onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/?id=root&cid=04710A8058D3557E
Submission: On September 19 via manual (September 19th 2019, 2:25:28 am UTC) from SG

Summary HTTP 112 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 12 domains to perform 112 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is onedrive.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 2 on June 25th 2019. Valid for: 2 years.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
51	2.16.186.25 2.16.186.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2.19.34.64 2.19.34.64	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	40.90.142.224 40.90.142.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
6	52.114.132.22 52.114.132.22	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
9	2a02:26f0:6c0... 2a02:26f0:6c00:289::38f3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	184.30.222.6 184.30.222.6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:1ec:21::11 2620:1ec:21::11	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 1	131.253.14.231 131.253.14.231	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	40.90.137.125 40.90.137.125	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2a02:26f0:6c0... 2a02:26f0:6c00:299::2b57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
25	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::753	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	40.77.226.250 40.77.226.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	3.248.160.221 3.248.160.221	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	172.217.23.166 172.217.23.166	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
112	17

1 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2.16.186.25 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-25.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.34.64 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-34-64.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 40.90.142.224 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: i-am3p-cor003.api.p001.1drv.com

skyapi.onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.114.132.22 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:6c00:289::38f3 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

shellprod.msocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.222.6 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-30-222-6.deploy.static.akamaitechnologies.com

r3.res.outlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::11 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

outlook.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.253.14.231 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: bn2b-cor001.api.p001.1drv.com

storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.90.137.125 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:299::2b57 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

uhf.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:26f0:6c00:2bf::753 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

ow2.res.office365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r4.res.office365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

az725175.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

c1.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.160.221 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-248-160-221.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.166 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	akamaihd.net spoprod-a.akamaihd.net	2 MB
25	office365.com ow2.res.office365.com r4.res.office365.com	2 MB
11	microsoft.com 1 redirects browser.pipe.aria.microsoft.com uhf.microsoft.com web.vortex.data.microsoft.com c1.microsoft.com	6 KB
10	live.com 1 redirects onedrive.live.com skyapi.onedrive.live.com outlook.live.com storage.live.com login.live.com	69 KB
9	msocdn.com shellprod.msocdn.com	230 KB
4	sharepointonline.com static2.sharepointonline.com	97 KB
2	doubleclick.net 2 redirects ad.doubleclick.net	696 B
1	google.com adservice.google.com	109 B
1	demdex.net dpm.demdex.net	762 B
1	bing.com 1 redirects c.bing.com	629 B
1	msecnd.net az725175.vo.msecnd.net	18 KB
1	outlook.com r3.res.outlook.com	23 KB
112	12

	Domain	Requested by
51	spoprod-a.akamaihd.net	onedrive.live.com spoprod-a.akamaihd.net
18	ow2.res.office365.com	outlook.live.com ow2.res.office365.com
9	shellprod.msocdn.com	spoprod-a.akamaihd.net shellprod.msocdn.com
7	r4.res.office365.com	outlook.live.com
6	browser.pipe.aria.microsoft.com	spoprod-a.akamaihd.net shellprod.msocdn.com
5	skyapi.onedrive.live.com	spoprod-a.akamaihd.net skyapi.onedrive.live.com
4	static2.sharepointonline.com	onedrive.live.com spoprod-a.akamaihd.net
2	ad.doubleclick.net	2 redirects
2	c1.microsoft.com	1 redirects
2	uhf.microsoft.com	outlook.live.com
2	outlook.live.com	shellprod.msocdn.com outlook.live.com
1	adservice.google.com
1	dpm.demdex.net	az725175.vo.msecnd.net
1	c.bing.com	1 redirects
1	web.vortex.data.microsoft.com	az725175.vo.msecnd.net
1	az725175.vo.msecnd.net	spoprod-a.akamaihd.net
1	login.live.com
1	storage.live.com	1 redirects
1	r3.res.outlook.com	spoprod-a.akamaihd.net
1	onedrive.live.com
112	20

This site contains links to these domains. Also see Links.

Domain
login.live.com
g.live.com

Subject Issuer	Validity	Valid
onedrive.com Microsoft IT TLS CA 2	`2019-06-25` - `2021-06-25`	2 years	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2019-08-13` - `2020-08-12`	a year	crt.sh
*.sharepointonline.com Microsoft IT TLS CA 2	`2017-11-03` - `2019-11-03`	2 years	crt.sh
storage.live.com Microsoft IT TLS CA 2	`2018-08-29` - `2020-08-29`	2 years	crt.sh
*.events.data.microsoft.com Microsoft IT TLS CA 1	`2019-03-26` - `2021-03-26`	2 years	crt.sh
*.msocdn.com Microsoft IT TLS CA 4	`2018-01-02` - `2020-01-02`	2 years	crt.sh
*.res.outlook.com Microsoft IT TLS CA 5	`2017-11-27` - `2019-11-27`	2 years	crt.sh
Outlook.live.com DigiCert Cloud Services CA-1	`2019-07-12` - `2021-07-12`	2 years	crt.sh
*.login.live.com Microsoft IT TLS CA 2	`2018-06-29` - `2020-06-29`	2 years	crt.sh
unistore.www.microsoft.com Microsoft IT TLS CA 5	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
*.vortex.data.microsoft.com Microsoft IT TLS CA 5	`2018-01-30` - `2020-01-30`	2 years	crt.sh
c.msn.com Microsoft IT TLS CA 1	`2018-09-13` - `2020-09-13`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://onedrive.live.com/?id=root&cid=04710A8058D3557E
Frame ID: A01471BEEE41BFF5DCFC61C9376A47D9
Requests: 81 HTTP requests in this frame

