urlscan.io logo urlscan.io
SecurityTrails logo

onedrive.live.com Open in urlscan Pro
13.107.139.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://onedrive.live.com/redir?resid=53983773B90B6BFA!107&authkey=!AOrmpgOBSkljH6I&ithint=file%2cdocx&e=EX3w3U
Effective URL: https://onedrive.live.com/view.aspx?resid=53983773B90B6BFA%21107&authkey=!AOrmpgOBSkljH6I
Submission: On April 11 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 13.107.139.11, located in Redmond, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com. The Cisco Umbrella rank of the primary domain is 4367.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on March 29th 2024. Valid for: a year.
This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 13.107.139.11 8068 (MICROSOFT...)
1 23.44.5.121 20940 (AKAMAI-ASN1)
4 3
Apex Domain
Subdomains		 Transfer
3 live.com
onedrive.live.com — Cisco Umbrella Rank: 4367
20 KB
1 office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 293
1 KB
4 2
Domain Requested by
3 onedrive.live.com 2 redirects
1 res-1.cdn.office.net onedrive.live.com
4 2

This site contains no links.

Subject Issuer Validity Valid
onedrive.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-03-29 -
2025-03-24		 a year crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2024-02-20 -
2025-02-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://onedrive.live.com/view.aspx?resid=53983773B90B6BFA%21107&authkey=!AOrmpgOBSkljH6I
Frame ID: 8EA270AD62359BE4F6FD67148D40798A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

You have been sent a message via LinkedIn Business2024B.docx - Microsoft Word Online

Page URL History Show full URLs

  1. https://onedrive.live.com/redir?resid=53983773B90B6BFA!107&authkey=!AOrmpgOBSkljH6I&ithint=file%2cdocx... HTTP 302
    https://onedrive.live.com/edit?id=53983773B90B6BFA!107&resid=53983773B90B6BFA!107&ithint=file%2cdocx&a... HTTP 302
    https://onedrive.live.com/view.aspx?resid=53983773B90B6BFA%21107&authkey=!AOrmpgOBSkljH6I Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

4
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

20 kB
Transfer

54 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://onedrive.live.com/redir?resid=53983773B90B6BFA!107&authkey=!AOrmpgOBSkljH6I&ithint=file%2cdocx&e=EX3w3U HTTP 302
    https://onedrive.live.com/edit?id=53983773B90B6BFA!107&resid=53983773B90B6BFA!107&ithint=file%2cdocx&authkey=!AOrmpgOBSkljH6I&wdo=2&cid=53983773b90b6bfa HTTP 302
    https://onedrive.live.com/view.aspx?resid=53983773B90B6BFA%21107&authkey=!AOrmpgOBSkljH6I Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request view.aspx
onedrive.live.com/
Redirect Chain
  • https://onedrive.live.com/redir?resid=53983773B90B6BFA!107&authkey=!AOrmpgOBSkljH6I&ithint=file%2cdocx&e=EX3w3U
  • https://onedrive.live.com/edit?id=53983773B90B6BFA!107&resid=53983773B90B6BFA!107&ithint=file%2cdocx&authkey=!AOrmpgOBSkljH6I&wdo=2&cid=53983773b90b6bfa
  • https://onedrive.live.com/view.aspx?resid=53983773B90B6BFA%21107&authkey=!AOrmpgOBSkljH6I
53 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onedrive.live.com/view.aspx?resid=53983773B90B6BFA%21107&authkey=!AOrmpgOBSkljH6I
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.139.11 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a13aa0bd4bd8a3f49adbe0a176c11ad4cc7ac14bb1f709fcc8eeacf9790f8547
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Apr 2024 14:40:38 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-msedge-ref
Ref A: FE8CE686752545E483FEFA068D96DDF7 Ref B: SG2EDGE3520 Ref C: 2024-04-11T14:40:38Z
x-msnserver
88ccbbb55-4vq6q
x-odwebserver
eurwesteur409473-odwebpl

