urlscan.io logo urlscan.io
SecurityTrails logo

www.torrentscanner.co Open in urlscan Pro
2606:4700:3037::ac43:9c53  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.adaware.com/bs/uninstall.php?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6...
Effective URL: https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&P...
Submission: On December 15 via manual from PT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3037::ac43:9c53, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.torrentscanner.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.
This is the only time www.torrentscanner.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.16.235.79 13335 (CLOUDFLAR...)
1 1 104.16.236.79 13335 (CLOUDFLAR...)
2 7 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2620:1ec:a92:... 8068 (MICROSOFT...)
11 92.123.77.19 20940 (AKAMAI-ASN1)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2620:1ec:4e:1... 8075 (MICROSOFT...)
6 20.189.173.10 8075 (MICROSOFT...)
27 7
1    104.16.235.79 (None, )

ASN13335 (CLOUDFLARENET, US)
www.adaware.com
1    104.16.236.79 (None, )

ASN13335 (CLOUDFLARENET, US)
www.adaware.com
7    2606:4700:3037::ac43:9c53 (United States)

ASN13335 (CLOUDFLARENET, US)
torrentscanner.co
www.torrentscanner.co
1    2606:4700:3036::6815:20e5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.torrentscanner.co
3    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
11    92.123.77.19 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-77-19.deploy.static.akamaitechnologies.com
cdn.forms.office.net
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
6    20.189.173.10 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
11 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8402
339 KB
8 torrentscanner.co
torrentscanner.co
www.torrentscanner.co
1 MB
6 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 252
3 KB
5 office.com
forms.office.com — Cisco Umbrella Rank: 5879
c.office.com — Cisco Umbrella Rank: 22700
20 KB
2 adaware.com
www.adaware.com
854 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1649
61 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 255
661 B
27 7
Domain Requested by
11 cdn.forms.office.net forms.office.com
cdn.forms.office.net
7 www.torrentscanner.co 2 redirects www.torrentscanner.co
6 browser.events.data.microsoft.com js.monitor.azure.com
cdn.forms.office.net
3 forms.office.com www.torrentscanner.co
forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects forms.office.com
2 www.adaware.com 2 redirects
1 js.monitor.azure.com cdn.forms.office.net
1 c.bing.com 1 redirects
1 torrentscanner.co 1 redirects
27 9

This site contains links to these domains. Also see Links.

Domain
www.adaware.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2022-07-20 -
2023-07-15		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2022-09-24 -
2023-09-19		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-12-07 -
2023-12-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb
Frame ID: EA8F46F3F6E3B0DE8E510732A083EE21
Requests: 5 HTTP requests in this frame

Frame: https://forms.office.com/pages/responsepage.aspx?id=_b96hxOif0eSxRSrbE4jRxkVRMubrFJFgQPtdniM8HhUNjBSTzBWTENUVlBFTkpRWEMxSjVBSlFCNC4u
Frame ID: 631A8E01353DB656924676F725BFD289
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Uninstall Torrent Scanner

Page URL History Show full URLs

  1. https://www.adaware.com/bs/uninstall.php?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b... HTTP 301
    http://www.adaware.com/bs/uninstall?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-47... HTTP 302
    https://torrentscanner.co/uninstall?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-... HTTP 301
    https://www.torrentscanner.co/uninstall?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-... HTTP 301
    http://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b... HTTP 301
    https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

27
Requests

96 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

7
IPs

4
Countries

1545 kB
Transfer

2556 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.adaware.com/bs/uninstall.php?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb HTTP 301
    http://www.adaware.com/bs/uninstall?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb HTTP 302
    https://torrentscanner.co/uninstall?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb HTTP 301
    https://www.torrentscanner.co/uninstall?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb HTTP 301
    http://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb HTTP 301
    https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=B8CE9870DFD641B1A5DCBEDC03AFC1DC&RedC=c.office.com&MXFR=23BC2F1D910261400B653D6695026ABC HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=B8CE9870DFD641B1A5DCBEDC03AFC1DC&MUID=23BC2F1D910261400B653D6695026ABC