Frame: https://skyapi.onedrive.live.com/xmlproxy.htm?domain=live.com
Frame ID: 94A6188474382F320619BC7F5FB9BC21
Requests: 5 HTTP requests in this frame

Frame: https://outlook.live.com/owa/SuiteServiceProxy.aspx?suiteServiceReturnUrl=https%3A%2F%2Fonedrive.live.com%2F%3Fid%3Droot%26cid%3D04710A8058D3557E&returnUrl=https%3A%2F%2Fonedrive.live.com%2F%3Fid%3Droot%26cid%3D04710A8058D3557E&apiver=1
Frame ID: 6A6F5480BFA79E91395AF2AB17B7A6B4
Requests: 21 HTTP requests in this frame

Frame: https://outlook.live.com/owa/prefetch.aspx
Frame ID: 727364065D850211857D87FAAD661798
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

112
Requests

100 %
HTTPS

32 %
IPv6

12
Domains

20
Subdomains

17
IPs

5
Countries

3984 kB
Transfer

13371 kB
Size

6
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1568859911&rver=7.1.6819.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fonedrive.live.com%2F%3Fid%3Droot%26cid%3D04710A8058D3557E%26mkt%3Den-US&lc=1033&id=250206&cbcxt=sky&mkt=en-US&lw=1&fl=easi2
Title: Sign in

Search URL Search Domain Scan URL

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1568859911&rver=7.1.6819.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fid%3Droot&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fid%3Droot
Title: Files

Search URL Search Domain Scan URL

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1568859911&rver=7.1.6819.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fid%3Droot%26qt%3Dmru&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fid%3Droot%26qt%3Dmru
Title: Recent

Search URL Search Domain Scan URL

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1568859911&rver=7.1.6819.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fv%3Dphotos%26id%3Droot%26qt%3Dallmyphotos&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fv%3Dphotos%26id%3Droot%26qt%3Dallmyphotos
Title: Photos

Search URL Search Domain Scan URL

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1568859911&rver=7.1.6819.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fid%3Droot%26qt%3Dsharedby&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fid%3Droot%26qt%3Dsharedby
Title: Shared

Search URL Search Domain Scan URL

URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1568859911&rver=7.1.6819.0&wp=MBI_SSL_SHARED&lc=1033&id=250206&cbcxt=sky&ru=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fid%3Droot%26qt%3Drecyclebin&wreply=https%3A%2F%2Fonedrive%2Elive%2Ecom%2F%3Fid%3Droot%26qt%3Drecyclebin
Title: Recycle bin

Search URL Search Domain Scan URL

URL: https://g.live.com/8SESkyDrive/SkyDriveApps?biciid=lhnlink
Title: Get the OneDrive apps

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1568859913123 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1568859913&rver=7.1.6819.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

Request Chain 88

https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=6EFE8161DEA14D988B85FF2862626EAD&RedC=c1.microsoft.com&MXFR=205CAA9FBCDA60041F9BA743B8DA66BC HTTP 302
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=6EFE8161DEA14D988B85FF2862626EAD&MUID=205CAA9FBCDA60041F9BA743B8DA66BC

Request Chain 94

https://ad.doubleclick.net/ddm/activity/src=6952136;type=store0;cat=jsll;u58=24eaf1dee3604354a942415a4e294d3c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=6952136;dc_pre=CMG5487q2-QCFU6wewod1fUKiw;type=store0;cat=jsll;u58=24eaf1dee3604354a942415a4e294d3c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=6952136;dc_pre=CMG5487q2-QCFU6wewod1fUKiw;type=store0;cat=jsll;u58=24eaf1dee3604354a942415a4e294d3c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

112 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
onedrive.live.com/ 306 KB
50 KB 136ms
120ms Document
text/html 13.107.42.13
Microsoft Corpora...

General

Domain/Path	Expires	Name / Value
.live.com/	1969-12-31 23:59:59	Name: SAToken1 Value:
.live.com/	1970-01-19 03:57:44	Name: wla42 Value:
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 1
.live.com/	1969-12-31 23:59:59	Name: SAToken0 Value:
.live.com/	1969-12-31 23:59:59	Name: xid Value: ef99deae-2267-4628-b099-c56360778e19&&RD00155D997012&307
.live.com/	1969-12-31 23:59:59	Name: E Value: P:O3k/mag814g=:2xw5BNft+2TAqwbrKGQ9K+ODEoupCiYakNx41nGwKpI=:F

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

112 Requests

100 %HTTPS

32 %IPv6

12 Domains

20 Subdomains

17 IPs

5 Countries

3984 kBTransfer

13371 kBSize

6 Cookies

7 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

100 %
HTTPS

32 %
IPv6

12
Domains

20
Subdomains

17
IPs

5
Countries

3984 kB
Transfer

13371 kB
Size

6
Cookies

112 HTTP transactions
3 data transactions