forms.cloud-dev.microsoft
Open in
urlscan Pro
2620:1ec:a92::193
Public Scan
Submission Tags: @phishunt_io
Submission: On November 03 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on November 3rd 2023. Valid for: a year.
This is the only time forms.cloud-dev.microsoft was scanned on urlscan.io!
urlscan.io Verdict: No classification
Live information
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 24 | 2620:1ec:a92:... 2620:1ec:a92::193 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2620:1ec:46::67 2620:1ec:46::67 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a02:26f0:310... 2a02:26f0:3100:78f::33e7 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 4 | 2603:1030:408... 2603:1030:408:5::9 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 2 | 13.107.5.86 13.107.5.86 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 2603:1026:300... 2603:1026:3000:108::8 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef | 15133 (EDGECAST) (EDGECAST) | |
13 | 52.168.112.67 52.168.112.67 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 2 | 2603:1026:300... 2603:1026:3000:c8::b | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a02:26f0:310... 2a02:26f0:3100:787::2b57 | () () | |
45 | 9 |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.cloud-dev.microsoft | |
forms.office-int.com | |
forms.microsoft-int.com |
ASN20940 (AKAMAI-ASN1, NL)
static2.sharepointonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office-int.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.windows-ppe.net |
ASN15133 (EDGECAST, US)
aadcdn.msftauth.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live-int.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
office-int.com
2 redirects
forms.office-int.com c.office-int.com |
467 KB |
14 |
microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 141 uhf.microsoft.com |
13 KB |
7 |
microsoft-int.com
3 redirects
forms.microsoft-int.com |
47 KB |
5 |
cloud-dev.microsoft
2 redirects
forms.cloud-dev.microsoft |
47 KB |
4 |
windows-ppe.net
login.windows-ppe.net — Cisco Umbrella Rank: 65685 |
15 KB |
2 |
live-int.com
2 redirects
login.live-int.com — Cisco Umbrella Rank: 233769 |
4 KB |
2 |
bing-int.com
2 redirects
c.bing-int.com |
1 KB |
2 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1535 |
156 KB |
1 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1018 |
48 KB |
1 |
sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 1790 |
36 KB |
45 | 10 |
Domain | Requested by | |
---|---|---|
13 | browser.events.data.microsoft.com |
js.monitor.azure.com
forms.office-int.com |
12 | forms.office-int.com |
forms.cloud-dev.microsoft
forms.office-int.com forms.microsoft-int.com |
7 | forms.microsoft-int.com |
3 redirects
forms.office-int.com
forms.microsoft-int.com |
5 | forms.cloud-dev.microsoft |
2 redirects
forms.cloud-dev.microsoft
|
4 | login.windows-ppe.net |
forms.office-int.com
aadcdn.msftauth.net |
4 | c.office-int.com |
2 redirects
forms.cloud-dev.microsoft
