urlscan.io logo urlscan.io
SecurityTrails logo

view.officeapps.live.com Open in urlscan Pro
2603:1063:2000::12  Public Scan

Go To Rescan Add Verdict Report
URL: https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2F3d88c61f-f7a9-4be4-9e4a-0272625706ca.usrfiles.com%2Fugd%2F3d88c6_...
Submission: On April 24 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 2603:1063:2000::12, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is view.officeapps.live.com. The Cisco Umbrella rank of the primary domain is 21328.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on January 24th 2024. Valid for: a year.
This is the only time view.officeapps.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2603:1063:200... 8075 (MICROSOFT...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 3
Apex Domain
Subdomains		 Transfer
2 live.com
view.officeapps.live.com — Cisco Umbrella Rank: 21328
pnl1-excel.officeapps.live.com — Cisco Umbrella Rank: 147745
3 KB
1 office.net
c1-view-15.cdn.office.net — Cisco Umbrella Rank: 39908
8 KB
3 2

This site contains no links.

Subject Issuer Validity Valid
officeapps.live.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-01-24 -
2025-01-18		 a year crt.sh
*.cdn.office.net
Microsoft Azure RSA TLS Issuing CA 03		 2023-10-03 -
2024-09-27		 a year crt.sh

This page contains 2 frames:

Primary Page: https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2F3d88c61f-f7a9-4be4-9e4a-0272625706ca.usrfiles.com%2Fugd%2F3d88c6_1f8b9f5ab6e348b289ee68daddb43069.xlsx&wdOrigin=BROWSELINK
Frame ID: A397EF291D2B65FAEB9E82D8D9BC50F7
Requests: 3 HTTP requests in this frame

Frame: https://pnl1-excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252F3d88c61f%252Df7a9%252D4be4%252D9e4a%252D0272625706ca%252Eusrfiles%252Ecom%253A443%252Fugd%252F3d88c6%255F1f8b9f5ab6e348b289ee68daddb43069%252Exlsx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=88d05113-9536-43b2-a7f7-97d2cd7a4be4
Frame ID: 5E318ECEB9B2AB6245EEEA758C6FEE7C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

3d88c6_1f8b9f5ab6e348b289ee68daddb43069.xlsx

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE

Page Statistics

3
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

11 kB
Transfer

13 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request view.aspx
view.officeapps.live.com/op/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2F3d88c61f-f7a9-4be4-9e4a-0272625706ca.usrfiles.com%2Fugd%2F3d88c6_1f8b9f5ab6e348b289ee68daddb43069.xlsx&wdOrigin=BROWSELINK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1b2c81641b1810c4d2bb7c7b0b570aaa791c336372b35c0193df0ba96b654d71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 14:45:31 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
88d05113-9536-43b2-a7f7-97d2cd7a4be4
x-msedge-features
afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest
x-msedge-ref
Ref A: 2803FB0021394FDE9682BB99EE14E066 Ref B: FRA231050411035 Ref C: 2024-04-24T14:45:31Z
x-officecluster
PNL1
x-officefd
AM4PEPF0002D4DC
x-officefe
AM4PEPF0002D75D
x-officeversion
16.0.17614.41006
truncated
/ 		695 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
xlviewerinternal.aspx
pnl1-excel.officeapps.live.com/x/_layouts/ Frame 5E31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pnl1-excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252F3d88c61f%252Df7a9%252D4be4%252D9e4a%252D0272625706ca%252Eusrfiles%252Ecom%253A443%252Fugd%252F3d88c6%255F1f8b9f5ab6e348b289ee68daddb43069%252Exlsx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=88d05113-9536-43b2-a7f7-97d2cd7a4be4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy font-src data: 'self' res-1.cdn.office.net *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.officeapps.live.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.officeapps.live.com *.msftauth.net js.monitor.azure.com *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com pmservices.cp.microsoft.com paymentinstruments.mp.microsoft.com paymentinstruments-int.mp.microsoft.com edge.payments.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; media-src blob: *.skype.com *.skypeassets.com *.officeapps.live.com; object-src 'self'; child-src blob: * ms-excel:; worker-src blob: 'self'; img-src * data: blob:; report-uri /x/reportcsp.ashx
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://view.officeapps.live.com
Referer
https://view.officeapps.live.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
font-src data: 'self' res-1.cdn.office.net *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.officeapps.live.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.officeapps.live.com *.msftauth.net js.monitor.azure.com *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com pmservices.cp.microsoft.com paymentinstruments.mp.microsoft.com paymentinstruments-int.mp.microsoft.com edge.payments.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; media-src blob: *.skype.com *.skypeassets.com *.officeapps.live.com; object-src 'self'; child-src blob: * ms-excel:; worker-src blob: 'self'; img-src * data: blob:; report-uri /x/reportcsp.ashx
content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Apr 2024 14:45:31 GMT
document-policy
js-profiling
expires
-1
nel
{"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
origin-agent-cluster
?1
origin-trial
AiEeevdgKBiq37XjJeDqmaccPhecbEm+bxflC7WOKkv5wnGfbdoVop99b8bLk4oXifN9pukpdcpoR4cipX8rbnEAAABueyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOmZhbHNlLCJmZWF0dXJlIjoiSGFwdGljc0RldmljZSIsImV4cGlyeSI6MTcxMzkxNjgwMH0= AhQJUzE5LCv5KHvmQov3fZhTT0W3oRbJWD7uk+pw4EemPcV5dWZzr8wiGtZj/dh81uDAw0I9lZ30j8otVRSRQwYAAABkeyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://excelonline.nel.measure.office.net/api/report?FrontEnd=AFD&DestinationEndpoint=Edge-Prod-FRA23r5a&DC=PNL1&FileSource="}]}
reporting-endpoints
default="https://pnl1-excel.officeapps.live.com/x/BrowserReportingHandler.ashx"
timing-allow-origin
*
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
6cb12785-b474-4393-b3da-ed67d5482eda
x-msedge-features
afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest_control
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest_control
x-msedge-ref
Ref A: 1EBBC97E724C4F238D321FD039C4E1D6 Ref B: FRA231050411035 Ref C: 2024-04-24T14:45:31Z
x-officecluster
PNL1
x-officefe
AM4PEPF0002D502
x-officeversion
16.0.17618.42300
x-partitioning-enabled
true
x-usersessionid
6cb12785-b474-4393-b3da-ed67d5482eda
x-yarp-fe
AM4PEPF0002D648
FavIcon_Excel.ico
c1-view-15.cdn.office.net/op/s/161761441006_Resources/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c1-view-15.cdn.office.net/op/s/161761441006_Resources/FavIcon_Excel.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
63bd80475830aa6933dc637e25a7a13f3773b1feef1feeb34f3c882344b088bb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://view.officeapps.live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 14:45:31 GMT
X-OfficeVersion
16.0.17614.41006
X-OfficeFE
AM4PEPF0002D75F
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest_control
Content-Length
7886
X-MSEdge-Features
afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest_control
Last-Modified
Wed, 17 Apr 2024 22:38:09 GMT
X-CorrelationId
5e9ce345-9d1e-4a35-9a31-dc0f038fa954
X-OfficeCluster
PNL1
X-MSEdge-Ref
Ref A: EA9967D1BC3A4836BA2ED2D904D23A42 Ref B: FRA231050411025 Ref C: 2024-04-17T22:46:26Z
X-OFFICEFD
AM4PEPF0002D4EE
ETag
"2c4961ec1791da1:0"
Content-Type
image/x-icon
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| _iframeUrl string| _windowTitle string| _favIconUrl boolean| _shouldDoRedirect string| _failureRedirectUrl string| _accessToken function| OnLoad

