smbpurchase-oobe.omex.office.net
Open in
urlscan Pro
52.111.243.5
Public Scan
Submission: On August 23 via automatic, source certstream-suspicious — Scanned from NL
Summary
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on June 12th 2024. Valid for: a year.
This is the only time smbpurchase-oobe.omex.office.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 52.111.243.5 52.111.243.5 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a02:26f0:350... 2a02:26f0:3500:11::215:14cc | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 52.168.117.168 52.168.117.168 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
6 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
smbpurchase-oobe.omex.office.net |
ASN20940 (AKAMAI-ASN1, NL)
omex.cdn.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
office.net
smbpurchase-oobe.omex.office.net omex.cdn.office.net — Cisco Umbrella Rank: 4180 |
1 MB |
2 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 144 |
302 B |
6 | 2 |
Domain | Requested by | |
---|---|---|
3 | smbpurchase-oobe.omex.office.net |
omex.cdn.office.net
|
2 | browser.events.data.microsoft.com |
omex.cdn.office.net
|
1 | omex.cdn.office.net |
smbpurchase-oobe.omex.office.net
|
6 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
smbpurchase-oobe.omex.office.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-06-12 - 2025-06-07 |
a year | crt.sh |
contentstorage.omex.office.net Microsoft Azure ECC TLS Issuing CA 07 |
2024-05-27 - 2025-05-22 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 04 |
2024-06-29 - 2025-06-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://smbpurchase-oobe.omex.office.net/
Frame ID: CB793421C1A28F51EB8CE7E87ED95E77
Requests: 5 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
smbpurchase-oobe.omex.office.net/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Smboobe.ef268de8244762a67e9e.js
omex.cdn.office.net/smboobe/ |
7 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translation.json
smbpurchase-oobe.omex.office.net/client-app/locales/en-US/ |
25 KB 5 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
smbpurchase-oobe.omex.office.net/ |
0 233 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
24 B 302 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunkoobe_client_app object| regeneratorRuntime object| __globalSettings__ object| __stylesheet__ object| __themeState__ object| __packages__ object| __dynProto$Gbl number| 2f1acc6c3a606b082e5eef5e54414ffb object| pidlResourceHelpers object| pidlOrchestrator boolean| smbLoaded2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
smbpurchase-oobe.omex.office.net/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: 27941794-22f8-43aa-89ce-b20c80c28640 |
|
smbpurchase-oobe.omex.office.net/ | Name: MicrosoftApplicationsTelemetryFirstLaunchTime Value: 2024-08-23T16:35:14.712Z |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' *.microsoft.com *.sharepointonline.com spoprod-a.akamaihd.net https://ffpt.microsoft.com/tags https://omex.cdn.office.net; frame-ancestors 'self' http://oloobe.officeapps.live.com:80 http://www.microsoft.com:80 http://localhost:4000; frame-src *; connect-src *; |
Strict-Transport-Security | max-age=31536000 |
X-Xss-Protection | 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.events.data.microsoft.com
omex.cdn.office.net
smbpurchase-oobe.omex.office.net
2a02:26f0:3500:11::215:14cc
52.111.243.5
52.168.117.168
2206047bcaf2639d92c2b8fc21e50ccc12a770bc972d0f06843bd1bc8dbfe7d8
74648cbb2c3d07fb79fad91b1155829237ae1ccdbf101d861eb1682c3971a567
8529dc2ea2aebc566e99d9415e11b3de98749b5c482c4c3d6b32ec2f6402fdad
deec8f312793d0385fefbe1a08eaa7e22dec8c9b91d9ce2170cd93c4395612b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855