rex.microsoft365.com Open in urlscan Pro
52.111.243.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.infomail.microsoft.com/r/?id=h5c0c835e,599fd241,599fd348&e=b2NpZD0&s=nd-viXZFz3eA3ka6Cz6PwBlVeDT0zBp5qUDiB-cjpaY
Effective URL:
https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmm...
Submission: On April 08 via api (April 8th 2024, 8:19:48 pm UTC) from BE — Scanned from DE

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 52.111.243.5, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is rex.microsoft365.com.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on January 30th 2024. Valid for: a year.

This is the only time rex.microsoft365.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	20.97.219.252 20.97.219.252	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a02:26f0:350... 2a02:26f0:3500:58e::2c1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:350... 2a02:26f0:3500:897::2af1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.111.243.5 52.111.243.5	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2a02:26f0:350... 2a02:26f0:3500:11::215:14db	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.168.112.66 52.168.112.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	4

1 20.97.219.252 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.infomail.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:58e::2c1a (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

go.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:897::2af1 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

checkout.microsoft365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.111.243.5 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rex.microsoft365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:3500:11::215:14db (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

omex.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.168.112.66 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	office.net omex.cdn.office.net — Cisco Umbrella Rank: 4897	866 KB
4	microsoft.com 2 redirects t.infomail.microsoft.com — Cisco Umbrella Rank: 526690 go.microsoft.com — Cisco Umbrella Rank: 196 browser.events.data.microsoft.com — Cisco Umbrella Rank: 291	2 KB
3	microsoft365.com 1 redirects checkout.microsoft365.com — Cisco Umbrella Rank: 220579 rex.microsoft365.com	4 KB
13	3

	Domain	Requested by
9	omex.cdn.office.net	rex.microsoft365.com omex.cdn.office.net
2	browser.events.data.microsoft.com	omex.cdn.office.net
2	rex.microsoft365.com	omex.cdn.office.net
1	checkout.microsoft365.com	1 redirects
1	go.microsoft.com	1 redirects
1	t.infomail.microsoft.com	1 redirects
13	6

This site contains links to these domains. Also see Links.

Domain
checkout.microsoft365.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
rex.microsoft365.com Microsoft Azure RSA TLS Issuing CA 07	`2024-01-30` - `2025-01-24`	a year	crt.sh
contentstorage.omex.office.net DigiCert SHA2 Secure Server CA	`2023-07-24` - `2024-07-24`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 04	`2023-12-31` - `2024-12-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_&corr=6df6816a-d6f5-19af-abe3-d06f4f0ede03
Frame ID: D93D065DC7D98F2B71DB9357D4463A23
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft 365 Checkout

Page URL History Show full URLs

https://t.infomail.microsoft.com/r/?id=h5c0c835e,599fd241,599fd348&e=b2NpZD0&s=nd-viXZFz3eA3ka6Cz6PwBlVeDT0zB... HTTP 302
https://go.microsoft.com/fwlink/?linkid=2223312&ocid=cmmu9evb53t&CLRTags=c_udf~$~CTA1~$$~c_cmp~$~cont... HTTP 302
https://checkout.microsoft365.com/acquire/purchase?language=en-US&market=US&requestedDuration=month&scenario=m... HTTP 302
https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsof... Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Checkout

Page Statistics

13
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

6
Subdomains

4
IPs

3
Countries

869 kB
Transfer

1455 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://checkout.microsoft365.com/acquire/purchase?language=en-us&market=us&scenario=microsoft-365-basic&requestedduration=month&rexId=6df6816a-d6f5-19af-abe3-d06f4f0ede03&corr=6df6816a-d6f5-19af-abe3-d06f4f0ede03&flightId=P-E-1154248-2-17
Title: Sign in to continue

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/privacystatement
Title: Privacy statement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.infomail.microsoft.com/r/?id=h5c0c835e,599fd241,599fd348&e=b2NpZD0&s=nd-viXZFz3eA3ka6Cz6PwBlVeDT0zBp5qUDiB-cjpaY HTTP 302
https://go.microsoft.com/fwlink/?linkid=2223312&ocid=cmmu9evb53t&CLRTags=c_udf~$~CTA1~$$~c_cmp~$~contentblock_4411556-EmailHero~$$~c_type~$~CTAButton~$$~c_pos~$~83A_~_CLRTags_~_&ocid= HTTP 302
https://checkout.microsoft365.com/acquire/purchase?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_ HTTP 302
https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_&corr=6df6816a-d6f5-19af-abe3-d06f4f0ede03 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request presisuQ2 Show response
rex.microsoft365.com/
Redirect Chain