10 Cookies

Domain/Path Name / Value
.view.officeapps.live.com/ Name: PNL1-ARRAffinity
Value: 7a0f188831cd9fea51b53b5d3d8dc923155afecb4bc4a286819b8047be6aa43c
pnl1-excel.officeapps.live.com/ Name: PNL1-Excel-ARRAffinity
Value: e52405949fa492726100625862e1c19ef9d5760e5b1a8a36ba81342875614f79
.pnl1-excel.officeapps.live.com/ Name: PNL1-Excel-ARRAffinity
Value: e52405949fa492726100625862e1c19ef9d5760e5b1a8a36ba81342875614f79
pnl1-excel.officeapps.live.com/ Name: ShCLSessionID
Value: 1713969933201_0.10356940323726427
.login.live.com/ Name: uaid
Value: f6523a92f1284140b345661c4c2ff1db
.login.live.com/ Name: MSPRequ
Value: id=63539&lt=1713969933&co=1
.login.live.com/ Name: MSCC
Value: 80.255.10.202-DE
.login.live.com/ Name: MSPOK
Value: $uuid-0acf6383-556f-4955-8de1-c0b3c415e6e2
.login.live.com/ Name: OParams
Value: 11O.DtYW*as0YKG*grg6XumSBx*X*45Bj0lmSy3h3YP4JGz*sQJBjE5KhyRSCCfC885wBseYlHLsLtnDoDzr2VqjdpMejpniXVhG4Zf!EaLvcZ9wdHfT3xeg2yuZcGC3kUa!3aGwjE4Wh3UO1ZoUYN*EHop3ek9392k*UosE5SuA*tT4VB8wjmZr2R9dN9q!vboVAIZXDu9n8eB4pXQLjf5uSbib*KytdV9PKaNv!l46JbtGs8i3MWf0u9jCo0hiSUINC*gnumKQalCH8U5Qth9RuVJlKeOuS1ENSxV8ydSdwZid*Go9aY!L5Ef4pIN37iohUXjLM5sMR0xLNc47y61QqEw1m49n110e8DygzozmR08ij47NIc!Wp!AjpYBPLrh6UpnH10mtUUET6kH37PS!CRh0DAgXjejQdSKy2SnaMSzN
.shared.officeapps.live.com/ Name: PIE1-ARRAffinity
Value: 8455a0412f4028f5611167d57b8029a5b946f1e8eb25fb689d8f5e0425616139

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff