urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forms.office.com/pages/designpage.aspx#formid=d9wkjwjaxe-tsernvps-tw5cxecl3hrop1-yp4r3tknuotlvnlrdve9zsfdtr0rewkr...
Effective URL: https://forms.office.com/?redirecturl=https%3A%2F%2Fforms.office.com%2Fpages%2Fdesignpage.aspx%23formid%3Dd9wkjwjaxe-tser...
Submission: On February 01 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 6 countries across 8 domains to perform 46 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 5698.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 8 2620:1ec:a92:... 8068 (MICROSOFT...)
10 2.21.74.98 20940 (AKAMAI-ASN1)
2 2620:1ec:4e:1... 8075 (MICROSOFT...)
2 23.44.75.247 16625 (AKAMAI-AS)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 20.190.159.19 8075 (MICROSOFT...)
1 1 20.190.159.2 8075 (MICROSOFT...)
12 51.11.192.48 8075 (MICROSOFT...)
5 52.109.88.193 8075 (MICROSOFT...)
6 184.51.85.137 16625 (AKAMAI-AS)
46 10
8    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
10    2.21.74.98 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-74-98.deploy.static.akamaitechnologies.com
cdn.forms.office.net
2    2620:1ec:4e:1::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
2    23.44.75.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-75-247.deploy.static.akamaitechnologies.com
static2.sharepointonline.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    20.190.159.19 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    20.190.159.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
12    51.11.192.48 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
5    52.109.88.193 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
odc.officeapps.live.com
6    184.51.85.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-85-137.deploy.static.akamaitechnologies.com
cdn.odc.officeapps.live.com
Apex Domain
Subdomains		 Transfer
12 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 244
4 KB
12 live.com
login.live.com — Cisco Umbrella Rank: 93
odc.officeapps.live.com — Cisco Umbrella Rank: 239
cdn.odc.officeapps.live.com — Cisco Umbrella Rank: 1828
98 KB
10 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8090
392 KB
10 office.com
forms.office.com — Cisco Umbrella Rank: 5698
c.office.com — Cisco Umbrella Rank: 21801
28 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 20
58 KB
2 sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 2463
72 KB
2 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1577
154 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 241
665 B
46 8
Domain Requested by
12 browser.events.data.microsoft.com cdn.forms.office.net
js.monitor.azure.com
10 cdn.forms.office.net forms.office.com
cdn.forms.office.net
8 forms.office.com 4 redirects cdn.forms.office.net
6 cdn.odc.officeapps.live.com odc.officeapps.live.com
5 odc.officeapps.live.com cdn.forms.office.net
odc.officeapps.live.com
2 login.microsoftonline.com cdn.forms.office.net
login.microsoftonline.com
2 c.office.com 1 redirects forms.office.com
2 static2.sharepointonline.com cdn.forms.office.net
2 js.monitor.azure.com forms.office.com
1 login.live.com 1 redirects
1 c.bing.com 1 redirects
46 11

This site contains no links.

Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2022-07-20 -
2023-07-15		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 05		 2022-12-23 -
2023-12-18		 a year crt.sh
privatecdn.sharepointonline.com
DigiCert SHA2 Secure Server CA		 2022-09-19 -
2023-09-19		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-12-01 -
2023-12-01		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 01		 2022-12-07 -
2023-12-02		 a year crt.sh
odc.officeapps.live.com
Microsoft Azure TLS Issuing CA 05		 2022-12-07 -
2023-12-02		 a year crt.sh
cdn.odc.officeapps.live.com
Microsoft Azure TLS Issuing CA 05		 2022-10-12 -
2023-10-07		 a year crt.sh

This page contains 4 frames:

Primary Page: https://forms.office.com/?redirecturl=https%3A%2F%2Fforms.office.com%2Fpages%2Fdesignpage.aspx%23formid%3Dd9wkjwjaxe-tsernvps-tw5cxecl3hrop1-yp4r3tknuotlvnlrdve9zsfdtr0rewkrrvzzhqjexmyqlqcnjpteu%26analysis%3Dtrue
Frame ID: 0584FD856DC5011158CC21BD5763D772
Requests: 25 HTTP requests in this frame

Frame: https://forms.office.com/pages/silentsignincomplete.aspx
Frame ID: 67C9EA3D1CAE0B70C19378E66C4DCE92
Requests: 3 HTTP requests in this frame

Frame: https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
Frame ID: 52FF44557390C9E1E042ACF7A8937C61
Requests: 1 HTTP requests in this frame

Frame: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Frame ID: B880CAEB728E4BF6B10DEF1307BDEB61
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft Forms - Erstellen Sie ganz einfach Umfragen, Quizze und Abstimmungen.

Page URL History Show full URLs

  1. https://forms.office.com/pages/designpage.aspx HTTP 302
    https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpage.aspx Page URL
  2. https://forms.office.com/?redirecturl=https%3A%2F%2Fforms.office.com%2Fpages%2Fdesignpage.aspx%23form... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