https://t.infomail.microsoft.com/r/?id=h5c0c835e,599fd241,599fd348&e=b2NpZD0&s=nd-viXZFz3eA3ka6Cz6PwBlVeDT0zBp5qUDiB-cjpaY
https://go.microsoft.com/fwlink/?linkid=2223312&ocid=cmmu9evb53t&CLRTags=c_udf~$~CTA1~$$~c_cmp~$~contentblock_4411556-EmailHero~$$~c_type~$~CTAButton~$$~c_pos~$~83A_~_CLRTags_~_&ocid=
https://checkout.microsoft365.com/acquire/purchase?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7...
https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentbloc...

633 B
961 B

137ms
51ms

Document
text/html

52.111.243.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_&corr=6df6816a-d6f5-19af-abe3-d06f4f0ede03

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.111.243.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a03b82879978e975ed7444216a233d3354bae32fca28834a73eb85d3478acf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-store, must-revalidate
content-length: 633
content-type: text/html
date: Mon, 08 Apr 2024 20:19:39 GMT
etag: "1da85f5617e4fa3"
last-modified: Wed, 03 Apr 2024 18:33:11 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-buildversion: 24.4.10402.11320
x-machine: OMEXNODES000001__omexexternal-prod-weu-001_1
x-servicefabricrequestid: d9cdb5d5-bdc7-459a-ac50-cba8fd1a915b

Redirect headers

accept-ch: sec-ch-ua-platform-version
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 08 Apr 2024 20:19:39 GMT
expires: Mon, 08 Apr 2024 20:19:39 GMT
link: <https://wcpstatic.microsoft.com>;rel="preconnect",<https://bat.bing.com>;rel="preconnect"
location: https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_&corr=6df6816a-d6f5-19af-abe3-d06f4f0ede03
pragma: no-cache
server-timing: cdn-cache; desc=MISS edge; dur=9 origin; dur=6 ak_p; desc="1712607579184_388276630_2414691387_1518_12916_34_73_255";dur=1
strict-transport-security: max-age=31536000
x-buildversion: 24.4.10408.10003
x-machine: OMEXNODES000004__omexexternal-prod-weu-000_4
x-servicefabricrequestid: 0734737d-8208-4a69-a68c-44a39065bee5

GET
H2 200 main.e238e4a4c928c5e50fdc.js Show response
omex.cdn.office.net/omexrex/build/ 705 KB
201 KB 966ms
834ms Script
application/javascript 2a02:26f0:3500:11::215:14db
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://omex.cdn.office.net/omexrex/build/main.e238e4a4c928c5e50fdc.js
Requested by: Host: rex.microsoft365.com
URL: https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_&corr=6df6816a-d6f5-19af-abe3-d06f4f0ede03
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: dd0e9de31db52676d04d52e6ae47804f53d1bebce48694e8791c239d040715dc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rex.microsoft365.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 20:19:40 GMT
content-encoding: gzip
content-md5: DE+0wVQv1eQtPLtX3QeSVA==
aka-x-origin: omexcdncus.blob.core.windows.net, omexcdncus.blob.core.windows.net
x-ms-lease-status: unlocked
last-modified: Tue, 02 Apr 2024 13:28:07 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC5318BB9EDF27
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e83cd642-f01e-0023-0bcf-85b819000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-credentials: true
x-ms-version: 2009-09-19

GET
H2 200 202.a7d52ded8b2c11b18044.js Show response
omex.cdn.office.net/omexrex/build/ 69 KB
27 KB 551ms
549ms Script
application/javascript 2a02:26f0:3500:11::215:14db
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://omex.cdn.office.net/omexrex/build/202.a7d52ded8b2c11b18044.js
Requested by: Host: omex.cdn.office.net
URL: https://omex.cdn.office.net/omexrex/build/main.e238e4a4c928c5e50fdc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8f58cfdc5b5e18be8e847b0785ed7bc1b6c00ce883aab82fc769ee87729f2b66

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rex.microsoft365.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 20:19:42 GMT
content-encoding: gzip
content-md5: +5larv8434W6axxyxdm+Ag==
aka-x-origin: omexcdncus.blob.core.windows.net, omexcdncus.blob.core.windows.net
content-length: 27308
x-ms-lease-status: unlocked
last-modified: Wed, 02 Aug 2023 13:23:54 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DB935BB86093CC
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 44c11d06-401e-0031-7202-858c05000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-credentials: true
x-ms-version: 2009-09-19

