urlscan.io logo urlscan.io
SecurityTrails logo

view.officeapps.live.com Open in urlscan Pro
2603:1063:2000::12  Public Scan

Go To Rescan Add Verdict Report
URL: https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fwww.vertex42.com%2FFiles%2Fexclusive%2Fsoftware-inventory-trackin...
Submission Tags: falconsandbox
Submission: On June 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 2603:1063:2000::12, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is view.officeapps.live.com. The Cisco Umbrella rank of the primary domain is 34707.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on January 24th 2024. Valid for: a year.
This is the only time view.officeapps.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2603:1063:200... 8075 (MICROSOFT...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 3
Apex Domain
Subdomains		 Transfer
2 live.com
view.officeapps.live.com — Cisco Umbrella Rank: 34707
pnl1-excel.officeapps.live.com — Cisco Umbrella Rank: 162884
3 KB
1 office.net
c1-view-15.cdn.office.net — Cisco Umbrella Rank: 78818
8 KB
3 2

This site contains no links.

Subject Issuer Validity Valid
officeapps.live.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-01-24 -
2025-01-18		 a year crt.sh
*.cdn.office.net
Microsoft Azure RSA TLS Issuing CA 03		 2023-10-03 -
2024-09-27		 a year crt.sh

This page contains 2 frames:

Primary Page: https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fwww.vertex42.com%2FFiles%2Fexclusive%2Fsoftware-inventory-tracking.xlsx&wdOrigin=BROWSELINK
Frame ID: B1ABEA456837B6D047795696DDE63126
Requests: 3 HTTP requests in this frame

Frame: https://pnl1-excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Evertex42%252Ecom%253A443%252FFiles%252Fexclusive%252Fsoftware%252Dinventory%252Dtracking%252Exlsx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=f2a2bf14-8a0f-4c8f-aaa1-4b0a8e550578
Frame ID: 2714F7F8DC47A16E3E08CE88C1CDE357
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

software-inventory-tracking.xlsx

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE

Page Statistics

3
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

11 kB
Transfer

13 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request view.aspx
view.officeapps.live.com/op/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fwww.vertex42.com%2FFiles%2Fexclusive%2Fsoftware-inventory-tracking.xlsx&wdOrigin=BROWSELINK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9bc6fee72669ca7af6451ad0d0a5ba822601751819eb60f861b6ff74616d1eeb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 03 Jun 2024 18:30:09 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
f2a2bf14-8a0f-4c8f-aaa1-4b0a8e550578
x-msedge-features
afd_waccluster,afd_onenoteslice_control,afd_visioslice_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest_control
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest_control
x-msedge-ref
Ref A: 6B73BD7939D042F8A3A27AD641D6829D Ref B: FRA231050413035 Ref C: 2024-06-03T18:30:09Z
x-officecluster
PNL1
x-officefd
AM4PEPF0002D4F2
x-officefe
AM4PEPF0002D75B
x-officeversion
16.0.17717.41001
truncated
/ 		695 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
xlviewerinternal.aspx
pnl1-excel.officeapps.live.com/x/_layouts/ Frame 2714 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pnl1-excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Evertex42%252Ecom%253A443%252FFiles%252Fexclusive%252Fsoftware%252Dinventory%252Dtracking%252Exlsx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=f2a2bf14-8a0f-4c8f-aaa1-4b0a8e550578
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy font-src data: 'self' res-1.cdn.office.net *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.officeapps.live.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.officeapps.live.com *.msftauth.net js.monitor.azure.com *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com pmservices.cp.microsoft.com paymentinstruments.mp.microsoft.com paymentinstruments-int.mp.microsoft.com edge.payments.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; media-src blob: *.skype.com *.skypeassets.com *.officeapps.live.com; object-src 'self'; child-src blob: * ms-excel:; worker-src blob: 'self'; img-src * data: blob:; report-uri /x/reportcsp.ashx
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://view.officeapps.live.com
Referer
https://view.officeapps.live.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
font-src data: 'self' res-1.cdn.office.net *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.officeapps.live.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.officeapps.live.com *.msftauth.net js.monitor.azure.com *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com pmservices.cp.microsoft.com paymentinstruments.mp.microsoft.com paymentinstruments-int.mp.microsoft.com edge.payments.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; media-src blob: *.skype.com *.skypeassets.com *.officeapps.live.com; object-src 'self'; child-src blob: * ms-excel:; worker-src blob: 'self'; img-src * data: blob:; report-uri /x/reportcsp.ashx
content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jun 2024 18:30:10 GMT
document-policy
js-profiling
expires
-1
nel
{"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
origin-agent-cluster
?1
origin-trial
AtFKAQdG+ydQM/bvbc5Qxv930XARVdP6iEmsQLrizs1HYDZnXMf7/f8oOaknwmnnXoTmlFWim3Ptj/bW7MfeElEAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNzQ0MzA5NDUyfQ== AhQJUzE5LCv5KHvmQov3fZhTT0W3oRbJWD7uk+pw4EemPcV5dWZzr8wiGtZj/dh81uDAw0I9lZ30j8otVRSRQwYAAABkeyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://excelonline.nel.measure.office.net/api/report?FrontEnd=AFD&DestinationEndpoint=Edge-Prod-FRA23r5b&DC=PNL1&FileSource="}]}
reporting-endpoints
default="https://pnl1-excel.officeapps.live.com/x/BrowserReportingHandler.ashx"
timing-allow-origin
*
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
26d7cf6a-edbe-48fb-b8a9-f0c1e017290f
x-msedge-features
afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest
x-msedge-ref
Ref A: 149BE32D26DE41D9A0D0E04C3ADAA4D6 Ref B: FRA231050413035 Ref C: 2024-06-03T18:30:10Z
x-officecluster
PNL1
x-officefe
AM4PEPF0002D53D
x-officeversion
16.0.17729.42301
x-partitioning-enabled
true
x-usersessionid
26d7cf6a-edbe-48fb-b8a9-f0c1e017290f
x-yarp-fe
AM4PEPF0002D637
FavIcon_Excel.ico
c1-view-15.cdn.office.net/op/s/161771741001_Resources/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c1-view-15.cdn.office.net/op/s/161771741001_Resources/FavIcon_Excel.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f91::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
63bd80475830aa6933dc637e25a7a13f3773b1feef1feeb34f3c882344b088bb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://view.officeapps.live.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 03 Jun 2024 18:30:10 GMT
X-OfficeVersion
16.0.17717.41001
X-OfficeFE
AM4PEPF0002D75D
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest_control
Content-Length
7886
X-MSEdge-Features
afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest_control
Last-Modified
Sat, 25 May 2024 13:05:42 GMT
X-CorrelationId
0784f77c-c4bf-4c18-b96d-6a189bd9e274
X-OfficeCluster
PNL1
X-MSEdge-Ref
Ref A: 6A3284A46B174896A8607E5C845DD014 Ref B: FRA231050414035 Ref C: 2024-05-25T13:10:04Z
X-OFFICEFD
AM4PEPF0002D4E6
ETag
"8e6db83fa4aeda1:0"
Content-Type
image/x-icon
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| _iframeUrl string| _windowTitle string| _favIconUrl boolean| _shouldDoRedirect string| _failureRedirectUrl string| _accessToken function| OnLoad