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.torrentscanner.co/uninstall/
Redirect Chain
  • https://www.adaware.com/bs/uninstall.php?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnope...
  • http://www.adaware.com/bs/uninstall?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhj...
  • https://torrentscanner.co/uninstall?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhj...
  • https://www.torrentscanner.co/uninstall?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopeg...
  • http://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopeg...
  • https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnope...
1 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9c53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
768b9c943ff9cc28c64b56316949e6af85775646fadaba82e1f22ebb625bc34e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
779ee3c19e619a15-FRA
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 11:37:51 GMT
last-modified
Tue, 08 Nov 2022 20:42:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAh8Zc6beESpO58K0bDxMTjkN6NBrssupywbksUTWr9AF8aPvZDiD5DsRySpPAdPH3BvlF1T9lXXyuHFnsH%2BfzmTCQuvmnq4IQxIYu%2FJaLC4ySj%2B9%2Bwzq6nAHqBqE5qX3CEdl1bZRyb9oWodzBoa9LDAxKY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
779ee3c14957927d-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 15 Dec 2022 11:37:51 GMT
Expires
Thu, 15 Dec 2022 12:37:51 GMT
Location
https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpKxbLtwde2aE%2FcVMA3ixKnXcbRjURNtkMs73PGv%2F3SZlGhfGpd7mxUNBU4gqOTUVxAbM45BO0Lcub%2Bqnx0oRatLvVJ8t2SGDMu5tL%2Fiz8SZHcK4SvKGa0U4XZNY2pS5J427w%2FfomH58tiKwGt69%2BA05qr4%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.css
www.torrentscanner.co/uninstall/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.torrentscanner.co/uninstall/css/bootstrap.min.css
Requested by
Host: www.torrentscanner.co
URL: https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9c53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 11:37:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Nov 2022 20:42:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5942
etag
W/"636abf47-1da71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMfHW7msvxGwSwCGTngbR3Fttgjx%2BFilwGv15j%2FTVtI%2BHraQUfsLhvHjkzTvnObuVpyKGSOtv9FeYuIreEN%2BNoelPhuzKwkuaasiQQJqKG%2BZasklhhaxYmf027euo%2BFPforUhU8NpaLhFEmp0jnJBz0WFRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
779ee3c25c89cadd-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
custom.css
www.torrentscanner.co/uninstall/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.torrentscanner.co/uninstall/css/custom.css
Requested by
Host: www.torrentscanner.co
URL: https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9c53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b208d88afc4bef34253e31442399fca6d5468f4b71d8c5ce47bb093454622bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 11:37:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5942
cf-polished
origSize=2144
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Nov 2022 20:42:47 GMT
server
cloudflare
etag
W/"636abf47-860"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCNXjX95qdgzF6TgH6BHFToVUtR0Bcswv3fUNlmGOyuaVG0gi7q%2BqrAbuhGSLSLCnBN76pzfpGqO5kvGRIF0Nvy9E7UKsG%2Ba8USySwFsbzuiCM5RXGiarEW1GDSh6c1iGyQtBXCCoVkK1rE9GeP3s8QS%2BAo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
779ee3c25c8dcadd-DUS
logo.svg
www.torrentscanner.co/uninstall/imgs/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.torrentscanner.co/uninstall/imgs/logo.svg
Requested by
Host: www.torrentscanner.co
URL: https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9c53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3646e0dd8fcea6ceab3183923c2ddf94f11b9a7ed1ba05a8b4dd61a7c1ddec0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 11:37:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Nov 2022 20:42:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5942
etag
W/"636abf47-239f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1rgoGTCptZDVO5OXdnANOOqcIf1Kv3U01%2BOZWBAseoRKgdBbIoGzDVUsbuAFa27Ll8vO7aencMqFcfbWPJGD9%2FIku6FbESwTeI%2FCMmTRX2Y7v%2F97qxKi0T6eKeWD7n46BLcOElBnS4sZCNz4UqksQq416w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
779ee3c27cc1cadd-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
responsepage.aspx
forms.office.com/pages/ Frame 631A 		55 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=_b96hxOif0eSxRSrbE4jRxkVRMubrFJFgQPtdniM8HhUNjBSTzBWTENUVlBFTkpRWEMxSjVBSlFCNC4u
Requested by
Host: www.torrentscanner.co
URL: https://www.torrentscanner.co/uninstall/?InstallDate=2022-10-31T20:39:44.437Z&InstallId=dc53be67-96b4-475b-88f3-ff46fec6efd5&PartnerID=&sourceTraffic=&CampaignID=&CLID=&OfferID=&extensionID=aegnopegbbhjeeiganiajffnalhlkkjb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
da43081d86a7e6b4d98260f6231a9edc2c5f3955ad222d69354dc0fa31b115a2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.torrentscanner.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 11:37:51 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
6c7f4191-0e7a-475d-9133-5306ae75e124
x-msedge-ref
Ref A: 8D934F96D8E04579A40B4A4EF91320E4 Ref B: AMS231032602047 Ref C: 2022-12-15T11:37:51Z
x-officecluster
weu-100.forms.office.com
x-officefe
FormsSingleBox_IN_11
x-officeversion
16.0.16012.42500
x-robots-tag
noindex, nofollow
x-routingcorrelationid
6c7f4191-0e7a-475d-9133-5306ae75e124
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_11
x-routingofficeversion
16.0.16012.42500
x-routingsessionid
b65f0ba3-2202-4dfd-afe7-4f31eef4c52d
x-usersessionid
b65f0ba3-2202-4dfd-afe7-4f31eef4c52d
site-bg.png
www.torrentscanner.co/uninstall/imgs/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.torrentscanner.co/uninstall/imgs/site-bg.png
Requested by
Host: www.torrentscanner.co
URL: https://www.torrentscanner.co/uninstall/css/custom.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9c53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
713ddac50f3fc06c14f11a7bf7b98151b771f972bc68680f81c44a04660e242f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.torrentscanner.co/uninstall/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 11:37:51 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Nov 2022 20:42:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5940
etag
"636abf47-110f89"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZguFFsNfTX7IflMDZgiR%2FWElTM3in4TCuXLdXk4Q8jkOaHLyylP6YkZI2APZI12UsOIVyjLHRX%2FQJAYPCdaLFjUDy3%2BlVzKEKDWNMBbfv4dHxlNQShbzFNi4jpbZgmWXJz7c6%2Fd0w9MxinqPkT0wpPW2Yc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
779ee3c2bd43cadd-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1118089
ls-response.de.0e0d37ad3.js
cdn.forms.office.net/forms/scripts/dists/ Frame 631A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.0e0d37ad3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=_b96hxOif0eSxRSrbE4jRxkVRMubrFJFgQPtdniM8HhUNjBSTzBWTENUVlBFTkpRWEMxSjVBSlFCNC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.77.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-77-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
578b3f9c787a57bfe610ae2ba51a6f703e0a7fc99be736a00c3d931ee26445d6