forms.microsoft-int.com |
2 | login.live-int.com | 2 redirects |
2 | c.bing-int.com | 2 redirects |
2 | js.monitor.azure.com |
forms.cloud-dev.microsoft
forms.microsoft-int.com |
1 | uhf.microsoft.com |
forms.office-int.com
|
1 | aadcdn.msftauth.net |
login.windows-ppe.net
|
1 | static2.sharepointonline.com |
forms.office-int.com
|
45 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.cloud-dev.microsoft Microsoft Azure RSA TLS Issuing CA 03 |
2023-11-03 - 2024-10-28 |
a year | crt.sh |
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 07 |
2023-09-20 - 2024-09-14 |
a year | crt.sh |
privatecdn.sharepointonline.com DigiCert SHA2 Secure Server CA |
2023-09-05 - 2024-09-05 |
a year | crt.sh |
graph.windows.net DigiCert SHA2 Secure Server CA |
2023-07-13 - 2024-07-13 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-01-31 - 2024-01-31 |
a year | crt.sh |
*.events.data.microsoft.com Microsoft Azure RSA TLS Issuing CA 04 |
2023-10-02 - 2024-09-26 |
a year | crt.sh |
unistore.www.microsoft.com Microsoft Azure ECC TLS Issuing CA 02 |
2023-09-08 - 2024-06-27 |
10 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://forms.cloud-dev.microsoft/
Frame ID: 1819712370C0862C921F9B3EA420C12F
Requests: 15 HTTP requests in this frame
Frame:
https://forms.cloud-dev.microsoft/pages/silentsignincomplete.aspx
Frame ID: 72DE1265E8AE3C1C1169168A2991EB3A
Requests: 5 HTTP requests in this frame
Frame:
https://forms.microsoft-int.com/
Frame ID: 98BAC2D8B3343F8ABFC83EAE517D07CC
Requests: 14 HTTP requests in this frame
Frame:
https://forms.microsoft-int.com/pages/silentsignincomplete.aspx
Frame ID: E9B56550B6239253561A2EF1ADA7C3CB
Requests: 2 HTTP requests in this frame
Frame:
https://forms.microsoft-int.com/Pages/SilentSignInComplete.aspx?fromAR=1
Frame ID: 2EAE28167E636651F3CD54D298E04E69
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://c.office-int.com/c.gif HTTP 302
- https://c.bing-int.com/c.gif?ctsa=mr&CtsSyncId=DF1DC681DFA2474BB79A0E222E7FBBAA&RedC=c.office-int.com&MXFR=25C6D74D4DE8692C0387C4F349E86032 HTTP 302
- https://c.office-int.com/c.gif?ctsa=mr&CtsSyncId=DF1DC681DFA2474BB79A0E222E7FBBAA&MUID=364F3985493B6942312B2A3B486C6845
- https://forms.cloud-dev.microsoft/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none HTTP 302
- https://login.windows-ppe.net/organizations/oauth2/v2.0/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&redirect_uri=https%3A%2F%2Fforms.cloud-dev.microsoft%2Flanding&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBZDJaR0d3QWNad2lvQXdndGFGaHFOa0FqZTBkaTd2ZWFPOEx4VDlfam83R1pTdTEzVnczal9DdWwxZFQ5UENpNDNHUzh2M0JEbHlXSlFhcjZnNk9hWXciLCJwcm9tcHQiOiJBWmdfUVJnV2tmb0xxdzMzeHRFXzN1YmZMZEd5cTliUVpRMHZRcmlLeWZaaDVEM0oxbHlKZkZwWXNWUHJ1aHBQa0labkFTYjRUSDljUVpoVWEzenYyWU0iLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCIsIi54c3JmIjoiQVVITzRNX01Xei1UZVNESTJrREphYnpqOE9tSVNPcXAyUEk0ZzRXbjhNdi16WG1PdnhSX29tM0tSV3VSak5Ccm5POUthVG1xN0YxZ1RQU3JJUEM0c3NkTTh2VVZWdE9IRzJPYXZDdzNWdzZMcUJnZDY1WlNhMmxhZWFBSmktejVQdyIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFmS0l6VjRLa0JPOFBPMmNhZ094Uk00Z1N2Tk1HQ19sWnZETl9pX19wMWhMVjRIRUd5TmRFRDhDQUtHRXZ2di1ZOHRIWnF5ZUF3YzF5Tlp0RDhWMk5MRzhDbk8wU3h6aXBOQjJFZllIeEk2UHBtR1ZRNEl0VHBxTl9Fd0hCa1QxR2cifX0&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638346090457512603.ODdmOGMwYzctYWIwMC00YmE1LTk5MDItNjhmNWRiNWY1NjA0N2QxMTQ3ZGEtMzAwOC00M2I0LTlmN2QtODlkNGMzNzE0YWEz&msafed=0&prompt=none&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0
- https://forms.cloud-dev.microsoft/landing HTTP 302
- https://forms.cloud-dev.microsoft/pages/silentsignincomplete.aspx
- https://login.live-int.com/login.srf?wa=wsignin1.0&rpsnv=55&ct=1699012245&rver=7.5.2146.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.cloud-dev.microsoft%2FrpsLanding%3FRpsAuthState%3DTod93cFPl4XqshhFu-f1D1llbON6kW9NGTRBw4_EyOw1kaqe8NBGcGrPKkrJsLDvhtQlCxFTt47bch6M1-qRMi3hS5e4ZbKyJAExhguj2txxfv8roUYe0zz0U7af2Pl8mbX4pnn6pnDuubAqcBMHuDJn2BiMv1TI9O56HXn_Nrj3GdAPsvhoNI2aCqqG1HrusqRW0gGjVSvCmQ4bdrguyMPWBUvblb1x8h_MCwPfy5G86wmiE1LGabekNwA_WIBA3alF2BRCTR_0w-oTzcNhZ4C-IJ1A0J2POw4J2Paj9ayrtlEKtnvFb9egcPJntlOyzzjhPJsbgklb4t3WkMIMU_7kT2pwNXI4vvFY8IhnysA&id=297246&checkda=1 HTTP 302
- https://forms.microsoft-int.com/
- https://c.office-int.com/c.gif HTTP 302
- https://c.bing-int.com/c.gif?ctsa=mr&CtsSyncId=C375967A9F8145AF9390DBDD74E6F088&RedC=c.office-int.com&MXFR=3BC8C505559E63C9341DD6BB519E6A67 HTTP 302
- https://c.office-int.com/c.gif?ctsa=mr&CtsSyncId=C375967A9F8145AF9390DBDD74E6F088&MUID=364F3985493B6942312B2A3B486C6845
- https://forms.microsoft-int.com/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none HTTP 302
- https://login.windows-ppe.net/organizations/oauth2/v2.0/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&redirect_uri=https%3A%2F%2Fforms.microsoft-int.com%2Flanding&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYWFqdUlTVXVtT1BmVUlKaXFyX1RfbVU2bW5zUkwyRjdCa2R2M0Z4bFZ6TFB2Q3ZzRVVKdmlLbnpSaHVLbW85YVZXamVnNDRXMmdsSThtWWdta0VUQ3ciLCJwcm9tcHQiOiJBVTZhUzNpTW9yT0tMWHhlWVVnVGU4QU45RFpvUUtWdXh0elFxMUxzdEpWTVZFdEZET19hNFB0ak01OE01RUxOM2RFbFd0bHZZeWhTdjRpeU50RFBqbjQiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCIsIi54c3JmIjoiQVV6Zk9EcVA4Yy14MGYwVmgxS2NTVGxYWG4tWjRHLXVtSmZXQnNlc3daTVJHWk4ydXhtLXNwbThjWXN0a1FKb3hDdjJqd2ZuNzRrbnRtVUxteUljMnhmRWp2UFVIRVdVejZCWXBCRmVKb3VhZy0wYU14bUIwVURVNmYwVkdUUGh6QSIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFSYl9EZWdMbEc3M3g1bVFVWHlOQy1razRqOGxObU45aXRlMDBEekpFMjNJbDdKVHozQzdQa3JsaEpEMzJYZ21LNlhQZUc4d2lFZE5WSFFUQ3FZYjJtMVBiSVRNMjFpRVZ2cTRnSFBoT1V1cktldFhmMDctV2llaE9RZnN2THFtQWcifX0&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638346090474767029.ZmQxZWI2NzAtN2VlZi00MmEwLWE4ZDctNjFjNmNhYmNmNDQ4ZTU2ZjgyMDUtM2NlOC00YjZiLWIzYjItMjU0MjI4M2EyMWYy&msafed=0&prompt=none&x-client-SKU=ID_NET6_0&x-client-ver=6.30.1.0
- https://forms.microsoft-int.com/landing HTTP 302
- https://forms.microsoft-int.com/pages/silentsignincomplete.aspx