93 %
HTTPS

27 %
IPv6

8
Domains

11
Subdomains

10
IPs

6
Countries

801 kB
Transfer

2793 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forms.office.com/pages/designpage.aspx HTTP 302
    https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpage.aspx Page URL
  2. https://forms.office.com/?redirecturl=https%3A%2F%2Fforms.office.com%2Fpages%2Fdesignpage.aspx%23formid%3Dd9wkjwjaxe-tsernvps-tw5cxecl3hrop1-yp4r3tknuotlvnlrdve9zsfdtr0rewkrrvzzhqjexmyqlqcnjpteu%26analysis%3Dtrue Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://forms.office.com/pages/designpage.aspx HTTP 302
  • https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpage.aspx
Request Chain 8
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=4DB234F1086C404EAF24397BF4712ACD&RedC=c.office.com&MXFR=3FC5F83E764B64F932FEEA95724B6F95 HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=4DB234F1086C404EAF24397BF4712ACD&MUID=3FC5F83E764B64F932FEEA95724B6F95
Request Chain 9
  • https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none HTTP 302
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzl3T0lyX09PMERVcjdIaW14YS1RSUtPZDA1WlhvcThXN2VtZ1Y2Z29vSWZJdDNRNnZvWGFWM3o2U09NcU5HMlpoSi1NUV9BX1VNemNnZ3hjc2doWDAiLCJwcm9tcHQiOiJBZFk0WFlNekdOUS1lVmcyWmJCZGFSUFI3blhqbkkwZGtUcXJ0MXRzRExDOE5RbGtLem5icnJmS2t0anNaYXd1Rkw5Sk9fT3lXNEpVd2xsMkFaVUZLVE0iLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638108438860570942.OTZjNjNjNTEtMjM5OC00YWUwLWIxOWYtODIyNjZmMmRlMmZkOWQxMTMzNzYtZjMwNC00M2JhLWI0NmEtZmRkM2ZmNGVkOTIx&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
Request Chain 11
  • https://forms.office.com/landing HTTP 302
  • https://forms.office.com/pages/silentsignincomplete.aspx
Request Chain 12
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675247085&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.office.com%2FrpsLanding%3FRpsAuthState%3D37m85QH1uLUin27i4OEIyvl-uGJaiB4bldaoeAe-F-DvbFHDK3LoGcUVlxvn_dUoYqY8kjNIZPnWPBWlRe7VgtelS19pqo06yrstDAkOrnTRHhnWHJptjKb1oVRL7c2CWwY3S07KaaQCrJdbTbtd-948j4qND9rmweKLW7SFh_f7Sm0ExYWQJEygicmVxxPSUrPzqdG1hDmQqPR26mmY4znr6PlB0PkhAvHp_sGYWeaXduR7U8bKnctG7FI6EIPVi9biZb3l1RInQn0u90fCHgTDw8iLH7IPwXHRthacAd9HH-nK0ERhWi24yS0IlFEmzNHrUYDb4BUvRA4JUYJiiey6jxXX4-zab8ke1KHPPwc&id=295313&checkda=1 HTTP 302
  • https://forms.office.com/rpsLanding?RpsAuthState=37m85QH1uLUin27i4OEIyvl-uGJaiB4bldaoeAe-F-DvbFHDK3LoGcUVlxvn_dUoYqY8kjNIZPnWPBWlRe7VgtelS19pqo06yrstDAkOrnTRHhnWHJptjKb1oVRL7c2CWwY3S07KaaQCrJdbTbtd-948j4qND9rmweKLW7SFh_f7Sm0ExYWQJEygicmVxxPSUrPzqdG1hDmQqPR26mmY4znr6PlB0PkhAvHp_sGYWeaXduR7U8bKnctG7FI6EIPVi9biZb3l1RInQn0u90fCHgTDw8iLH7IPwXHRthacAd9HH-nK0ERhWi24yS0IlFEmzNHrUYDb4BUvRA4JUYJiiey6jxXX4-zab8ke1KHPPwc HTTP 302
  • https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
forms.office.com/
Redirect Chain
  • https://forms.office.com/pages/designpage.aspx
  • https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpage.aspx
37 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpage.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0be4cedde7eff37f77ac3eb548c65a914c3d310f4509a7bf406c5783ef3678eb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
11664
content-type
text/html; charset=utf-8
date
Wed, 01 Feb 2023 10:24:45 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
2311cb66-6949-43a0-8e0c-a1e27e1e9219
x-failurereason
Unknown
x-msedge-ref
Ref A: B4AC0DC56CB040D38C472CD2567AE693 Ref B: AMS231032606035 Ref C: 2023-02-01T10:24:45Z
x-officecluster
weu-100.forms.office.com
x-officefe
FormsSingleBox_IN_14
x-officeversion
16.0.16129.42051
x-routingcorrelationid
2311cb66-6949-43a0-8e0c-a1e27e1e9219
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_14
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
5c0f76b0-4b26-4702-b23a-ff38febbd8f3
x-usersessionid
5c0f76b0-4b26-4702-b23a-ff38febbd8f3

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 01 Feb 2023 10:24:45 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
location
/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpage.aspx
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-correlationid
0f194b4f-c51f-4395-b3fe-f0973c178455
x-msedge-ref
Ref A: 83150676D9BE442AB9886CB06FFABE55 Ref B: AMS231032606035 Ref C: 2023-02-01T10:24:45Z
x-officecluster
frc-100.forms.office.com
x-officefe
FormsSingleBox_IN_5
x-officeversion
16.0.16126.42050
x-routingcorrelationid
0f194b4f-c51f-4395-b3fe-f0973c178455
x-routingofficecluster
frc-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_5
x-routingofficeversion
16.0.16126.42050
x-routingsessionid
721f3247-446c-4c73-bde9-7fe621995be7
x-usersessionid
721f3247-446c-4c73-bde9-7fe621995be7
default-page.min.5112b27.css
cdn.forms.office.net/forms/css/dist/ 		364 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/default-page.min.5112b27.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpage.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1016d0b9bf41f4fcefa7e9b7de510107def3e64bbeaa39aac00f7b164f642ba9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Feb 2023 10:24:45 GMT
content-encoding
br
content-md5
rIkKyl/oekCaFPUqJTw8zA==
content-length
30629
x-ms-lease-status
unlocked
last-modified
Thu, 19 Jan 2023 03:58:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF9D16E499698
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
18b0d00a-701e-002b-16c2-2bdd41000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 01 Feb 2024 10:24:45 GMT
basics_osi_v3_m1_j3.min.6aa1f3d.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpage.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
67dd96644fcce9cc703ebf1ede6a7a96b42fe909d024f0eee3e826ae0a59f66d

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Feb 2023 10:24:45 GMT
content-encoding
br
content-md5
BdEW2V1tMY+QN8kblaXAYw==
content-length
70611
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 04:53:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB32034AB81C0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0815ec1f-401e-0067-2128-e71a5e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 01 Feb 2024 10:24:45 GMT
aria_odata_v2.min.29dbe8c.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ 		125 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/aria_odata_v2.min.29dbe8c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpage.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b66a5c41dda8640ef2fb42901bee5437dcdc746f018ab7bfa42fa6cfddc830f8