GET
H2 200 201.17eb64404d820e4e57dc.js Show response
omex.cdn.office.net/omexrex/build/ 486 B
1003 B 468ms
467ms Script
application/javascript 2a02:26f0:3500:11::215:14db
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://omex.cdn.office.net/omexrex/build/201.17eb64404d820e4e57dc.js
Requested by: Host: omex.cdn.office.net
URL: https://omex.cdn.office.net/omexrex/build/main.e238e4a4c928c5e50fdc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 904b2d16553654c19fb5057f49dbc4ea5838e11ebfe0b5e29be5b4c3a2c3f51d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rex.microsoft365.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 20:19:42 GMT
last-modified: Wed, 18 Oct 2023 15:06:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: YFVbZVEfhTGhphZuLu8cCw==
etag: 0x8DBCFEBCB522BCD
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4b2f603f-201e-008b-256f-846c0c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
aka-x-origin: omexcdncus.blob.core.windows.net, omexcdncus.blob.core.windows.net
x-ms-version: 2009-09-19
access-control-allow-credentials: true
content-length: 486

GET
H2 200 experimentationContent Show response
rex.microsoft365.com/ 1 KB
2 KB 45ms
45ms XHR
application/json 52.111.243.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rex.microsoft365.com/experimentationContent?experimentId=presisuQ2&rexId=6df6816a-d6f5-19af-abe3-d06f4f0ede03&language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_&corr=6df6816a-d6f5-19af-abe3-d06f4f0ede03

Requested by

Host: omex.cdn.office.net
URL: https://omex.cdn.office.net/omexrex/build/main.e238e4a4c928c5e50fdc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.111.243.5 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

b658b14b83b4a13d276f0169e27636f2ca54e2e40cca19774537ad34ac90affd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_&corr=6df6816a-d6f5-19af-abe3-d06f4f0ede03
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 20:19:41 GMT
strict-transport-security: max-age=31536000
server: Microsoft-HTTPAPI/2.0
x-machine: OMEXNODES000003__omexexternal-prod-weu-001_3
x-servicefabricrequestid: b2849aea-94e1-4693-b053-714b38df1518
x-buildversion: 24.4.10402.11320
content-type: application/json; charset=utf-8

GET
H2 200 378.bfa7133227846bf12caf.js Show response
omex.cdn.office.net/omexrex/build/ 48 KB
14 KB 999ms
998ms Script
application/javascript 2a02:26f0:3500:11::215:14db
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://omex.cdn.office.net/omexrex/build/378.bfa7133227846bf12caf.js
Requested by: Host: omex.cdn.office.net
URL: https://omex.cdn.office.net/omexrex/build/main.e238e4a4c928c5e50fdc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7ddcb5ea16f4b0aa8f3aef8a3366d6f14d21cb1327385343924ab01fe92d38de

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rex.microsoft365.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 20:19:42 GMT
content-encoding: gzip
content-md5: VFgH93NpVERVcOdPHYS+0A==
aka-x-origin: omexcdncus.blob.core.windows.net, omexcdncus.blob.core.windows.net
content-length: 14014
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jan 2024 11:25:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC1CCF1ACE68F2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 83f28d7b-801e-0101-3c0d-85907a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-credentials: true
x-ms-version: 2009-09-19

GET
H2 200 432.7f2a0819c27adaafdcf2.js Show response
omex.cdn.office.net/omexrex/build/ 7 KB
2 KB 712ms
711ms Script
application/javascript 2a02:26f0:3500:11::215:14db
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://omex.cdn.office.net/omexrex/build/432.7f2a0819c27adaafdcf2.js
Requested by: Host: omex.cdn.office.net
URL: https://omex.cdn.office.net/omexrex/build/main.e238e4a4c928c5e50fdc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d5e1e190be03799122de8be9a8a1a96018abeb68714a13935ae35b3bcc1e1256

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rex.microsoft365.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 20:19:42 GMT
content-encoding: gzip
content-md5: 9+e5P1HlQu7/FVRGgA3ZGQ==
aka-x-origin: omexcdncus.blob.core.windows.net, omexcdncus.blob.core.windows.net
content-length: 1973
x-ms-lease-status: unlocked
last-modified: Fri, 08 Mar 2024 11:20:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC3F61BA96A096
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dc7c6a18-b01e-00e3-2bfa-87325d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-credentials: true
x-ms-version: 2009-09-19