- https://login.live-int.com/login.srf?wa=wsignin1.0&rpsnv=55&ct=1699012247&rver=7.5.2146.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.microsoft-int.com%2FrpsLanding%3FRpsAuthState%3DqNld0ZdzuqaSj_kOM32vx-JNsI4gm_UDAGy7A3YFCB2NNzhS5ojdxmlYbB8fbJZ5yB9iLmkHF3X-nSj0jBZDrkoeOF0KRnp1AOVMEqpzWsUCmhj_dwZepEkZti9YYnd7FNKZKY8BVWWFD6MoZ9xYcUgQmbDv-23EUcjVV29goqb_Cf1uzWDq0qh4rFU06XR0e0N6h8sPyhD1gRDGs_Hz6PfLzYQ39nndsXqVBBKuMnkBDk2phKI5ngKUkfKtSvxWeXC3sMiERghGn8lyszuTg7Cfzggr-SA9vLfgwTgwHKlFKMjmSvlND7Mpa_NZJSgss7el55E2nnnhPPYMKgrRSMIoXS6yKTgyEJjFiC7LXr0&id=297246&checkda=1 HTTP 302
- https://forms.microsoft-int.com/rpsLanding?RpsAuthState=qNld0ZdzuqaSj_kOM32vx-JNsI4gm_UDAGy7A3YFCB2NNzhS5ojdxmlYbB8fbJZ5yB9iLmkHF3X-nSj0jBZDrkoeOF0KRnp1AOVMEqpzWsUCmhj_dwZepEkZti9YYnd7FNKZKY8BVWWFD6MoZ9xYcUgQmbDv-23EUcjVV29goqb_Cf1uzWDq0qh4rFU06XR0e0N6h8sPyhD1gRDGs_Hz6PfLzYQ39nndsXqVBBKuMnkBDk2phKI5ngKUkfKtSvxWeXC3sMiERghGn8lyszuTg7Cfzggr-SA9vLfgwTgwHKlFKMjmSvlND7Mpa_NZJSgss7el55E2nnnhPPYMKgrRSMIoXS6yKTgyEJjFiC7LXr0 HTTP 302
- https://forms.microsoft-int.com/Pages/SilentSignInComplete.aspx?fromAR=1
45 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
forms.cloud-dev.microsoft/ |
34 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-page.min.5112b27.css
forms.office-int.com/cdn/css/dist/ |
364 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
basics_osi_v3_m1_j3.min.6aa1f3d.js
forms.office-int.com/cdn/scripts/vendors/combinedmin/ |
235 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aria_odata_v2.min.29dbe8c.js
forms.office-int.com/cdn/scripts/vendors/combinedmin/ |
125 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-page.min.6dba519.js
forms.office-int.com/cdn/scripts/dists/ |
147 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ |
181 KB 78 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ |
35 KB 36 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-page.chunk.1ds.aad247c.js
forms.office-int.com/cdn/scripts/dists/ |
104 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-page.chunk.utel.aa5a050.js
forms.office-int.com/cdn/scripts/dists/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office-int.com/ Redirect Chain
|
42 B 198 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.windows-ppe.net/organizations/oauth2/v2.0/ Frame 72DE Redirect Chain
|
21 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_PukjvzWvVsvIJFh4xJhtXA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ Frame 72DE |
136 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
reportbssotelemetry
login.windows-ppe.net/common/instrumentation/ Frame 72DE |
265 B 900 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.windows-ppe.net/organizations/oauth2/v2.0/ Frame 72DE |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
silentsignincomplete.aspx
forms.cloud-dev.microsoft/pages/ Frame 72DE Redirect Chain
|
7 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
57 B 356 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
forms.microsoft-int.com/ Frame 98BA Redirect Chain