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 11:37:51 GMT
content-encoding
br
content-md5
HUXJvt5trUTdm0VHWcr0VA==
content-length
9942
x-ms-lease-status
unlocked
last-modified
Fri, 09 Dec 2022 07:23:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAD9B637CEC33D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
08dcd1a9-401e-0001-11a3-0ba804000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 15 Dec 2023 11:37:51 GMT
light-response-page.min.9012131.css
cdn.forms.office.net/forms/css/dist/ Frame 631A 		149 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.9012131.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=_b96hxOif0eSxRSrbE4jRxkVRMubrFJFgQPtdniM8HhUNjBSTzBWTENUVlBFTkpRWEMxSjVBSlFCNC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.77.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-77-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ac0b2cb467eba65bf09d50816a3f475d6102fb007110f36e843f5f0d4cb67489

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 11:37:51 GMT
content-encoding
br
content-md5
bbSTrSwpGxW8SuOaxmxQ6g==
content-length
24408
x-ms-lease-status
unlocked
last-modified
Fri, 09 Dec 2022 07:22:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAD9B61BC5C9E3
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7ad0dbf3-d01e-0062-48a3-0bee21000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 15 Dec 2023 11:37:51 GMT
light-response-page.min.65a6828.js
cdn.forms.office.net/forms/scripts/dists/ Frame 631A 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.65a6828.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=_b96hxOif0eSxRSrbE4jRxkVRMubrFJFgQPtdniM8HhUNjBSTzBWTENUVlBFTkpRWEMxSjVBSlFCNC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.77.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-77-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd2dac1356e39fa218128722cb05ade98c92bff259abd7f10bc5ddf98fbc7e59

