onedrive.live.com
Open in
urlscan Pro
13.107.42.13
Public Scan
Submission Tags: falconsandbox
Submission: On March 02 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 05 on November 9th 2022. Valid for: a year.
This is the only time onedrive.live.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 13.107.42.13 13.107.42.13 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
10 | 2a02:26f0:11a... 2a02:26f0:11a::6867:48d9 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:f70... 2a02:26f0:f700:4bd::4b36 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
3 | 20.44.10.123 20.44.10.123 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
5 | 2620:1ec:a92:... 2620:1ec:a92::171 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
20 | 5 |
ASN20940 (AKAMAI-ASN1, NL)
modernb.akamai.odsp.cdn.office.net |
ASN20940 (AKAMAI-ASN1, NL)
c1-word-view-15.cdn.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
word-view.officeapps.live.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
office.net
modernb.akamai.odsp.cdn.office.net — Cisco Umbrella Rank: 13219 c1-word-view-15.cdn.office.net — Cisco Umbrella Rank: 4408 |
432 KB |
6 |
live.com
onedrive.live.com — Cisco Umbrella Rank: 1481 word-view.officeapps.live.com — Cisco Umbrella Rank: 7462 |
21 KB |
3 |
microsoft.com
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 138 |
373 B |
20 | 3 |
Domain | Requested by | |
---|---|---|
10 | modernb.akamai.odsp.cdn.office.net |
onedrive.live.com
modernb.akamai.odsp.cdn.office.net |
5 | word-view.officeapps.live.com |
c1-word-view-15.cdn.office.net
|
3 | browser.pipe.aria.microsoft.com |
modernb.akamai.odsp.cdn.office.net
|
1 | c1-word-view-15.cdn.office.net |
modernb.akamai.odsp.cdn.office.net
|
1 | onedrive.live.com | |
20 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
onedrive.com Microsoft Azure TLS Issuing CA 05 |
2022-11-09 - 2023-11-04 |
a year | crt.sh |
wildcard.akamai.odsp.cdn.office.net DigiCert SHA2 Secure Server CA |
2022-07-29 - 2023-07-29 |
a year | crt.sh |
*.cdn.office.net Microsoft Azure TLS Issuing CA 06 |
2023-01-11 - 2024-01-06 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02 |
2022-12-07 - 2023-12-02 |
a year | crt.sh |
officeapps.live.com DigiCert Cloud Services CA-1 |
2022-04-19 - 2023-04-18 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://onedrive.live.com/view.aspx?resid=9F8162A7C89F0DBF%21155&ithint=file%2Cdocx&wdo=2&authkey=%21AIWxEZaQ-xO3in0
Frame ID: 5DE1FAF1D2D2984FE70841B8C4382734
Requests: 19 HTTP requests in this frame
Frame:
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de-DE&rs=en-US&hid=vX7fAhX9P0m2YMc%2B2A1kwg.0&wopisrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9F8162A7C89F0DBF!155&wdo=2&wde=docx&sc=host%3D%26qt%3DDefault&wdp=7&uih=OneDrive&jsapi=1&jsapiver=v2&corrid=fe4651eb-8e74-4f55-bd68-05785d785b07&usid=fe4651eb-8e74-4f55-bd68-05785d785b07&newsession=1&sftc=1&readonly=1&wdorigin=Other&wdredirectionreason=Unified_ViewActionUrl
Frame ID: 70B13DF1E920D08FF17AF52929B2E7F1
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
invite-SEkKvxZXfZO.docx - Microsoft Word OnlineDetected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- \.aspx?(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
view.aspx
onedrive.live.com/ |
56 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plt.resx-plt.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-27.008/odcwachostwebpack.manifest/de/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plt.react.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-27.008/odcwachostwebpack.manifest/ |
122 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plt.office-ui-fabric-react.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-27.008/odcwachostwebpack.manifest/ |
259 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plt.odsp-common.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-27.008/odcwachostwebpack.manifest/ |
221 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plt.items-view.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-27.008/odcwachostwebpack.manifest/ |
99 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
odcwachostwebpack.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-27.008/odcwachostwebpack.manifest/ |
451 KB 133 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
31.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-27.008/odcwachostwebpack.manifest/ |
51 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
32.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-27.008/odcwachostwebpack.manifest/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