|
34 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telemetry-worker.1.js
forms.cloud-dev.microsoft/cdn/scripts/dists/ |
94 KB 32 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-page.min.5112b27.css
forms.office-int.com/cdn/css/dist/ Frame 98BA |
364 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
basics_osi_v3_m1_j3.min.6aa1f3d.js
forms.office-int.com/cdn/scripts/vendors/combinedmin/ Frame 98BA |
235 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aria_odata_v2.min.29dbe8c.js
forms.office-int.com/cdn/scripts/vendors/combinedmin/ Frame 98BA |
125 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-page.min.6dba519.js
forms.office-int.com/cdn/scripts/dists/ Frame 98BA |
147 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ Frame 98BA |
181 KB 78 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-page.chunk.1ds.aad247c.js
forms.office-int.com/cdn/scripts/dists/ Frame 98BA |
104 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c.office-int.com/ Frame 98BA Redirect Chain
|
42 B 144 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-page.chunk.utel.aa5a050.js
forms.office-int.com/cdn/scripts/dists/ Frame 98BA |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.windows-ppe.net/organizations/oauth2/v2.0/ Frame E9B5 Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
silentsignincomplete.aspx
forms.microsoft-int.com/pages/ Frame E9B5 Redirect Chain
|
7 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
57 B 120 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SilentSignInComplete.aspx
forms.microsoft-int.com/Pages/ Frame 2EAE Redirect Chain
|
7 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telemetry-worker.1.js
forms.microsoft-int.com/cdn/scripts/dists/ Frame 98BA |
94 KB 32 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 98BA |
153 B 577 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
153 B 220 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ |
57 B 120 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OfficeForms
uhf.microsoft.com/en-US/shell/xml/ Frame 98BA |
74 KB 12 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ls-opt.de.89055e642.js
forms.office-int.com/cdn/scripts/dists/ Frame 98BA |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 98BA |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- forms.office-int.com
- URL
- https://forms.office-int.com/cdn/scripts/dists/ls-opt.de.89055e642.js
- Domain
- browser.events.data.microsoft.com
- URL
- https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Verdicts & Comments Add Verdict or Comment
55 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| documentPictureInPicture function| reloadNoCdn object| OfficeFormServerInfo object| NavKeyPoints function| $ function| jQuery function| _ object| React object| ReactDOM function| init object| datas object| modules function| require object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ object| odatajs function| DomStore function| IndexedDBStore function| MemoryStore object| webpackChunk function| getChunkPath function| replaceChunkSrc object| Forms object| FormsPro function| formsModuleResolveErrorCallback function| formsDetectUserLoggedInCallback function| jsllloaded object| oneDS3 object| oneDS object| __dynProto$Gbl object| awa25 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