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Feb 2023 10:24:45 GMT
content-encoding
br
content-md5
zL0YTaz76DBx0JM11lOSgA==
content-length
32555
x-ms-lease-status
unlocked
last-modified
Tue, 22 Mar 2022 04:36:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA0BBD8141A9FA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
698fe1fc-201e-0011-4bb1-3d9ee2000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 01 Feb 2024 10:24:45 GMT
default-page.min.fc3e1bb.js
cdn.forms.office.net/forms/scripts/dists/ 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpage.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f19aeb615472c877093fe373b0011ce3c251d4547b7e405a4eb7732b650bf045

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Feb 2023 10:24:45 GMT
content-encoding
br
content-md5
cN7TD/TmGm/6BZP0LZhbqQ==
content-length
34198
x-ms-lease-status
unlocked
last-modified
Mon, 30 Jan 2023 04:25:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB027A09A85DDA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9b589a34-501e-0073-046d-34d93a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 01 Feb 2024 10:24:45 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		179 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpage.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:4e:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cacd215430aa66f1391abd136f23ddb729b3fe44c6385a43b62d7a9e8479ea03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:24:46 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.8
last-modified
Wed, 02 Nov 2022 19:31:15 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.8.min.js
vary
Accept-Encoding
x-azure-ref
20230201T102446Z-18s8da5fth4ata1v7dntf35th4000000024000000000cx8k
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9cb9a23d-c01e-0002-395a-30ce8f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/css/dist/default-page.min.5112b27.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.75.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-75-247.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer
https://cdn.forms.office.net/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 01 Feb 2023 10:24:46 GMT
last-modified
Thu, 02 Nov 2017 17:22:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D522163B704E10
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
aeac5b7d-201e-0029-3f65-f4b859000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=24066920
x-ms-version
2009-09-19
content-length
36344
default-page.chunk.1ds.6dc5e5d.js
cdn.forms.office.net/forms/scripts/dists/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/default-page.chunk.1ds.6dc5e5d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
65efeac160ccc469ad55cfaa6fb94254f1bf8f89ae913b3e50407021c3f42ed4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Feb 2023 10:24:46 GMT
content-encoding
br
content-md5
97nNPCdl6wGOtpt7Ghddmg==
content-length
30129
x-ms-lease-status
unlocked
last-modified
Fri, 28 Oct 2022 04:14:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB89ADCD45DA8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1f6a77dc-401e-004e-29ee-ec6c1c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 01 Feb 2024 10:24:46 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=4DB234F1086C404EAF24397BF4712ACD&RedC=c.office.com&MXFR=3FC5F83E764B64F932FEEA95724B6F95
  • https://c.office.com/c.gif?CtsSyncId=4DB234F1086C404EAF24397BF4712ACD&MUID=3FC5F83E764B64F932FEEA95724B6F95
42 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=4DB234F1086C404EAF24397BF4712ACD&MUID=3FC5F83E764B64F932FEEA95724B6F95
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpage.aspx
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Feb 2023 10:24:45 GMT
last-modified
Tue, 17 Jan 2023 20:36:49 GMT
server
Microsoft-IIS/10.0
etag
"b1c8df6cb32ad91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 01 Feb 2023 10:24:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C5AA6A0776D544DE91A05657AE8D919D Ref B: FRA31EDGE0205 Ref C: 2023-02-01T10:24:46Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=4DB234F1086C404EAF24397BF4712ACD&MUID=3FC5F83E764B64F932FEEA95724B6F95
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
authorize
login.microsoftonline.com/common/oauth2/ Frame 67C9
Redirect Chain
  • https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20p...
152 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzl3T0lyX09PMERVcjdIaW14YS1RSUtPZDA1WlhvcThXN2VtZ1Y2Z29vSWZJdDNRNnZvWGFWM3o2U09NcU5HMlpoSi1NUV9BX1VNemNnZ3hjc2doWDAiLCJwcm9tcHQiOiJBZFk0WFlNekdOUS1lVmcyWmJCZGFSUFI3blhqbkkwZGtUcXJ0MXRzRExDOE5RbGtLem5icnJmS2t0anNaYXd1Rkw5Sk9fT3lXNEpVd2xsMkFaVUZLVE0iLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638108438860570942.OTZjNjNjNTEtMjM5OC00YWUwLWIxOWYtODIyNjZmMmRlMmZkOWQxMTMzNzYtZjMwNC00M2JhLWI0NmEtZmRkM2ZmNGVkOTIx&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.19 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1fff5b20780a3ee6be22552c4147a309220fe699b6f803bd2b6f499e9d0aff66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55413
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Feb 2023 10:24:45 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub1"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.14526.6 - WEULR2 ProdSlices
x-ms-request-id
125c8c3c-858a-4103-a5f4-f4e93d9e1d00