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 11:37:51 GMT
content-encoding
br
content-md5
A1wXDhNMYXIFKa3Xm2pQuQ==
content-length
88367
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 03:21:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DADD82535DFD5B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
068069c7-401e-004e-3783-0f6c1c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 15 Dec 2023 11:37:51 GMT
runtimeFormsWithResponses('_b96hxOif0eSxRSrbE4jRxkVRMubrFJFgQPtdniM8HhUNjBSTzBWTENUVlBFTkpRWEMxSjVBSlFCNC4u')
forms.office.com/formapi/api/877abffd-a213-477f-92c5-14ab6c4e2347/users/cb441519-ac9b-4552-8103-ed76788cf078/light/ Frame 631A 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/877abffd-a213-477f-92c5-14ab6c4e2347/users/cb441519-ac9b-4552-8103-ed76788cf078/light/runtimeFormsWithResponses('_b96hxOif0eSxRSrbE4jRxkVRMubrFJFgQPtdniM8HhUNjBSTzBWTENUVlBFTkpRWEMxSjVBSlFCNC4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=_b96hxOif0eSxRSrbE4jRxkVRMubrFJFgQPtdniM8HhUNjBSTzBWTENUVlBFTkpRWEMxSjVBSlFCNC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0b813301c3f94696600684ea73ec4ea848d36a4df96127a17d01ff658a04583f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=_b96hxOif0eSxRSrbE4jRxkVRMubrFJFgQPtdniM8HhUNjBSTzBWTENUVlBFTkpRWEMxSjVBSlFCNC4u
X-UserSessionId
b65f0ba3-2202-4dfd-afe7-4f31eef4c52d
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
X_ACgwiqj-x3158dKj05PVe_54HReqJJWhAsEtvtP5AY4LlRiltZPV7ACOBsufTkLQXyUXA53QrXqzefojDsJVn1wilj_CTxPZPnFB4Sz-o1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Thu, 15 Dec 2022 11:37:51 GMT
x-officeversion
16.0.16010.42500
x-officefe
FormsSingleBox_IN_6
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_12
x-routingofficeversion
16.0.16010.42500
x-correlationid
7e6c712b-88b0-47a0-ac48-5cfb19caf16f
x-officecluster
frc-100.forms.office.com
x-usersessionid
b65f0ba3-2202-4dfd-afe7-4f31eef4c52d
x-msedge-ref
Ref A: F0250163EBD84C369B552149235F2223 Ref B: AMS231032602047 Ref C: 2022-12-15T11:37:51Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
7e6c712b-88b0-47a0-ac48-5cfb19caf16f
x-routingsessionid
b65f0ba3-2202-4dfd-afe7-4f31eef4c52d
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-100.forms.office.com
light-response-page.chunk.lrp_ext.31deb99.js
cdn.forms.office.net/forms/scripts/dists/ Frame 631A 		0
59 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.31deb99.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.65a6828.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.77.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-77-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 11:37:52 GMT
content-encoding
br
content-md5
4awVP+NTsetXj7MtmjWRag==
content-length
59483
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 03:21:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DADD82535C9E05
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3b3da17a-b01e-0072-2683-0fd8c7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 15 Dec 2023 11:37:52 GMT
light-response-page.chunk.lrp_cover.a478b64.js
cdn.forms.office.net/forms/scripts/dists/ Frame 631A 		0
33 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.a478b64.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.65a6828.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.77.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-77-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 11:37:52 GMT
content-encoding
br
content-md5
dJzAI+LdO35abwUQVuJBSA==
content-length
33118
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 03:21:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DADD82531F9E61
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0f3dbd00-801e-0053-4e83-0fb5f6000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 15 Dec 2023 11:37:52 GMT
light-response-page.chunk.lrp_post.boot.541a6ff.js
cdn.forms.office.net/forms/scripts/dists/ Frame 631A 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.541a6ff.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.65a6828.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.77.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-77-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 11:37:52 GMT
content-encoding
br
content-md5
LvuXVBommdd4B1m1sIugzQ==
content-length
4318
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 03:21:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DADD8253599141
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ba55ac35-001e-0049-0783-0f9a99000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 15 Dec 2023 11:37:52 GMT
light-response-page.chunk.lrp_ext.31deb99.js
cdn.forms.office.net/forms/scripts/dists/ Frame 631A 		192 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.31deb99.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.65a6828.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.77.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-77-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2bee821816e5ceb718dabd43fd0363d6b843fad81df4bc67e754267c0b70c2ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 11:37:52 GMT
content-encoding
br
content-md5
4awVP+NTsetXj7MtmjWRag==
content-length
59483
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 03:21:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DADD82535C9E05
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3b3da17a-b01e-0072-2683-0fd8c7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 15 Dec 2023 11:37:52 GMT
light-response-page.chunk.themes.a6d0022.js
cdn.forms.office.net/forms/scripts/dists/ Frame 631A 		307 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.themes.a6d0022.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.65a6828.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.77.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-77-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
beb2188a3f414564db1475de069b1576b63c8b0c7d1c9a3c9ae77fb6dede7e35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 11:37:52 GMT
content-encoding
br
content-md5
zDPPeV3yUcQh/Y95+scOCQ==
content-length
27575
x-ms-lease-status
unlocked
last-modified
Tue, 18 Oct 2022 04:52:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB0C49D232F74
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fabfcbd7-601e-001d-53bf-e27013000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 15 Dec 2023 11:37:52 GMT
light-response-page.chunk.lrp_post.boot.541a6ff.js
cdn.forms.office.net/forms/scripts/dists/ Frame 631A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.541a6ff.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.65a6828.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.77.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-77-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5b3fee88d0e457bc5bd9b30e194330e1a077059cf4908c0c2cb8d0b2f849ba12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 11:37:52 GMT
content-encoding
br
content-md5
LvuXVBommdd4B1m1sIugzQ==
content-length
4318
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 03:21:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DADD8253599141
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ba55ac35-001e-0049-0783-0f9a99000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 15 Dec 2023 11:37:52 GMT
light-response-page.chunk.sw.d097b04.js
cdn.forms.office.net/forms/scripts/dists/ Frame 631A 		953 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.d097b04.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.65a6828.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.77.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-77-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c0bc4f76140d38f7af2ec7f7404a74986432a90b064b3f5cdcb345a823fa8849

