urlscan.io logo urlscan.io
SecurityTrails logo

outlook.live.com Open in urlscan Pro
2603:1026:c0d:1029::2  Public Scan

Go To Rescan Add Verdict Report
URL: https://outlook.live.com/owa/0/service.svc/CreateAttachmentFromLocalFile
Submission Tags: falconsandbox
Submission: On November 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 2603:1026:c0d:1029::2, located in Frankfurt am Main, Germany and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is outlook.live.com. The Cisco Umbrella rank of the primary domain is 3788.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on June 27th 2024. Valid for: a year.
This is the only time outlook.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2603:1026:c0d... 8075 (MICROSOFT...)
2 1
Apex Domain
Subdomains		 Transfer
3 live.com
outlook.live.com — Cisco Umbrella Rank: 3788
10 KB
2 1
Domain Requested by
3 outlook.live.com 1 redirects
2 1

This site contains no links.

Subject Issuer Validity Valid
outlook.com
DigiCert Cloud Services CA-1		 2024-06-27 -
2025-06-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://outlook.live.com/owa/0/service.svc/CreateAttachmentFromLocalFile
Frame ID: 67A5BE8F37A9394788A1BB965612ECE0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

2
Requests

50 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

9 kB
Transfer

8 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://outlook.live.com/favicon.ico HTTP 302
  • https://outlook.live.com/owa/favicon.ico

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request CreateAttachmentFromLocalFile
outlook.live.com/owa/0/service.svc/ 		43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://outlook.live.com/owa/0/service.svc/CreateAttachmentFromLocalFile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:c0d:1029::2 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1e6efa645d337206263d80d3105d14a4b8fedf55cbebd29ba8154f7659f03d8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
content-length
43
content-type
text/html; charset=utf-8
date
Wed, 06 Nov 2024 00:11:16 GMT
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=FRA&RemoteIP=2a01:4a0:1338::&Environment=MT"}],"include_subdomains":true}
request-id
ec5972be-e822-ebb6-78d9-2c27ad7196fb
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-begin
2024-11-06T00:11:16.417
x-backend-end
2024-11-06T00:11:16.432
x-backendhttpstatus
440 440 440
x-beserver
CP6P284MB1708
x-calculatedbetarget
CP6P284MB1708.BRAP284.PROD.OUTLOOK.COM
x-calculatedfetarget
ROAP284CU014.internal.outlook.com CP5P284CU007.internal.outlook.com
x-diaginfo
CP6P284MB1708
x-feefzinfo
FRA
x-feproxyinfo
FR4P281CA0315.DEUP281.PROD.OUTLOOK.COM
x-feserver
CP5P284CA0115 ROAP284CA0300 FR4P281CA0315
x-firsthopcafeefz
FRA
x-owa-diagnosticsinfo
5;0;0;
x-proxy-backendserverstatus
440
x-proxy-routingcorrectness
1
x-responseorigin
OwaAppPool
x-rum-notupdatequerieddbcopy
1
x-rum-notupdatequeriedpath
1
x-rum-validated
1
x-ua-compatible
IE=EmulateIE7
favicon.ico
outlook.live.com/owa/
Redirect Chain
  • https://outlook.live.com/favicon.ico
  • https://outlook.live.com/owa/favicon.ico
8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://outlook.live.com/owa/favicon.ico
Protocol
H2
Server
2603:1026:c0d:1029::2 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e35d94b76894d6eca96ff5b1a12d94dfe73485ef3c52cb5b4395be8ffac1cb45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://outlook.live.com/owa/0/service.svc/CreateAttachmentFromLocalFile

Response headers

x-feserver
BE1P281CA0493, FR4P281CA0315
etag
"077d1f4932edb1:0"
x-rum-notupdatequerieddbcopy
1
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=FRA&RemoteIP=2a01:4a0:1338::&Environment=MT"}],"include_subdomains":true}
x-content-type-options
nosniff
request-id
870628d1-512a-f3a8-c62f-79c51949fce5
alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
content-type
image/x-icon
last-modified
Mon, 04 Nov 2024 08:31:34 GMT
x-proxy-routingcorrectness
1
x-rum-validated
1
x-responseorigin
OwaAppPool
cache-control
public,max-age=2592000
x-feefzinfo
FRA
x-calculatedfetarget
BE1P281CU032.internal.outlook.com
accept-ranges
bytes
content-length
7886
x-calculatedbetarget
BEXP281MB0071.DEUP281.PROD.OUTLOOK.COM
server
Microsoft-IIS/10.0
x-firsthopcafeefz
FRA
x-backend-begin
2024-11-06T00:11:16.621
x-diaginfo
BEXP281MB0071
x-ua-compatible
IE=EmulateIE7
date
Wed, 06 Nov 2024 00:11:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-feproxyinfo
FR4P281CA0315.DEUP281.PROD.OUTLOOK.COM
x-backend-end
2024-11-06T00:11:16.621
x-backendhttpstatus
200, 200
x-rum-notupdatequeriedpath
1
x-proxy-backendserverstatus
200
x-beserver
BEXP281MB0071

Redirect headers

x-feserver
FR4P281CA0315
strict-transport-security
max-age=31536000; includeSubDomains; preload
location
/owa/favicon.ico
x-feefzinfo
FRA
ms-cv
apRpmx3Kl2bDhJecK0LuXg.0
x-feproxyinfo
FR4P281CA0315.DEUP281.PROD.OUTLOOK.COM
request-id
9b69946a-ca1d-6697-c384-979c2b42ee5e
alt-svc
h3=":443";ma=2592000,h3-29=":443";ma=2592000
content-length
133
date
Wed, 06 Nov 2024 00:11:16 GMT
content-type
text/html; charset=utf-8
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
outlook.live.com/ Name: ClientId
Value: 159AF14ED4A84E9788652F6CE9E88A73

1 Console Messages

Source Level URL
Text
network error URL: https://outlook.live.com/owa/0/service.svc/CreateAttachmentFromLocalFile
Message:
Failed to load resource: the server responded with a status of 440 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

outlook.live.com
2603:1026:c0d:1029::2
1e6efa645d337206263d80d3105d14a4b8fedf55cbebd29ba8154f7659f03d8a
e35d94b76894d6eca96ff5b1a12d94dfe73485ef3c52cb5b4395be8ffac1cb45