Redirect headers

cache-control
no-cache, no-store
content-length
0
content-type
text/html
date
Thu, 11 Apr 2024 14:40:38 GMT
expires
-1
location
https://onedrive.live.com/view.aspx?resid=53983773B90B6BFA%21107&authkey=!AOrmpgOBSkljH6I
pragma
no-cache
strict-transport-security
max-age=31536000
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-msedge-ref
Ref A: B6C31CAC342743A6A63BDFC7EB8D3219 Ref B: SG2EDGE3520 Ref C: 2024-04-11T14:40:37Z
x-msnserver
88ccbbb55-9kqn9
x-odwebserver
eurwesteur409473-odwebpl
initial.resx.js
res-1.cdn.office.net/files/odsp-web-prod_2024-03-29.005/wacodcowlhostwebpack.manifest/zh-cn/ 		965 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/odsp-web-prod_2024-03-29.005/wacodcowlhostwebpack.manifest/zh-cn/initial.resx.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=53983773B90B6BFA%21107&authkey=!AOrmpgOBSkljH6I
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.5.121 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-5-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c7a7c4f8ea8844dd285b7a468e7d85df66d47afc00e01553da0f2c11abdaa607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 14:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
akamai-cache-status
Miss from child
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-meta-sourceid
BA74BE583473691B2AA4E797889F4FDC592A745AA6383F24266E6006DCC917F600
server-timing
clientrtt; dur=30, clienttt; dur=6, origin; dur=0 , cdntime; dur=6
alt-svc
h3=":443"; ma=93600
content-length
395
last-modified
Tue, 02 Apr 2024 19:36:48 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=SINGAPORE&ASN=20940&Country=SG&Region=&RequestIdentifier=0.75052c17.1712846440.64ca1f8&TotalRTCDNTime=30&CompressionType=br&FileSize=395"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
93501e23-a01e-0069-061e-86b957000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
x-ms-meta-sourcebuild
odsp-web-prod_2024-03-29.005
akamai-request-bc
[a=23.44.5.117,b=105685496,c=g,n=SG__SINGAPORE,o=20940],[c=p,n=SG__SINGAPORE,o=20940]
timing-allow-origin
*
wacodcowlhostwebpack.js
res-1.cdn.office.net/files/odsp-web-prod_2024-03-29.005/wacodcowlhostwebpack.manifest/ 		0
0
FavIcon_Word.ico
res-1.cdn.office.net/officeonline/wv/s/h4FBD8CC4075E1795_resources/1033/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
res-1.cdn.office.net
URL
https://res-1.cdn.office.net/files/odsp-web-prod_2024-03-29.005/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Domain
res-1.cdn.office.net
URL
https://res-1.cdn.office.net/officeonline/wv/s/h4FBD8CC4075E1795_resources/1033/FavIcon_Word.ico

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $B object| $CJ object| Flight function| requirejs function| require function| define function| es6-symbol function| ES6Promise object| $Config object| FilesConfig object| WacConfig string| __odsp_culture number| g_responseEnd string| backupBaseUrl undefined| failOverState object| corsMatch function| processConfigToSupportFailOver undefined| __cdnFailOverState object| odspNextWebpackJsonp

4 Cookies

Domain/Path Name / Value
.live.com/ Name: xid
Value: 7e4058be-1204-4d17-8660-fc4d253f3754&&ODSP-ODWEB-ODCF&139
.live.com/ Name: wla42
Value:
.live.com/ Name: E
Value: P:7HMPWzVa3Ig=:sU8vHcLIVY3NZtNY6sBLesUc+laxhsHBeWQYqNYVGOo=:F
.live.com/ Name: xidseq
Value: 3

2 Console Messages

Source Level URL
Text
network error URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-03-29.005/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://res-1.cdn.office.net/officeonline/wv/s/h4FBD8CC4075E1795_resources/1033/FavIcon_Word.ico
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

onedrive.live.com
res-1.cdn.office.net
res-1.cdn.office.net
13.107.139.11
23.44.5.121
a13aa0bd4bd8a3f49adbe0a176c11ad4cc7ac14bb1f709fcc8eeacf9790f8547
c7a7c4f8ea8844dd285b7a468e7d85df66d47afc00e01553da0f2c11abdaa607