GET
H2 200 One-account-all-of-Microsoft.png
omex.cdn.office.net/omexrexcontent/content/Images/ 115 KB
116 KB 567ms
566ms Image
image/png 2a02:26f0:3500:11::215:14db
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omex.cdn.office.net/omexrexcontent/content/Images/One-account-all-of-Microsoft.png
Requested by: Host: rex.microsoft365.com
URL: https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_&corr=6df6816a-d6f5-19af-abe3-d06f4f0ede03
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7ecc66adb3d0161796187cb83f930377e3b07a9890d5e9c57169c2ad2daa3143

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rex.microsoft365.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 20:19:43 GMT
content-md5: AVhxQ2WfMfZBeyHNTK1cLQ==
aka-x-origin: omexcdnweu.blob.core.windows.net, omexcdnweu.blob.core.windows.net
content-length: 118203
x-ms-lease-status: unlocked
last-modified: Mon, 08 Apr 2024 13:11:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC57CD77D24CAC
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 5b3aa5e7-301e-0052-71eb-89a39f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=180
access-control-allow-credentials: true
x-ms-version: 2009-09-19
expires: Mon, 08 Apr 2024 20:22:43 GMT

GET
H2 200 Already-use-Microsoft-products.png
omex.cdn.office.net/omexrexcontent/content/Images/ 130 KB
131 KB 476ms
475ms Image
image/png 2a02:26f0:3500:11::215:14db
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omex.cdn.office.net/omexrexcontent/content/Images/Already-use-Microsoft-products.png
Requested by: Host: rex.microsoft365.com
URL: https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_&corr=6df6816a-d6f5-19af-abe3-d06f4f0ede03
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d8d98dc19e1e58a4e496e55f12dadfedb36ce6bd3004739c5e580457ed930ca0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rex.microsoft365.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 20:19:43 GMT
content-md5: UI8g+43dnNs2z9Jikb8NzQ==
aka-x-origin: omexcdnweu.blob.core.windows.net, omexcdnweu.blob.core.windows.net
content-length: 133315
x-ms-lease-status: unlocked
last-modified: Mon, 08 Apr 2024 13:11:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC57CD77D75503
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 5ea29dfe-201e-003c-23eb-89f6b0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=180
access-control-allow-credentials: true
x-ms-version: 2009-09-19
expires: Mon, 08 Apr 2024 20:22:43 GMT

GET
H2 200 Sign-in-faster.png
omex.cdn.office.net/omexrexcontent/content/Images/ 93 KB
94 KB 476ms
476ms Image
image/png 2a02:26f0:3500:11::215:14db
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omex.cdn.office.net/omexrexcontent/content/Images/Sign-in-faster.png
Requested by: Host: rex.microsoft365.com
URL: https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_&corr=6df6816a-d6f5-19af-abe3-d06f4f0ede03
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0e37c356fa23a35f89c87319f2925e7dd473cc5ca6b20bcb95625a685a6d5466

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rex.microsoft365.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 20:19:43 GMT
content-md5: kj86WLsQ55hN4WOPDg5crQ==
aka-x-origin: omexcdnweu.blob.core.windows.net, omexcdnweu.blob.core.windows.net
content-length: 95329
x-ms-lease-status: unlocked
last-modified: Mon, 08 Apr 2024 13:11:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC57CD77D72DF4
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 785c7751-601e-0084-70d3-89ad76000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=170
access-control-allow-credentials: true
x-ms-version: 2009-09-19
expires: Mon, 08 Apr 2024 20:22:33 GMT

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 595a01259eae7aadc556bfee01a5e4ac2de2317876a12ad06e239e25abbca16b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ms365.ico
omex.cdn.office.net/omexrex/build/ 279 KB
279 KB 395ms
395ms Other
image/x-icon 2a02:26f0:3500:11::215:14db
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://omex.cdn.office.net/omexrex/build/ms365.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4b459f4f645ea3044747f1d9a0c0ac83c4754bf43246e95bfbe04519849286d6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rex.microsoft365.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 20:19:43 GMT
last-modified: Mon, 28 Aug 2023 14:51:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZzUKCOioiF6y8w9qGzbftg==
etag: 0x8DBA7D64DE20731
content-type: image/x-icon
access-control-allow-origin: *
x-ms-request-id: c4ced835-301e-0039-41c3-84021d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
aka-x-origin: omexcdnea.blob.core.windows.net, omexcdnweu.blob.core.windows.net
x-ms-version: 2009-09-19
access-control-allow-credentials: true
content-length: 285478

POST
H2 200 / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 24 B
294 B 656ms
265ms XHR
application/json 52.168.112.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2