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 11:37:52 GMT
content-encoding
br
content-md5
GvoLGffUcLQSN9mg/eBbkw==
content-length
412
x-ms-lease-status
unlocked
last-modified
Sat, 08 Oct 2022 03:26:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAA8DCEC408DD6
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0ab1bca2-401e-0023-4ed7-dac632000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 15 Dec 2023 11:37:52 GMT
light-response-page.chunk.1ds.4a73f96.js
cdn.forms.office.net/forms/scripts/dists/ Frame 631A 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.4a73f96.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.65a6828.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.77.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-77-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a0cf31cc9ddf8348275247ba3436aea3219946138476e7921c21fbce79675ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 11:37:52 GMT
content-encoding
br
content-md5
GsKp5CfkVSci/cTjnUW9Qw==
content-length
30105
x-ms-lease-status
unlocked
last-modified
Fri, 28 Oct 2022 04:14:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB89AE1D68FA7
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
861991fe-701e-0046-1691-ea776f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 15 Dec 2023 11:37:52 GMT
c.gif
c.office.com/ Frame 631A
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=B8CE9870DFD641B1A5DCBEDC03AFC1DC&RedC=c.office.com&MXFR=23BC2F1D910261400B653D6695026ABC
  • https://c.office.com/c.gif?CtsSyncId=B8CE9870DFD641B1A5DCBEDC03AFC1DC&MUID=23BC2F1D910261400B653D6695026ABC
42 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=B8CE9870DFD641B1A5DCBEDC03AFC1DC&MUID=23BC2F1D910261400B653D6695026ABC
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=_b96hxOif0eSxRSrbE4jRxkVRMubrFJFgQPtdniM8HhUNjBSTzBWTENUVlBFTkpRWEMxSjVBSlFCNC4u
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 11:37:52 GMT
last-modified
Mon, 12 Dec 2022 18:28:34 GMT
server
Microsoft-IIS/10.0
etag
"ea79178b57ed91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 11:37:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 849AD6A27F5B47DFA00F4947619A1731 Ref B: FRAEDGE1820 Ref C: 2022-12-15T11:37:52Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=B8CE9870DFD641B1A5DCBEDC03AFC1DC&MUID=23BC2F1D910261400B653D6695026ABC
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
'de'
forms.office.com/formapi/api/877abffd-a213-477f-92c5-14ab6c4e2347/users/cb441519-ac9b-4552-8103-ed76788cf078/forms('_b96hxOif0eSxRSrbE4jRxkVRMubrFJFgQPtdniM8HhUNjBSTzBWTENUVlBFTkpRWEMxSjVBSlFCNC4u'... Frame 631A 		2 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/877abffd-a213-477f-92c5-14ab6c4e2347/users/cb441519-ac9b-4552-8103-ed76788cf078/forms('_b96hxOif0eSxRSrbE4jRxkVRMubrFJFgQPtdniM8HhUNjBSTzBWTENUVlBFTkpRWEMxSjVBSlFCNC4u')/localeResource/'de'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.31deb99.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
501a7c2e-fab1-4a75-979c-9e215f22a01a
x-usersessionid
b65f0ba3-2202-4dfd-afe7-4f31eef4c52d
x-ms-form-request-ring
business
accept-language
de-DE,de;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=_b96hxOif0eSxRSrbE4jRxkVRMubrFJFgQPtdniM8HhUNjBSTzBWTENUVlBFTkpRWEMxSjVBSlFCNC4u
x-ms-form-request-source
ms-formweb
__requestverificationtoken
X_ACgwiqj-x3158dKj05PVe_54HReqJJWhAsEtvtP5AY4LlRiltZPV7ACOBsufTkLQXyUXA53QrXqzefojDsJVn1wilj_CTxPZPnFB4Sz-o1