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Wed, 01 Feb 2023 10:24:45 GMT
location
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzl3T0lyX09PMERVcjdIaW14YS1RSUtPZDA1WlhvcThXN2VtZ1Y2Z29vSWZJdDNRNnZvWGFWM3o2U09NcU5HMlpoSi1NUV9BX1VNemNnZ3hjc2doWDAiLCJwcm9tcHQiOiJBZFk0WFlNekdOUS1lVmcyWmJCZGFSUFI3blhqbkkwZGtUcXJ0MXRzRExDOE5RbGtLem5icnJmS2t0anNaYXd1Rkw5Sk9fT3lXNEpVd2xsMkFaVUZLVE0iLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638108438860570942.OTZjNjNjNTEtMjM5OC00YWUwLWIxOWYtODIyNjZmMmRlMmZkOWQxMTMzNzYtZjMwNC00M2JhLWI0NmEtZmRkM2ZmNGVkOTIx&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
2a710ee8-9d76-429b-b836-3b3b33448241
x-msedge-ref
Ref A: 942704966C2A40768DB34CA82331D5AD Ref B: AMS231032606035 Ref C: 2023-02-01T10:24:46Z
x-officecluster
weu-100.forms.office.com
x-officefe
FormsSingleBox_IN_6
x-officeversion
16.0.16129.42051
x-routingcorrelationid
2a710ee8-9d76-429b-b836-3b3b33448241
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_6
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
3a1a6229-c194-44f1-b764-573d67c4baaa
x-usersessionid
3a1a6229-c194-44f1-b764-573d67c4baaa
authorize
login.microsoftonline.com/common/oauth2/ Frame 67C9 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzl3T0lyX09PMERVcjdIaW14YS1RSUtPZDA1WlhvcThXN2VtZ1Y2Z29vSWZJdDNRNnZvWGFWM3o2U09NcU5HMlpoSi1NUV9BX1VNemNnZ3hjc2doWDAiLCJwcm9tcHQiOiJBZFk0WFlNekdOUS1lVmcyWmJCZGFSUFI3blhqbkkwZGtUcXJ0MXRzRExDOE5RbGtLem5icnJmS2t0anNaYXd1Rkw5Sk9fT3lXNEpVd2xsMkFaVUZLVE0iLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638108438860570942.OTZjNjNjNTEtMjM5OC00YWUwLWIxOWYtODIyNjZmMmRlMmZkOWQxMTMzNzYtZjMwNC00M2JhLWI0NmEtZmRkM2ZmNGVkOTIx&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzl3T0lyX09PMERVcjdIaW14YS1RSUtPZDA1WlhvcThXN2VtZ1Y2Z29vSWZJdDNRNnZvWGFWM3o2U09NcU5HMlpoSi1NUV9BX1VNemNnZ3hjc2doWDAiLCJwcm9tcHQiOiJBZFk0WFlNekdOUS1lVmcyWmJCZGFSUFI3blhqbkkwZGtUcXJ0MXRzRExDOE5RbGtLem5icnJmS2t0anNaYXd1Rkw5Sk9fT3lXNEpVd2xsMkFaVUZLVE0iLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638108438860570942.OTZjNjNjNTEtMjM5OC00YWUwLWIxOWYtODIyNjZmMmRlMmZkOWQxMTMzNzYtZjMwNC00M2JhLWI0NmEtZmRkM2ZmNGVkOTIx&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.19 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
57bade929269b967baf87f824cb9d5045e48c8c87d4b1fdc1491ae370615482e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzl3T0lyX09PMERVcjdIaW14YS1RSUtPZDA1WlhvcThXN2VtZ1Y2Z29vSWZJdDNRNnZvWGFWM3o2U09NcU5HMlpoSi1NUV9BX1VNemNnZ3hjc2doWDAiLCJwcm9tcHQiOiJBZFk0WFlNekdOUS1lVmcyWmJCZGFSUFI3blhqbkkwZGtUcXJ0MXRzRExDOE5RbGtLem5icnJmS2t0anNaYXd1Rkw5Sk9fT3lXNEpVd2xsMkFaVUZLVE0iLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638108438860570942.OTZjNjNjNTEtMjM5OC00YWUwLWIxOWYtODIyNjZmMmRlMmZkOWQxMTMzNzYtZjMwNC00M2JhLWI0NmEtZmRkM2ZmNGVkOTIx&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
962
Content-Type
text/html; charset=utf-8
Date
Wed, 01 Feb 2023 10:24:45 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub1"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.14526.6 - NEULR2 ProdSlices
x-ms-request-id
bb3a3207-c322-4a9f-b2f8-96ce2cbd3100
silentsignincomplete.aspx
forms.office.com/pages/ Frame 67C9
Redirect Chain
  • https://forms.office.com/landing
  • https://forms.office.com/pages/silentsignincomplete.aspx
8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/silentsignincomplete.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
3532
content-type
text/html; charset=utf-8
date
Wed, 01 Feb 2023 10:24:46 GMT
expires
0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
137b5d49-4cfa-4388-b607-d9afa69c823f
x-failurereason
Unknown
x-msedge-ref
Ref A: 8E140E99997F46FDB731DCCA514DA393 Ref B: AMS231032606035 Ref C: 2023-02-01T10:24:46Z
x-officecluster
weu-100.forms.office.com
x-officefe
FormsSingleBox_IN_11
x-officeversion
16.0.16129.42051
x-robots-tag
noindex, nofollow
x-routingcorrelationid
137b5d49-4cfa-4388-b607-d9afa69c823f
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_11
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
4f50e17d-4b0d-4981-8d43-5c9d623db162
x-usersessionid
4f50e17d-4b0d-4981-8d43-5c9d623db162