9 Cookies

Domain/Path Name / Value
.view.officeapps.live.com/ Name: PNL1-ARRAffinity
Value: 1f4b33bcf6151c3652963a0a80719da21fbc920e62d2c8e17a8591b79c82e445
pnl1-excel.officeapps.live.com/ Name: PNL1-Excel-ARRAffinity
Value: 2f148501dfbf9395e34cdabdf0dbb6f5d6276c66778e1adf90f8b9dd55133176
.pnl1-excel.officeapps.live.com/ Name: PNL1-Excel-ARRAffinity
Value: 2f148501dfbf9395e34cdabdf0dbb6f5d6276c66778e1adf90f8b9dd55133176
pnl1-excel.officeapps.live.com/ Name: ShCLSessionID
Value: 1717439412077_0.08949280622315592
.login.live.com/ Name: uaid
Value: fd8b31a2b76e4fe695a01d3dceedda3a
.login.live.com/ Name: MSPRequ
Value: id=63539&lt=1717439412&co=1
.login.live.com/ Name: MSCC
Value: 138.199.38.132-DE
.login.live.com/ Name: MSPOK
Value: $uuid-5d6ac9e9-9ea5-4d34-b99b-e18e041cec69
.login.live.com/ Name: OParams
Value: 11O.DpLe1rye2rhALquGSun0mG1HetU8Lgrj4c1IYyGr3!X6X9B1zysQ!UI2fY6h203TJoO9CZXGHR8hRldltYjfoV9OSmY8ckFC4HecsXwcpugAPHmNXE7Ro3f4!JPWQu7YGOh7eH6gv5ZNt0YNPIJOo4ECXwIXjyjfK8ZxCiyBA7vaUn7SiCLyzjjXrv84jBMEgb0Opz762Vc6boebRTQNNA2ys3nJSZcOb5gSy*EIm1v9j20Ggd2rA1uEsHuv2!yxXvMwVfpCG82iVPtlzuwLOqM7zQoTzOvnIDREXhsKdTlMAs6fmcyvTT9BGYAyXmRTE0lmlCN4iTWpIwvYVnFXFo6Eu3dCMtNWVoR!aXX90YR!DbL7GNwZhtEGXQNWHP!4Fq3ADyzYSOrHSRpX5pcN2oR9R00bjfNPK1uHt8f5nx7n

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff