rex.microsoft365.com
Open in
urlscan Pro
52.111.243.5
Public Scan
Effective URL: https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmm...
Submission: On April 08 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on January 30th 2024. Valid for: a year.
This is the only time rex.microsoft365.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 20.97.219.252 20.97.219.252 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2a02:26f0:350... 2a02:26f0:3500:58e::2c1a | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 2a02:26f0:350... 2a02:26f0:3500:897::2af1 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 52.111.243.5 52.111.243.5 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
9 | 2a02:26f0:350... 2a02:26f0:3500:11::215:14db | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 52.168.112.66 52.168.112.66 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
13 | 4 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.infomail.microsoft.com |
ASN20940 (AKAMAI-ASN1, NL)
checkout.microsoft365.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rex.microsoft365.com |
ASN20940 (AKAMAI-ASN1, NL)
omex.cdn.office.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
office.net
omex.cdn.office.net — Cisco Umbrella Rank: 4897 |
866 KB |
4 |
microsoft.com
2 redirects
t.infomail.microsoft.com — Cisco Umbrella Rank: 526690 go.microsoft.com — Cisco Umbrella Rank: 196 browser.events.data.microsoft.com — Cisco Umbrella Rank: 291 |
2 KB |
3 |
microsoft365.com
1 redirects
checkout.microsoft365.com — Cisco Umbrella Rank: 220579 rex.microsoft365.com |
4 KB |
13 | 3 |
Domain | Requested by | |
---|---|---|
9 | omex.cdn.office.net |
rex.microsoft365.com
omex.cdn.office.net |
2 | browser.events.data.microsoft.com |
omex.cdn.office.net
|
2 | rex.microsoft365.com |
omex.cdn.office.net
|
1 | checkout.microsoft365.com | 1 redirects |
1 | go.microsoft.com | 1 redirects |
1 | t.infomail.microsoft.com | 1 redirects |
13 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
checkout.microsoft365.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rex.microsoft365.com Microsoft Azure RSA TLS Issuing CA 07 |
2024-01-30 - 2025-01-24 |
a year | crt.sh |
contentstorage.omex.office.net DigiCert SHA2 Secure Server CA |
2023-07-24 - 2024-07-24 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 04 |
2023-12-31 - 2024-12-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_&corr=6df6816a-d6f5-19af-abe3-d06f4f0ede03
Frame ID: D93D065DC7D98F2B71DB9357D4463A23
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Microsoft 365 CheckoutPage URL History Show full URLs
-
https://t.infomail.microsoft.com/r/?id=h5c0c835e,599fd241,599fd348&e=b2NpZD0&s=nd-viXZFz3eA3ka6Cz6PwBlVeDT0zB...
HTTP 302
https://go.microsoft.com/fwlink/?linkid=2223312&ocid=cmmu9evb53t&CLRTags=c_udf~$~CTA1~$$~c_cmp~$~cont... HTTP 302
https://checkout.microsoft365.com/acquire/purchase?language=en-US&market=US&requestedDuration=month&scenario=m... HTTP 302
https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsof... Page URL
Detected technologies
Cart Functionality (Ecommerce) ExpandDetected patterns
- <a[^>]*href=[^>]*/Checkout
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Sign in to continue
Search URL Search Domain Scan URL
Title: Privacy statement
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://t.infomail.microsoft.com/r/?id=h5c0c835e,599fd241,599fd348&e=b2NpZD0&s=nd-viXZFz3eA3ka6Cz6PwBlVeDT0zBp5qUDiB-cjpaY
HTTP 302
https://go.microsoft.com/fwlink/?linkid=2223312&ocid=cmmu9evb53t&CLRTags=c_udf~$~CTA1~$$~c_cmp~$~contentblock_4411556-EmailHero~$$~c_type~$~CTAButton~$$~c_pos~$~83A_~_CLRTags_~_&ocid= HTTP 302
https://checkout.microsoft365.com/acquire/purchase?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_ HTTP 302