forms.cloud-dev.microsoft/ | Name: FormsWebSessionId Value: ef11dc76-454f-4d2e-ae9d-ab6c9408828d |
|
forms.cloud-dev.microsoft/ | Name: RpsAuthNonce Value: 23b9fca4-a345-445b-9c61-7001540f5d36 |
|
.forms.cloud-dev.microsoft/ | Name: RpsAuthNonce Value: 23b9fca4-a345-445b-9c61-7001540f5d36 |
|
forms.cloud-dev.microsoft/ | Name: ai_session Value: VJ1pqzUIaCL+TfGhhs4vDU|1699012245518|1699012245518 |
|
forms.cloud-dev.microsoft/ | Name: .AspNetCore.OpenIdConnect.Nonce.AYLMbPhPO9QpvRT7lZFxPAl06XWXUSWqQJT5JzljMMNmlI1eoXvW7tE4eyuU7hCYF3hmlPX_pSNItFeytSxqBGl0lGyPk6XkZZKiphj2ZQ2wOnMlIXfavjrOAR_jltF5uTPclUXB144IfK0sHnlEckuR6UWFYtZzew4x66kzMl7GuwBgcOjqD-NZTaYwR4IpTb_dM1DSsJnOPEyK-Pmx4UZEapILROYHSOFbk7MleHSC Value: N |
|
login.windows-ppe.net/ | Name: stsservicecookie Value: estsppe |
|
.login.windows-ppe.net/ | Name: AADSSO Value: NA|NoExtension |
|
login.windows-ppe.net/ | Name: SSOCOOKIEPULLED Value: 1 |
|
.bing-int.com/ | Name: MUID Value: 364F3985493B6942312B2A3B486C6845 |
|
.c.bing-int.com/ | Name: MR Value: 0 |
|
.c.bing-int.com/ | Name: SRM_B Value: 364F3985493B6942312B2A3B486C6845 |
|
.login.windows-ppe.net/ | Name: esctx Value: PAQABAAEAAADyI8mat0SKT5axBilfIkCS6eCBiy8W488KlBY-Ayxm3fFzEYqjyTLyDl-DBCJrS-4hqJXj7ZkL77KzD6OLzvU9PgwuLabTf-GQGd0rUXh29CA8nC7egkNcg3OsjQ52AGnJOxU4kKMfd520wSL1hKKOU9AEWdeQULcgD2erAXB-1J-AxJJh6DwRVSd2pEev9ZMgAA |
|
forms.microsoft-int.com/ | Name: FormsWebSessionId Value: d2111bb6-b22d-4576-bc35-60b92d3967e7 |
|
.forms.microsoft-int.com/ | Name: RpsAuthNonce Value: ff60238d-164a-41b3-8d71-863f1315cdc4 |
|
forms.microsoft-int.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: 1bfc72ff-d6c5-40ae-8903-437ef6ef3fde |
|
forms.microsoft-int.com/ | Name: ai_session Value: /Sy9sxX6FEAgNvopxAEJTe|1699012247439|1699012247439 |
|
forms.microsoft-int.com/ | Name: .AspNetCore.OpenIdConnect.Nonce.AVWwqpyPZ5KAOxFlzAvtP5PrrlvmErFrDpqh2q9QQilVX310Qswu1NU8cZXvbvqoMZPd-aPQ1qbnkJ8SllhULGoJL3wLXS6il8ADEWzIDlqBzI4dFcfnbhdUObN0J_Q64tWMrxgV5zEq6hinl6VIm3HGCLPPyN1puu5-tXcbJO8uTlyi5l31p4N88qw_WhNYhxe0LOhAgtc8DR7_EMz7Pl4m1qgbkA2rmvF2bNLONpvN Value: N |
|
login.windows-ppe.net/ | Name: buid Value: 0.AAEAkkOK6l5RH0iHnmVx_yqKNtJZpcmrehNPpu3n6cUq7IcBAAA.AQABAAEAAADyI8mat0SKT5axBilfIkCSsjQfVDqlkIbvrX3QdqZXhA1zIY8c790H_NBmzrxMKojdf2gFFRRa3LxIvDfcCUHrLH26f7NsMYf1L5hM6Dlczr4lJhk0utwDerEjOfPUGv0gAA |
|
login.windows-ppe.net/ | Name: fpc Value: AjA0VDEf_B5Lt0-lEMfYGXy3w3mAAgAAAJXV1twOAAAA |
|
.login.live-int.com/ | Name: uaid Value: 7b4aac07d0b04fc59d24f5ac196bba04 |
|
.login.live-int.com/ | Name: MSPRequ Value: id=297246<=1699012248&co=2 |
|