Redirect headers

content-length
0
date
Wed, 01 Feb 2023 10:24:46 GMT
location
pages/silentsignincomplete.aspx
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
0fc3ff24-3530-4f8e-aea9-6356b75497d6
x-msedge-ref
Ref A: 81E0D6BC2A744099BDDBB589EB7DE147 Ref B: AMS231032606035 Ref C: 2023-02-01T10:24:46Z
x-officecluster
neu-101.forms.office.com
x-officefe
FormsSingleBox_IN_6
x-officeversion
16.0.16126.42050
x-routingcorrelationid
0fc3ff24-3530-4f8e-aea9-6356b75497d6
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_6
x-routingofficeversion
16.0.16126.42050
x-routingsessionid
ae0fd320-0bf2-46c1-a5c3-616e43419437
x-usersessionid
ae0fd320-0bf2-46c1-a5c3-616e43419437
SilentSignInComplete.aspx
forms.office.com/Pages/ Frame 52FF
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675247085&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.office.com%2FrpsLanding%3FRpsAuthState%3D37m85QH1uLUin27i4OEIyvl-uGJaiB4b...
  • https://forms.office.com/rpsLanding?RpsAuthState=37m85QH1uLUin27i4OEIyvl-uGJaiB4bldaoeAe-F-DvbFHDK3LoGcUVlxvn_dUoYqY8kjNIZPnWPBWlRe7VgtelS19pqo06yrstDAkOrnTRHhnWHJptjKb1oVRL7c2CWwY3S07KaaQCrJdbTbtd...
  • https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
3532
content-type
text/html; charset=utf-8
date
Wed, 01 Feb 2023 10:24:46 GMT
expires
0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
d874a844-fadb-4557-942c-a198732ede34
x-failurereason
Unknown
x-msedge-ref
Ref A: C8D5B85869A64CB1B20BB48F9A6CC998 Ref B: AMS231032606035 Ref C: 2023-02-01T10:24:47Z
x-officecluster
neu-101.forms.office.com
x-officefe
FormsSingleBox_IN_1
x-officeversion
16.0.16126.42050
x-robots-tag
noindex, nofollow
x-routingcorrelationid
d874a844-fadb-4557-942c-a198732ede34
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_1
x-routingofficeversion
16.0.16126.42050
x-routingsessionid
8d012322-547e-408a-803a-605d60da00e5
x-usersessionid
8d012322-547e-408a-803a-605d60da00e5

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Wed, 01 Feb 2023 10:24:46 GMT
location
/Pages/SilentSignInComplete.aspx?fromAR=1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
4e8a5f67-ab59-4c75-b1f6-61539d10536d
x-msedge-ref
Ref A: 2A069A021F244A69B63EE20825A6062F Ref B: AMS231032606035 Ref C: 2023-02-01T10:24:46Z
x-officecluster
frc-101.forms.office.com
x-officefe
FormsSingleBox_IN_8
x-officeversion
16.0.16126.42050
x-routingcorrelationid
4e8a5f67-ab59-4c75-b1f6-61539d10536d
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_8
x-routingofficeversion
16.0.16126.42050
x-routingsessionid
dbd4ce8f-2c9c-4d94-9d9d-2518ca13cd9a
x-usersessionid
dbd4ce8f-2c9c-4d94-9d9d-2518ca13cd9a
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.chunk.1ds.6dc5e5d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.48 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
34235be91ebb2fe63e0f42fa35074a773d026fd447b3e849d5953b8c93750246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1675247087062
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 01 Feb 2023 10:24:48 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
1330
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.48 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 01 Feb 2023 10:24:47 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.48 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
8108698abb75dd3ed15dfbd5aeb37988254212b274408ec86668d7f8d84d848f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1675247087116
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 01 Feb 2023 10:24:47 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
1373
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.48 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 01 Feb 2023 10:24:48 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.48 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 01 Feb 2023 10:24:48 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		24 B
461 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1675247088566&ext.intweb.msfpc=GUID%3D23a8f95a35e94f5eb751439a4ff895d4%26HASH%3D23a8%26LV%3D202302%26V%3D4%26LU%3D1675247088489&time-delta-to-apply-millis=1373&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.48 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://forms.office.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 01 Feb 2023 10:24:48 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
-2
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
24
Primary Request /
forms.office.com/ 		37 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/?redirecturl=https%3A%2F%2Fforms.office.com%2Fpages%2Fdesignpage.aspx%23formid%3Dd9wkjwjaxe-tsernvps-tw5cxecl3hrop1-yp4r3tknuotlvnlrdve9zsfdtr0rewkrrvzzhqjexmyqlqcnjpteu%26analysis%3Dtrue
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
69285cbd31805a18acabadbf449646256d3fc1b160120c694d985ae23dca0cea
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpage.aspx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
11782
content-type
text/html; charset=utf-8
date
Wed, 01 Feb 2023 10:24:48 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
2442c340-db1a-4339-8d0d-de5e9d0ccc17
x-failurereason
Unknown
x-msedge-ref
Ref A: 88B0CEBD3B954C4C879FB4AEDED64BF8 Ref B: AMS231032606035 Ref C: 2023-02-01T10:24:48Z
x-officecluster
frc-100.forms.office.com
x-officefe
FormsSingleBox_IN_10
x-officeversion
16.0.16126.42050
x-routingcorrelationid
2442c340-db1a-4339-8d0d-de5e9d0ccc17
x-routingofficecluster
frc-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_10
x-routingofficeversion
16.0.16126.42050
x-routingsessionid
b41a9068-a50e-422f-a0d3-ae50f38132b3
x-usersessionid
b41a9068-a50e-422f-a0d3-ae50f38132b3
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0
default-page.min.5112b27.css
cdn.forms.office.net/forms/css/dist/ 		364 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/default-page.min.5112b27.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3A%2F%2Fforms.office.com%2Fpages%2Fdesignpage.aspx%23formid%3Dd9wkjwjaxe-tsernvps-tw5cxecl3hrop1-yp4r3tknuotlvnlrdve9zsfdtr0rewkrrvzzhqjexmyqlqcnjpteu%26analysis%3Dtrue
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1016d0b9bf41f4fcefa7e9b7de510107def3e64bbeaa39aac00f7b164f642ba9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Feb 2023 10:24:48 GMT
content-encoding
br
content-md5
rIkKyl/oekCaFPUqJTw8zA==
content-length
30629
x-ms-lease-status
unlocked
last-modified
Thu, 19 Jan 2023 03:58:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF9D16E499698
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
18b0d00a-701e-002b-16c2-2bdd41000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 01 Feb 2024 10:24:48 GMT
basics_osi_v3_m1_j3.min.6aa1f3d.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3A%2F%2Fforms.office.com%2Fpages%2Fdesignpage.aspx%23formid%3Dd9wkjwjaxe-tsernvps-tw5cxecl3hrop1-yp4r3tknuotlvnlrdve9zsfdtr0rewkrrvzzhqjexmyqlqcnjpteu%26analysis%3Dtrue
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
67dd96644fcce9cc703ebf1ede6a7a96b42fe909d024f0eee3e826ae0a59f66d