https://rex.microsoft365.com/presisuQ2?language=en-US&market=US&requestedDuration=month&scenario=microsoft-365-basic&ocid=cmmu9evb53t&CLRTags=c_udf%7E%24%7ECTA1%7E%24%24%7Ec_cmp%7E%24%7Econtentblock_4411556-EmailHero%7E%24%24%7Ec_type%7E%24%7ECTAButton%7E%24%24%7Ec_pos%7E%24%7E83A_%7E_CLRTags_%7E_&corr=6df6816a-d6f5-19af-abe3-d06f4f0ede03 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
presisuQ2
rex.microsoft365.com/ Redirect Chain
|
633 B 961 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.e238e4a4c928c5e50fdc.js
omex.cdn.office.net/omexrex/build/ |
705 KB 201 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
202.a7d52ded8b2c11b18044.js
omex.cdn.office.net/omexrex/build/ |
69 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
201.17eb64404d820e4e57dc.js
omex.cdn.office.net/omexrex/build/ |
486 B 1003 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
experimentationContent
rex.microsoft365.com/ |
1 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
378.bfa7133227846bf12caf.js
omex.cdn.office.net/omexrex/build/ |
48 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
432.7f2a0819c27adaafdcf2.js
omex.cdn.office.net/omexrex/build/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
One-account-all-of-Microsoft.png
omex.cdn.office.net/omexrexcontent/content/Images/ |
115 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Already-use-Microsoft-products.png
omex.cdn.office.net/omexrexcontent/content/Images/ |
130 KB 131 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Sign-in-faster.png
omex.cdn.office.net/omexrexcontent/content/Images/ |
93 KB 94 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms365.ico
omex.cdn.office.net/omexrex/build/ |
279 KB 279 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
24 B 294 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunkomexrex object| regeneratorRuntime object| __keyborgData object| __keyborg object| __dynProto$Gbl5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
checkout.microsoft365.com/signin-oidc | Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8Lt5CoSwdg1KlPFsbq7fsRypwoZY10hntuDh5162jo-ECLVvMhh5wp01CKlJ24UpGfW3aZFBs2Q6AAdtZYhLkpNvafUTnKkPiRvZNlG6-ZszFxC9p2ScwnmjJ0rqzhkoRUh_C3m49AwYiFJMro6sWwKysb4ytkQh5gfCnGJx4DSDvgQdh-ELH8EpFFcfMvTp6VCrgiLOBF00v1ibje-F4q9q4aArkZI0XBBbb8OpjyxtwhZTfcuVgBajs8cvasMPovUL6E2cozv5ulDFz5Kh1xs Value: N |
|
checkout.microsoft365.com/signin-oidc | Name: .AspNetCore.Correlation.vBqOEOQz5WUzdBDiDujMsAzvNox_AgbB8iEk-Fq_R8A Value: N |
|
.microsoft.com/ | Name: AMCV_EA76ADE95776D2EC7F000101%40AdobeOrg Value: MCMID%7C39429014737628692473797869008414179327 |
|
.microsoft.com/ | Name: nlid Value: 5c0c835e|599fd241 |
|
.microsoft365.com/ | Name: AKA_A2 Value: A |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
browser.events.data.microsoft.com
checkout.microsoft365.com
go.microsoft.com
omex.cdn.office.net
rex.microsoft365.com
t.infomail.microsoft.com
20.97.219.252
2a02:26f0:3500:11::215:14db
2a02:26f0:3500:58e::2c1a
2a02:26f0:3500:897::2af1
52.111.243.5
52.168.112.66
0e37c356fa23a35f89c87319f2925e7dd473cc5ca6b20bcb95625a685a6d5466
4b459f4f645ea3044747f1d9a0c0ac83c4754bf43246e95bfbe04519849286d6
595a01259eae7aadc556bfee01a5e4ac2de2317876a12ad06e239e25abbca16b
7ddcb5ea16f4b0aa8f3aef8a3366d6f14d21cb1327385343924ab01fe92d38de
7ecc66adb3d0161796187cb83f930377e3b07a9890d5e9c57169c2ad2daa3143
8f58cfdc5b5e18be8e847b0785ed7bc1b6c00ce883aab82fc769ee87729f2b66
904b2d16553654c19fb5057f49dbc4ea5838e11ebfe0b5e29be5b4c3a2c3f51d
a03b82879978e975ed7444216a233d3354bae32fca28834a73eb85d3478acf7e
b658b14b83b4a13d276f0169e27636f2ca54e2e40cca19774537ad34ac90affd
d5e1e190be03799122de8be9a8a1a96018abeb68714a13935ae35b3bcc1e1256
d8d98dc19e1e58a4e496e55f12dadfedb36ce6bd3004739c5e580457ed930ca0
dd0e9de31db52676d04d52e6ae47804f53d1bebce48694e8791c239d040715dc
f8a95719f97006bd286f678a38eb1d7871ba84a84bef75c7107a78f2e17b0583