30.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-27.008/odcwachostwebpack.manifest/ |
108 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ondemand.resx-ondemand.js
modernb.akamai.odsp.cdn.office.net/files/odsp-web-prod_2023-01-27.008/odcwachostwebpack.manifest/de/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
word.boot.js
c1-word-view-15.cdn.office.net/wv/s/h383EA340D0DA43CB_App_Scripts/ |
138 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 261 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
RemoteTelemetry.ashx
word-view.officeapps.live.com/wv/ |
0 615 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
RemoteUls.ashx
word-view.officeapps.live.com/wv/ |
0 0 |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
wordviewerframe.aspx
word-view.officeapps.live.com/wv/ Frame 70B1 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 56 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
RemoteTelemetry.ashx
word-view.officeapps.live.com/wv/ |
0 242 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
RemoteUls.ashx
word-view.officeapps.live.com/wv/ |
0 0 |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 56 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| $B object| $CJ object| Flight function| requirejs function| require function| define function| RequireDeps object| __tti function| es6-symbol function| ES6Promise object| $Config object| FilesConfig object| WacConfig string| __odsp_culture number| g_responseEnd string| backupBaseUrl object| failOverState object| corsMatch function| processConfigToSupportFailOver object| __cdnFailOverState object| odspNextWebpackJsonp function| __debugSetKillSwitch object| ODSP_TELEMETRY_MANAGER function| __onbeforeunload object| __stylesheet__ object| __globalSettings__ object| __themeState__ object| __packages__ number| __currentId__ object| __testHooks object| _perfMarks object| CUSTOMERPROMISE_MANAGER object| __events__ object| odstore object| __debugLoggerContext object| __ko object| Microsoft boolean| g_WACDone13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.live.com/ | Name: E Value: P:f5kQLQIb24g=:LitF6TW4rC/AyMQt6KmbcmjjchtVJx0WqVCOY3I/5cc=:F |
|
.live.com/ | Name: xid Value: 387d9e1c-69cf-4a06-b095-12b44c771637&&RDE42AAC889967&98 |
|
.live.com/ | Name: xidseq Value: 1 |
|
.live.com/ | Name: wla42 Value: |
|
onedrive.live.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: 949e07cc-b23a-4597-5457-400623ca1880 |
|
onedrive.live.com/ | Name: MicrosoftApplicationsTelemetryFirstLaunchTime Value: 1677750039668 |
|
word-view.officeapps.live.com/ | Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 |
|
word-view.officeapps.live.com/ | Name: ShCLSessionID Value: 1677750041937_0.13426971750372552 |
|
.login.live.com/ | Name: uaid Value: cd6ae710f7104efc917a537391e616c6 |
|
.login.live.com/ | Name: MSPRequ Value: id=63539<=1677750042&co=1 |
|
.login.live.com/ | Name: MSCC Value: 80.255.7.102-DE |
|
.login.live.com/ | Name: MSPOK Value: $uuid-1d146018-1862-41f3-b9d2-036cfdea311b |
|
.login.live.com/ | Name: OParams Value: 11O.DRsuehs7Z!BYKJ8tfoKaCNUSx88Msvqk4Ig0x6sA8nRYyx796HBrapzQrMyr2KvVQUMpQvW40R0SAOCVmIcUqAV7tphj65MpZQxVDtJANmjPbkqWozYoyEaaEqeKaixQWu3o5OmTizCuVO*ORmVUTD5i9tIM9oAGCcS64t6o37z4anwehSXR2wdaDwXeVPju*UkNbrjHBaWM8TfUXlTb3yCPJhXXfXvs4buM0r4wDMg2Dhak2qEioPV*IdKjkwodnpWhrQIpUfy3C74v9A4RrfgU1KR2OKxMeia5lhl6nZh6cbcYmwGnRtHFOyGBJaQAGNXC7HJCIMloUyqYYZco96G5XD8C6ML0FblmFq9shq72lk57Y9s8X5CMi2E0seHTXoDfr3k2bD7hlM*wU!GvsQOBNKjN3isHnXncxYVGm793 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.pipe.aria.microsoft.com
c1-word-view-15.cdn.office.net
modernb.akamai.odsp.cdn.office.net
onedrive.live.com
word-view.officeapps.live.com
13.107.42.13
20.44.10.123
2620:1ec:a92::171
2a02:26f0:11a::6867:48d9
2a02:26f0:f700:4bd::4b36
162b1e05754d2b0d970bece2d03dca8751febff7ac903b19f48b8b642a987d2c
383ea340d0da43cbb10d185b4cbb4e04fa35ea577dadf394aee9443424c2162b
3e29c64c5403fc48d113bf1bd04d94a7626c070ced2640e24d24765fe917e550
3f4ceb86530d6790a5ef3f5934acebe3b1abc5525cc33c80878200572c41f1a5
52ddf07e06278e9e889030307a0bbb9d8c55ab7b472149fe2f50e6e95d1d035f
794f0d3f871a1a5274b18d009dd038a6d0a35e9b173206dfb312bee07e83a06f
7db888a8d3f22c674fb7c9dffc3ec2ea0d7aa96731db7c72896a255a2eacfe29
83eeb2280db1cbf15fd21c112e9a8af89fbb563a95e3aebf908226a98b8a0af2
8b3e14441b3eb079d4c3867b5b5253a74911056e5f072f63e748fea2c69a95a8
a38c32621ed8c750dbf7a584af442541027f6262e927fec9a3ac3a23c41dff59
c7a495ed58d48bf5cfd00d4777d280bb9f44f7ac2308fb2766209b3d625a2302
d6be9843f3b1d7716912337a3f57c511f3b738471989c9c7b8b113e5229e22b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855