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Feb 2023 10:24:48 GMT
content-encoding
br
content-md5
BdEW2V1tMY+QN8kblaXAYw==
content-length
70611
x-ms-lease-status
unlocked
last-modified
Fri, 21 Oct 2022 04:53:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB32034AB81C0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0815ec1f-401e-0067-2128-e71a5e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 01 Feb 2024 10:24:48 GMT
aria_odata_v2.min.29dbe8c.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ 		125 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/aria_odata_v2.min.29dbe8c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3A%2F%2Fforms.office.com%2Fpages%2Fdesignpage.aspx%23formid%3Dd9wkjwjaxe-tsernvps-tw5cxecl3hrop1-yp4r3tknuotlvnlrdve9zsfdtr0rewkrrvzzhqjexmyqlqcnjpteu%26analysis%3Dtrue
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b66a5c41dda8640ef2fb42901bee5437dcdc746f018ab7bfa42fa6cfddc830f8

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Feb 2023 10:24:48 GMT
content-encoding
br
content-md5
zL0YTaz76DBx0JM11lOSgA==
content-length
32555
x-ms-lease-status
unlocked
last-modified
Tue, 22 Mar 2022 04:36:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA0BBD8141A9FA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
698fe1fc-201e-0011-4bb1-3d9ee2000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 01 Feb 2024 10:24:48 GMT
default-page.min.fc3e1bb.js
cdn.forms.office.net/forms/scripts/dists/ 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3A%2F%2Fforms.office.com%2Fpages%2Fdesignpage.aspx%23formid%3Dd9wkjwjaxe-tsernvps-tw5cxecl3hrop1-yp4r3tknuotlvnlrdve9zsfdtr0rewkrrvzzhqjexmyqlqcnjpteu%26analysis%3Dtrue
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f19aeb615472c877093fe373b0011ce3c251d4547b7e405a4eb7732b650bf045