Requested by

Host: omex.cdn.office.net
URL: https://omex.cdn.office.net/omexrex/build/202.a7d52ded8b2c11b18044.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.168.112.66 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

f8a95719f97006bd286f678a38eb1d7871ba84a84bef75c7107a78f2e17b0583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
upload-time: 1712607584295
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-3.2.12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://rex.microsoft365.com/
apikey: 52aa733641a74071af3215b68bb7c298-ba7c5b04-64b1-4f5f-82c5-5363c4d61c73-6922
Client-Id: NO_AUTH
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Apr 2024 20:19:45 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: 1065
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://rex.microsoft365.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
access-control-allow-headers: time-delta-millis
content-length: 24

OPTIONS
H2 200 /
browser.events.data.microsoft.com/OneCollector/1.0/ 0
0 596ms
234ms Preflight 52.168.112.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.168.112.66 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://rex.microsoft365.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin: https://rex.microsoft365.com
access-control-max-age: 3600
cache-control: public, 3600
content-length: 0
date: Mon, 08 Apr 2024 20:19:44 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
checkout.microsoft365.com/signin-oidc	1970-01-20 19:43:28	Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8Lt5CoSwdg1KlPFsbq7fsRypwoZY10hntuDh5162jo-ECLVvMhh5wp01CKlJ24UpGfW3aZFBs2Q6AAdtZYhLkpNvafUTnKkPiRvZNlG6-ZszFxC9p2ScwnmjJ0rqzhkoRUh_C3m49AwYiFJMro6sWwKysb4ytkQh5gfCnGJx4DSDvgQdh-ELH8EpFFcfMvTp6VCrgiLOBF00v1ibje-F4q9q4aArkZI0XBBbb8OpjyxtwhZTfcuVgBajs8cvasMPovUL6E2cozv5ulDFz5Kh1xs Value: N
checkout.microsoft365.com/signin-oidc	1970-01-20 19:43:28	Name: .AspNetCore.Correlation.vBqOEOQz5WUzdBDiDujMsAzvNox_AgbB8iEk-Fq_R8A Value: N
.microsoft.com/	1970-01-21 00:06:27	Name: AMCV_EA76ADE95776D2EC7F000101%40AdobeOrg Value: MCMID%7C39429014737628692473797869008414179327
.microsoft.com/	1969-12-31 23:59:59	Name: nlid Value: 5c0c835e\|599fd241
.microsoft365.com/	1970-01-20 19:43:31	Name: AKA_A2 Value: A

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
checkout.microsoft365.com
go.microsoft.com
omex.cdn.office.net
rex.microsoft365.com
t.infomail.microsoft.com
20.97.219.252
2a02:26f0:3500:11::215:14db
2a02:26f0:3500:58e::2c1a
2a02:26f0:3500:897::2af1
52.111.243.5
52.168.112.66
0e37c356fa23a35f89c87319f2925e7dd473cc5ca6b20bcb95625a685a6d5466
4b459f4f645ea3044747f1d9a0c0ac83c4754bf43246e95bfbe04519849286d6
595a01259eae7aadc556bfee01a5e4ac2de2317876a12ad06e239e25abbca16b
7ddcb5ea16f4b0aa8f3aef8a3366d6f14d21cb1327385343924ab01fe92d38de
7ecc66adb3d0161796187cb83f930377e3b07a9890d5e9c57169c2ad2daa3143
8f58cfdc5b5e18be8e847b0785ed7bc1b6c00ce883aab82fc769ee87729f2b66
904b2d16553654c19fb5057f49dbc4ea5838e11ebfe0b5e29be5b4c3a2c3f51d
a03b82879978e975ed7444216a233d3354bae32fca28834a73eb85d3478acf7e
b658b14b83b4a13d276f0169e27636f2ca54e2e40cca19774537ad34ac90affd
d5e1e190be03799122de8be9a8a1a96018abeb68714a13935ae35b3bcc1e1256
d8d98dc19e1e58a4e496e55f12dadfedb36ce6bd3004739c5e580457ed930ca0
dd0e9de31db52676d04d52e6ae47804f53d1bebce48694e8791c239d040715dc
f8a95719f97006bd286f678a38eb1d7871ba84a84bef75c7107a78f2e17b0583

rex.microsoft365.com Open in urlscan Pro 52.111.243.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

50 %IPv6

3 Domains

6 Subdomains

4 IPs

3 Countries

869 kBTransfer

1455 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

rex.microsoft365.com Open in urlscan Pro
52.111.243.5 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

6
Subdomains

4
IPs

3
Countries

869 kB
Transfer

1455 kB
Size

5
Cookies

13 HTTP transactions
1 data transactions