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Thu, 15 Dec 2022 11:37:51 GMT
x-officeversion
16.0.16010.42500
x-officefe
FormsSingleBox_IN_6
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_11, FormsSingleBox_IN_13
x-routingofficeversion
16.0.16010.42500, 16.0.16010.42500
x-correlationid
501a7c2e-fab1-4a75-979c-9e215f22a01a
x-officecluster
frc-100.forms.office.com
x-usersessionid
b65f0ba3-2202-4dfd-afe7-4f31eef4c52d
x-msedge-ref
Ref A: C19ECA8056CA46D5AE5CB135FA3A61A8 Ref B: AMS231032602047 Ref C: 2022-12-15T11:37:52Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
501a7c2e-fab1-4a75-979c-9e215f22a01a
x-routingsessionid
b65f0ba3-2202-4dfd-afe7-4f31eef4c52d
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-101.forms.office.com, frc-100.forms.office.com
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ Frame 631A 		179 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.541a6ff.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cacd215430aa66f1391abd136f23ddb729b3fe44c6385a43b62d7a9e8479ea03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 11:37:52 GMT
content-encoding
br
x-azure-ref-originshield
0fwabYwAAAADVogMhKFS0QouItQcrgzcsRlJBMjMxMDUwNDE4MDM1AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
yrkf9GZ1Xvz6HYOCdF/nTw==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.2.8
last-modified
Wed, 02 Nov 2022 19:31:15 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.8.min.js
etag
0x8DABD08CF2EB3C0
x-azure-ref
0EAebYwAAAAA25RvB3rTYTZ4JaTgiWn0jRlJBMzFFREdFMDkxMgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
1561a2b0-801e-00c6-1976-10e6c3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
truncated
/ Frame 631A 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Referer
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 631A 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
91046047070419edae0534234795e5e5fec697131aa2943b55a0a189d37941a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1671104273343
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 15 Dec 2022 11:37:53 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
1247
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 15 Dec 2022 11:37:53 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 631A 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.4a73f96.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c41fa0bddcca869efb7c9f0efca29fb862d2c5eb68a53a0e8fa6ebc3150cff1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1671104274445
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 15 Dec 2022 11:37:54 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
302
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 15 Dec 2022 11:37:54 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 631A 		153 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
18792aedb4162738cb0be01cce8ca7582ec94137ffac451dab36e22b0dd70bfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1671104274679
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
time-delta-to-apply-millis
1247
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 15 Dec 2022 11:37:54 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
239
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 15 Dec 2022 11:37:54 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange