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Feb 2023 10:24:48 GMT
content-encoding
br
content-md5
cN7TD/TmGm/6BZP0LZhbqQ==
content-length
34198
x-ms-lease-status
unlocked
last-modified
Mon, 30 Jan 2023 04:25:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB027A09A85DDA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9b589a34-501e-0073-046d-34d93a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 01 Feb 2024 10:24:48 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		179 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3A%2F%2Fforms.office.com%2Fpages%2Fdesignpage.aspx%23formid%3Dd9wkjwjaxe-tsernvps-tw5cxecl3hrop1-yp4r3tknuotlvnlrdve9zsfdtr0rewkrrvzzhqjexmyqlqcnjpteu%26analysis%3Dtrue
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:4e:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cacd215430aa66f1391abd136f23ddb729b3fe44c6385a43b62d7a9e8479ea03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:24:48 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.8
last-modified
Wed, 02 Nov 2022 19:31:15 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.8.min.js
vary
Accept-Encoding
x-azure-ref
20230201T102448Z-18s8da5fth4ata1v7dntf35th4000000024000000000cxs3
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9cb9a23d-c01e-0002-395a-30ce8f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/css/dist/default-page.min.5112b27.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.75.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-75-247.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer
https://cdn.forms.office.net/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 01 Feb 2023 10:24:48 GMT
last-modified
Thu, 02 Nov 2017 17:22:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D522163B704E10
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
aeac5b7d-201e-0029-3f65-f4b859000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=24066918
x-ms-version
2009-09-19
content-length
36344
default-page.chunk.1ds.6dc5e5d.js
cdn.forms.office.net/forms/scripts/dists/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/default-page.chunk.1ds.6dc5e5d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
65efeac160ccc469ad55cfaa6fb94254f1bf8f89ae913b3e50407021c3f42ed4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 01 Feb 2023 10:24:48 GMT
content-encoding
br
content-md5
97nNPCdl6wGOtpt7Ghddmg==
content-length
30129
x-ms-lease-status
unlocked
last-modified
Fri, 28 Oct 2022 04:14:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB89ADCD45DA8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1f6a77dc-401e-004e-29ee-ec6c1c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 01 Feb 2024 10:24:48 GMT
hrd
odc.officeapps.live.com/odc/v2.1/ Frame B880 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f61a685049913e3becd1a93ec47f69f4191ed07b75c8baf2a371ebf6e9904e09
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=1200
content-length
8128
content-type
text/html; charset=utf-8
date
Wed, 01 Feb 2023 10:24:48 GMT
expires
Wed, 01 Feb 2023 10:44:48 GMT
last-modified
Wed, 01 Feb 2023 10:24:48 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
Microsoft-IIS/10.0
vary
*
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-correlationid
584fccd2-574e-441b-a8bb-2404d40caa89
x-officecluster
weu-000.odc.officeapps.live.com
x-officefe
OdcFE_IN_50
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-ua-compatible
IE=11
x-usersessionid
584fccd2-574e-441b-a8bb-2404d40caa89
hrd.css
odc.officeapps.live.com/odc/stat/ Frame B880 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.css?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ff09ddce3a55505346a551874b4a1cac73120c05f1207f47d973c4e952b0987
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_50
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
5050
last-modified
Mon, 23 Jan 2023 11:28:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
a0f11f58-de0a-419a-8723-ee53906d3fb1
x-correlationid
a0f11f58-de0a-419a-8723-ee53906d3fb1
x-officecluster
weu-000.odc.officeapps.live.com
etag
"0fa7c21d2fd91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=2419200
accept-ranges
bytes
microsoft_logo.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame B880 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.svg?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.85.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-85-137.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_67
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
1464
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
dd16840c-b0a4-40b0-bda3-b84996e085b3
x-correlationid
dd16840c-b0a4-40b0-bda3-b84996e085b3
x-officecluster
neu-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=1987129
accept-ranges
bytes
picker-account-aad.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame B880 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-aad.svg?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.85.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-85-137.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:24:48 GMT
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_28
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
756
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
c9d5a226-43f3-4a11-a9de-d49beee00e06
x-correlationid
c9d5a226-43f3-4a11-a9de-d49beee00e06
x-officecluster
neu-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
content-type
image/svg+xml
cache-control
private, max-age=1987053
accept-ranges
bytes
picker-account-msa.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame B880 		379 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-msa.svg?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.85.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-85-137.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:24:48 GMT
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_48
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
379
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
fdf80f6b-9c92-4e0a-aaae-4a6d2b471184
x-correlationid
fdf80f6b-9c92-4e0a-aaae-4a6d2b471184
x-officecluster
uks-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
content-type
image/svg+xml
cache-control
private, max-age=1983508
accept-ranges
bytes
jquery-1.12.4.1.min.js
cdn.odc.officeapps.live.com/odc/stat/ Frame B880 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/jquery-1.12.4.1.min.js?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.85.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-85-137.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_64
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
33842
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
28075eb9-2871-494e-926f-a2e4f3dac86b
x-correlationid
28075eb9-2871-494e-926f-a2e4f3dac86b
x-officecluster
weu-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=1946359
accept-ranges
bytes
knockout-3.4.2.js
cdn.odc.officeapps.live.com/odc/stat/ Frame B880 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/knockout-3.4.2.js?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.85.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-85-137.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_96
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
22381
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
50d95ab0-9ed2-47c3-a421-82a152758c12
x-correlationid
50d95ab0-9ed2-47c3-a421-82a152758c12
x-officecluster
neu-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=1946334
accept-ranges
bytes
CommonDiagnostics.js
cdn.odc.officeapps.live.com/odc/stat/ Frame B880 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/CommonDiagnostics.js?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.85.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-85-137.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_44
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
12330
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
1a3ea687-32ec-4397-aa28-dbe8e98c18f4
x-correlationid
1a3ea687-32ec-4397-aa28-dbe8e98c18f4
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=1946330
accept-ranges
bytes
jsonstrings
odc.officeapps.live.com/odc/ Frame B880 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/jsonstrings?g=EmailHrdv2&mkt=1031&hm=0
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
50b27e0a474ac6abd0e1ade24f61729974ff9d8e9bf250fa99da4a9346267d9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:24:48 GMT
x-content-type-options
nosniff
x-correlationid
cc1e6d72-4618-4227-bb47-3b46d8071403
server
Microsoft-IIS/10.0
x-usersessionid
cc1e6d72-4618-4227-bb47-3b46d8071403
x-officecluster
weu-000.odc.officeapps.live.com
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_50
content-type
text/javascript; charset=utf-8
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public, max-age=3600
content-length
3625
hrd.min.js
odc.officeapps.live.com/odc/stat/ Frame B880 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.min.js?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
54a2f5eca1b0e7eda5cd0863fe8acbc23825a3d93108f11a2f654d537687f963
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_50
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
4909
last-modified
Mon, 23 Jan 2023 11:28:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
d219745c-9a05-481a-aee9-44f9dc786b22
x-correlationid
d219745c-9a05-481a-aee9-44f9dc786b22
x-officecluster
weu-000.odc.officeapps.live.com
etag
"0fa7c21d2fd91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=2419200
accept-ranges
bytes
Background-blurryGradient.svg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame B880 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odc.officeapps.live.com/odc/stat/images/hrd/Background-blurryGradient.svg
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/stat/hrd.css?b=16123.30550
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.193 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=16123.30550
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:24:48 GMT
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_50
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
2267
last-modified
Mon, 23 Jan 2023 11:28:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
80e1a4fe-e724-4422-b6f0-bcc79035dc5d
x-correlationid
80e1a4fe-e724-4422-b6f0-bcc79035dc5d
x-officecluster
weu-000.odc.officeapps.live.com
etag
"0fa7c21d2fd91:0"
content-type
image/svg+xml
cache-control
private, max-age=2419200
accept-ranges
bytes
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		24 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D23a8f95a35e94f5eb751439a4ff895d4%26HASH%3D23a8%26LV%3D202302%26V%3D4%26LU%3D1675247088489&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.48 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1675247089715
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 01 Feb 2023 10:24:49 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
36
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
24
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D23a8f95a35e94f5eb751439a4ff895d4%26HASH%3D23a8%26LV%3D202302%26V%3D4%26LU%3D1675247088489&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.48 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 01 Feb 2023 10:24:49 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		24 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D23a8f95a35e94f5eb751439a4ff895d4%26HASH%3D23a8%26LV%3D202302%26V%3D4%26LU%3D1675247088489&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.48 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1675247090716
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
time-delta-to-apply-millis
36
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 01 Feb 2023 10:24:50 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
52
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
24
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D23a8f95a35e94f5eb751439a4ff895d4%26HASH%3D23a8%26LV%3D202302%26V%3D4%26LU%3D1675247088489&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.48 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 01 Feb 2023 10:24:50 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.chunk.1ds.6dc5e5d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.48 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
0b0a32d5a3b4ebd73bbe1d7feb6e46332f2911b152a971209c2b2a6bb13e5e04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1675247090961
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 01 Feb 2023 10:24:50 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
41
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.11.192.48 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 01 Feb 2023 10:24:50 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.7&apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&upload-time=1675247088621&time-delta-to-apply-millis=1330&w=0&NoResponseBody=true

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| reloadNoCdn object| OfficeFormServerInfo object| NavKeyPoints function| $ function| jQuery function| _ object| React object| ReactDOM function| init object| datas object| modules function| require object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ object| odatajs function| DomStore function| IndexedDBStore function| MemoryStore function| setPublicPath function| replaceChunkSrc object| webpackChunk object| Forms object| FormsPro function| formsModuleResolveErrorCallback function| jsllloaded object| e function| t object| oneDS object| __dynProto$Gbl object| awa

