
i.s-microsoft.com/fonts/segoe-ui/west-european/light/ |
33 KB 33 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
latest.woff
i.s-microsoft.com/fonts/segoe-ui/west-european/normal/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AppCentipede_Skype.svg
auth.gfx.ms/16.000.27732.36/images/AppCentipede/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
marching_ants_white.gif
auth.gfx.ms/16.000.27732.36/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
marching_ants.gif
auth.gfx.ms/16.000.27732.36/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Microsoft_Logotype_Gray.svg
auth.gfx.ms/16.000.27732.36/images/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
latest.woff
i.s-microsoft.com/fonts/segoe-ui/west-european/semibold/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
latest.ttf
i.s-microsoft.com/fonts/segoe-ui/west-european/normal/ |
64 KB 64 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
latest.ttf
i.s-microsoft.com/fonts/segoe-ui/west-european/semibold/ |
52 KB 52 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
Instrumentation.srf
login.live.com/ |
2 B 390 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- i.s-microsoft.com
- URL
- https://i.s-microsoft.com/fonts/segoe-ui/west-european/normal/latest.woff
- Domain
- i.s-microsoft.com
- URL
- https://i.s-microsoft.com/fonts/segoe-ui/west-european/semibold/latest.woff
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| PROOF object| g_dtFirstByte object| g_objPageMode number| g_iSRSFailed string| g_sSRSSuccess function| SRSRetry object| ServerData object| StringRepository boolean| __DefaultLoginPaginatedStrings function| webpackJsonp object| ko boolean| __DefaultLogin_PCore4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .login.live.com/ | Name: MSPOK Value: $uuid-e71b3867-697d-4b6f-9d4d-752c2c6c2974 |
|
| login.live.com/ | Name: CkTst Value: G1522964569119 |
|
| login.live.com/ | Name: MSPRequ Value: lt=1522964568&co=1&id=293290 |
|
| .login.live.com/ | Name: uaid Value: 126310f22ad04b31aa7f224f95b0955f |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src 'self' blob: data: https:; script-src 'self' data: https://*.skype.com https://*.skypeassets.com https://*.trouter.io https://*.vo.msecnd.net https://*.youtube.com https://*.ytimg.com https://*.datamarket.azure.com https://*.giphy.com https://connect.facebook.net 'unsafe-eval' 'unsafe-inline'; style-src 'self' data: https://*.skype.com https://*.skypeassets.com https://*.trouter.io https://*.vo.msecnd.net 'unsafe-inline'; frame-ancestors 'none'; connect-src 'self' https://*.skype.com https://*.skype.net https://*.skypeassets.com https://*.gateway.messenger.live.com https://*.trouter.io wss://*.trouter.io wss://*.trouter.io:443 https://*.aria.microsoft.com https://*.microsofttranslator.com https://*.directory.live.com https://*.giphy.com https://*.trafficmanager.net; img-src 'self' data: https://*.skype.com https://*.skype.net https://*.skypeassets.com https://c.microsoft.com https://*.vo.msecnd.net https://*.storage.msn.com https://*.storage.live.com https://*.azureedge.net https://*.blob.core.windows.net https://*.giphy.com https://www.facebook.com; media-src blob: https://*; font-src data: https://*.skype.com https://*.skypeassets.com; form-action 'self' data: https://login.skype.com https://login.live.com https://lw.skype.com; reflected-xss block; child-src https://*.skype.com https://*.skype.net https://*.microsoft.com https://*.bing.com https://*.live.com https://*.youtube.com https://staticxx.facebook.com; report-uri https://csp.skype.com/ |
| Strict-Transport-Security | max-age=31536000 |
| X-Content-Security-Policy | default-src 'self' blob: data: https:; script-src 'self' data: https://*.skype.com https://*.skypeassets.com https://*.trouter.io https://*.vo.msecnd.net https://*.youtube.com https://*.ytimg.com https://*.datamarket.azure.com https://*.giphy.com https://connect.facebook.net 'unsafe-eval' 'unsafe-inline'; style-src 'self' data: https://*.skype.com https://*.skypeassets.com https://*.trouter.io https://*.vo.msecnd.net 'unsafe-inline'; frame-ancestors 'none'; connect-src 'self' https://*.skype.com https://*.skype.net https://*.skypeassets.com https://*.gateway.messenger.live.com https://*.trouter.io wss://*.trouter.io wss://*.trouter.io:443 https://*.aria.microsoft.com https://*.microsofttranslator.com https://*.directory.live.com https://*.giphy.com https://*.trafficmanager.net; img-src 'self' data: https://*.skype.com https://*.skype.net https://*.skypeassets.com https://c.microsoft.com https://*.vo.msecnd.net https://*.storage.msn.com https://*.storage.live.com https://*.azureedge.net https://*.blob.core.windows.net https://*.giphy.com https://www.facebook.com; media-src blob: https://*; font-src data: https://*.skype.com https://*.skypeassets.com; form-action 'self' data: https://login.skype.com https://login.live.com https://lw.skype.com; reflected-xss block; child-src https://*.skype.com https://*.skype.net https://*.microsoft.com https://*.bing.com https://*.live.com https://*.youtube.com https://staticxx.facebook.com; report-uri https://csp.skype.com/ |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.gfx.ms
i.s-microsoft.com
login.live.com
login.skype.com
s4w.cdn.skype.com
web.skype.com
i.s-microsoft.com
131.253.61.102
131.253.61.98
2.18.233.62
2.19.41.58
40.115.3.28
52.138.209.16
93.184.221.200
085e0216fd97605ba9875ba610593f7b047eb2fff2b1c60ae5da3fd928f7fdde
0ed2dc761ddf650b9aab0c366f43ddea0db81e13bbe603a21f2bfef519387ce9
2ebb30f679a3da4657b0099d8982b5446dfa3cf3120e65aac18a3b6e1dc39b6c
356f7d1241f92c9de9c9cfd0bebb6c10d1b38508a3f37cebc26329c656bad19f
410c5d396cdc088c2928f5151b60cd4b8d6d48739312d039ea60f2534dce29e2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ec57b673d118d7d573dac5aca4b7543bf22a6db398d77a67accd04eeb838429
85536b00a0f7225dc50591b3168f177f4d7970d604afa3fbba45b2c7ac1cca49
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8c1df372f09bbd0b473e92aecefbb86994eff08fb23e16bf8ec0ccd4fa848a7d
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
d2123650d2333b3f1983bc28daa998fbe034b26fa00a43e668374982d37c1d72
e6fca0b66e6d4982de888cc7f44e2ca0e2387f665919ad48befd39ebdb0931e6
ff81451d231c288b7d0bd4025699001d187df4c77dae429e85e60b8bfaf92324