11 Cookies

Domain/Path Name / Value
forms.office.com/ Name: __RequestVerificationToken
Value: oakqCZRuiVdLvCr2in6qv2NCIuBjV13ufQiqMlpZUSIOvmns00IU3_eRQ20O4yh4CiDi9IfVj_RgxOrkaUxd8Ni2CEul85CQl-kOlpJ6j9g1
.office.com/ Name: MUID
Value: 23BC2F1D910261400B653D6695026ABC
forms.office.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: cd5e48e3-e284-465e-9cd4-97853dee15ae
forms.office.com/ Name: ai_session
Value: o44P0jovRkozvA2RlZC5qd|1671104272335|1671104272335
.bing.com/ Name: MUID
Value: 23BC2F1D910261400B653D6695026ABC
.c.bing.com/ Name: SRM_B
Value: 23BC2F1D910261400B653D6695026ABC
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: ANONCHK
Value: 0
forms.office.com/ Name: MSFPC
Value: GUID=a07911e119734941bb55f6d135396be0&HASH=a079&LV=202212&V=4&LU=1671104274590
.microsoft.com/ Name: MC1
Value: GUID=d3c0a4613488455a845db08ef32e6c28&HASH=d3c0&LV=202212&V=4&LU=1671104274747
.microsoft.com/ Name: MS0
Value: ec122170d98a44af8b6ed1d84f27fdbb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
js.monitor.azure.com
torrentscanner.co
www.adaware.com
www.torrentscanner.co
104.16.235.79
104.16.236.79
20.189.173.10
20.234.93.27
2606:4700:3036::6815:20e5
2606:4700:3037::ac43:9c53
2620:1ec:4e:1::45
2620:1ec:a92::194
2620:1ec:c11::200
92.123.77.19
0b813301c3f94696600684ea73ec4ea848d36a4df96127a17d01ff658a04583f
18792aedb4162738cb0be01cce8ca7582ec94137ffac451dab36e22b0dd70bfc
2bee821816e5ceb718dabd43fd0363d6b843fad81df4bc67e754267c0b70c2ff
3646e0dd8fcea6ceab3183923c2ddf94f11b9a7ed1ba05a8b4dd61a7c1ddec0a
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
578b3f9c787a57bfe610ae2ba51a6f703e0a7fc99be736a00c3d931ee26445d6
5b3fee88d0e457bc5bd9b30e194330e1a077059cf4908c0c2cb8d0b2f849ba12
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
713ddac50f3fc06c14f11a7bf7b98151b771f972bc68680f81c44a04660e242f
768b9c943ff9cc28c64b56316949e6af85775646fadaba82e1f22ebb625bc34e
91046047070419edae0534234795e5e5fec697131aa2943b55a0a189d37941a4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0cf31cc9ddf8348275247ba3436aea3219946138476e7921c21fbce79675ad8
ac0b2cb467eba65bf09d50816a3f475d6102fb007110f36e843f5f0d4cb67489
b208d88afc4bef34253e31442399fca6d5468f4b71d8c5ce47bb093454622bc0
bd2dac1356e39fa218128722cb05ade98c92bff259abd7f10bc5ddf98fbc7e59
beb2188a3f414564db1475de069b1576b63c8b0c7d1c9a3c9ae77fb6dede7e35
c0bc4f76140d38f7af2ec7f7404a74986432a90b064b3f5cdcb345a823fa8849
c41fa0bddcca869efb7c9f0efca29fb862d2c5eb68a53a0e8fa6ebc3150cff1b
cacd215430aa66f1391abd136f23ddb729b3fe44c6385a43b62d7a9e8479ea03
da43081d86a7e6b4d98260f6231a9edc2c5f3955ad222d69354dc0fa31b115a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855