2013/9/16 Kyle Maxwell <[1]kylem@xwell.org>

   I also suspect they're doing some level of malware screening. If so,
   it didn't work too well here - not that this is malware (the author of
   the original service that created these docs is a personal friend) but
   it has a lot of similar code / functionality.

   Are you suggesting they pull external resources to scan them too?
   This'd be quite proactive.
   It remains quite unusual.
   Some variations of the experiment with:
   * non suspicious/interesting documents - should trigger well-intended
   automation as well as interesting documents
   * boring file formats (like txt) and URLs - do all URLs get pulled or
   only automatically requested ones?
   * files that won't load for rendering but would load for a crawler that
   tries to find malware
   * you own server so that you may examine all the data send along with
   the request, like the headers!

References

   1. mailto:kylem@xwell.org