22 Cookies

Domain/Path Name / Value
.forms.office.com/ Name: FormsWebSessionId
Value: 88c8b181-0fe5-4d2b-9c78-da3316c03135
.forms.office.com/ Name: usenewauthrollout
Value: True
.forms.office.com/ Name: RpsAuthNonce
Value: b06f2e2e-7180-4f13-a01d-89e409f95482
forms.office.com/ Name: OpenIdConnect.nonce.yQKAfleB4lDai5htZY1afkRnDDExBv5VNxCbhNqFvK0%3D
Value: ZXlKMlpYSnphVzl1SWpveExDSmtZWFJoSWpwN0lrNGlPaUpCVkRaQllWbzJiM0Z5T0hsaGIwOHliVTB4VVV0dFgzTTBYMUpLVkdoQ2NteDViRVZzU205d2QzUk1Ua3N0YTBaZlEyOVlZbEZGZFRWYWIwVjRVbWhPYkZSRU0wSmxWelJFVlMxRU9FOHdlbUU0WWxwUk1FcEdTMUJUTVhWdWFGUTNOVFJqUlZrd1RIRlBaSFE0TmpONVptaDFNRXhMUzNSNVVrSTBkVmd4Y2xoRlJYSXRSalpqUVVwa1VGcFJiRkJITjNSZmExbHhkVmxaWmxCZmVrUllabEZOUkY5WVozWjRiMkZTVkhaVk9UbFNUVkJRTkVOeVpEUklaRU5LWXpBelkxcEZSVzlPTWtWQk9ETTRjbTV6VUZwMWFTMU9kRFJKYkVKMk1qZG1aVzlQTFhWbVYya3pObXhVV2lKOWZR
.office.com/ Name: MUID
Value: 3FC5F83E764B64F932FEEA95724B6F95
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.bing.com/ Name: MUID
Value: 3FC5F83E764B64F932FEEA95724B6F95
.c.bing.com/ Name: SRM_B
Value: 3FC5F83E764B64F932FEEA95724B6F95
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: ANONCHK
Value: 0
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ASAAMe_N-B6jSkuT5F9XHpElWtJZpcmrehNPpu3n6cUq7IcBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevritzDs8JtZbfvaiytXxOvCQHOga4GgL56Ymt3HdcGsMOqNZnjq3RXnG3rRikL3oEkF2-rYgQDssKeeTZAxZ2QkvqXkuLqnrmdTo1a6m1WSb4gAA
login.microsoftonline.com/ Name: fpc
Value: AgDNjEzuK05CmGMPRXNRkAxiQQPhAQAAAO40bNsOAAAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrdKyvD8dE44NiJNS6UF2StOO4euKnXpC4PBwvG9h7vGx627i_iU0aR--EkkO4wFsrVSYqzbHzdKGaGl1aio9_Dz6c8pwkmQ9MzZxSk8Br8Csbzbpp3RwUvPunbTJQ3FykjE5MVpeosH4pLIKwuUSDGIQekJrZEejjH5fpA-0SC7EgAA
.login.live.com/ Name: uaid
Value: 72fb27fef4e64c0ca2ab08267aa8f743
.login.live.com/ Name: MSPRequ
Value: id=295313&lt=1675247086&co=1
.microsoft.com/ Name: MC1
Value: GUID=23a8f95a35e94f5eb751439a4ff895d4&HASH=23a8&LV=202302&V=4&LU=1675247088489
.microsoft.com/ Name: MS0
Value: 9cc05b491c9648639aff319e7f7168a9
forms.office.com/ Name: MSFPC
Value: GUID=23a8f95a35e94f5eb751439a4ff895d4&HASH=23a8&LV=202302&V=4&LU=1675247088489
forms.office.com/ Name: ai_session
Value: bHHnReH10N5JmibigIWRN6|1675247086113|1675247088714

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
cdn.odc.officeapps.live.com
forms.office.com
js.monitor.azure.com
login.live.com
login.microsoftonline.com
odc.officeapps.live.com
static2.sharepointonline.com
browser.events.data.microsoft.com
184.51.85.137
2.21.74.98
20.190.159.19
20.190.159.2
20.234.93.27
23.44.75.247
2620:1ec:4e:1::60
2620:1ec:a92::194
2620:1ec:c11::200
51.11.192.48
52.109.88.193
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0b0a32d5a3b4ebd73bbe1d7feb6e46332f2911b152a971209c2b2a6bb13e5e04
0be4cedde7eff37f77ac3eb548c65a914c3d310f4509a7bf406c5783ef3678eb
1016d0b9bf41f4fcefa7e9b7de510107def3e64bbeaa39aac00f7b164f642ba9
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
1fff5b20780a3ee6be22552c4147a309220fe699b6f803bd2b6f499e9d0aff66
2ff09ddce3a55505346a551874b4a1cac73120c05f1207f47d973c4e952b0987
34235be91ebb2fe63e0f42fa35074a773d026fd447b3e849d5953b8c93750246
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5
50b27e0a474ac6abd0e1ade24f61729974ff9d8e9bf250fa99da4a9346267d9d
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
54a2f5eca1b0e7eda5cd0863fe8acbc23825a3d93108f11a2f654d537687f963
57bade929269b967baf87f824cb9d5045e48c8c87d4b1fdc1491ae370615482e
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
65efeac160ccc469ad55cfaa6fb94254f1bf8f89ae913b3e50407021c3f42ed4
67dd96644fcce9cc703ebf1ede6a7a96b42fe909d024f0eee3e826ae0a59f66d
69285cbd31805a18acabadbf449646256d3fc1b160120c694d985ae23dca0cea
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
8108698abb75dd3ed15dfbd5aeb37988254212b274408ec86668d7f8d84d848f
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58
b66a5c41dda8640ef2fb42901bee5437dcdc746f018ab7bfa42fa6cfddc830f8
cacd215430aa66f1391abd136f23ddb729b3fe44c6385a43b62d7a9e8479ea03
f19aeb615472c877093fe373b0011ce3c251d4547b7e405a4eb7732b650bf045
f61a685049913e3becd1a93ec47f69f4191ed07b75c8baf2a371ebf6e9904e09