.login.live-int.com/ | Name: OParams Value: 11O.CVdVY3R3mKBkSxxWqgD7WouEcZf!IzsGWmb6*HO!2xjeg0W79cWCR48BMYF79zCmGrDsfuhombB25xdJubx0Uk4uqTUL2u1qU1A7IfXHHeapAGOeAoUMs2iqq3GQcfviBe8EbkePEnNKAE84qTHkdTES0Y35I3fJKMdhATIR2voavkZyntRrxGlK9GxVx5dCdylJr6YV0yIfnJNV61T2JesIEXmXgZ8YfPinBdfK2Rc*imMtGvqmj!mAcHmNDnP8u05YrkTCbCfyQjJi4*SoAUVQd2MhlUAt1oP2rY9AXg29nxXa3MITkBBmbYgLDIwQc89dSXq2OJQ0LZjFATyQ1T01dqDT3hvVgor9SMJTtnm7AkhuAZkKJ9!*A8oXhpqoHJ!QQXtgx2oFHCx*1Na4McDqgazwDpRFB8K*9tUjH1dlvdEA7VF1ks34!46S3*HXbZGNSS9U59yquL3rK6mIzERxndOtG4JPH*HbzVjiirSJtZlYgW182Zltw!5PkXpwTkdPfx7EiTcluFmZvZoC7zKlt*N3aGSHny6K8afuEh9215l1UPMEHkK!ewTabkj7EeUNqSDYmLfd8NB7P2mYHfLPrqdCUH9*qceVvSphYLvbdUoSSOg8OTl8vtmmEmv!2QNzMqAZkA0xuVh6oqkelvx01rT0gP*6PkSq1!JHvWuMwCjW8zElE8rO4xBubLnm89R3PSRHHuTdnHPb!TXUz3XZCM4ycFJQ*3gL!RQ6ruos90DMRxxSGAkAoiWwQSWusGYuWegPmHL28FjN!RhxB6du5OeDf1HE5n8CLFGNT0rueSM9AwA*BSW1Y0Qhn5O2RfVGgfyZyma3sE4!WXCBDkuV6bj!aac9Poqk2UCC!7o5a0ayGH1CEPD4yrTSJUcMGiXvam3cIRuj79crqZboHytlfX9Npfq7uQZ9wO0KrJU39GsaqCbRPiCBTkBE6NC9Pgup0Cwln7TvM*SdeZevpa9p4emxHGc0pviPOMy1v63KJ1M6GK545q4MxaUBPxqVuwBZPV!xQ8CEdxHb2*EFihHZ5xjhFweu7FL8kj*qhTpXv3DtEoogO4z6euAzZJ432bcvnvQgQd9mR*F2!crKhdPQGAj*aRm!pHUT6UWSNWamtLSJWx0wLN0P1Gyv3yJ4YQ$$ |
|
.microsoft.com/ | Name: MC1 Value: GUID=d6d7e99c61a24dcd933cf57a5249f938&HASH=d6d7&LV=202311&V=4&LU=1699012248581 |
|
.microsoft.com/ | Name: MS0 Value: aeb46713e7c34ed487ce4de7fb821fcd |
|
forms.microsoft-int.com/ | Name: MSFPC Value: GUID=d6d7e99c61a24dcd933cf57a5249f938&HASH=d6d7&LV=202311&V=4&LU=1699012248581 |
451 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=2592000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
browser.events.data.microsoft.com
c.bing-int.com
c.office-int.com
forms.cloud-dev.microsoft
forms.microsoft-int.com
forms.office-int.com
js.monitor.azure.com
login.live-int.com
login.windows-ppe.net
static2.sharepointonline.com
uhf.microsoft.com
browser.events.data.microsoft.com
forms.office-int.com
13.107.5.86
2603:1026:3000:108::8
2603:1026:3000:c8::b
2603:1030:408:5::9
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2620:1ec:46::67
2620:1ec:a92::193
2a02:26f0:3100:787::2b57
2a02:26f0:3100:78f::33e7
52.168.112.67
007f9575d3d35f0c78a1de1293fdd9af540dd8de44a9fcca658336e0d1e73ea7
1016d0b9bf41f4fcefa7e9b7de510107def3e64bbeaa39aac00f7b164f642ba9
192c0e577ba7eeb7f765bbdafa981882e7f6c61c7a9fe9817cebba8e432a2765
3361cf4e717a61fc5585888dde633c68db8b6b3246e055f957262fdfdfb96fec
3e7bb3d077479ae124e0b5c825a95b4e21c22da6136318f61103563cea6e026c
46f0832771854ba3a2207232caaac9ea69d9b1beaccd9c851e7ffaf5630ef398
4fd49fa4ebbf5857da0fb35bef378c078c1b78df2a09f3b0e4051f480ae8e380
55979f5edc38c42e91c946fb42ea219205eef942273893478a0bd0cb90b95f8b
5fcb4c5b39ad8757370ad118e232506164d0943cda5e9c181d3e8bcd2b048c4b
615e9d49564f496d401cd691f248fd34a32f736f0cb9493a6450bfa8abee747b
67dd96644fcce9cc703ebf1ede6a7a96b42fe909d024f0eee3e826ae0a59f66d
7b4cb59a6bdf9e662616c4170bb9f4a3ebe94cf202d3329d08abb8205297b074
7c56fe3322866248ff394d6f2860817167f0d6252c58e84ff53586c6e4a33929
85ed8f512f9c9a0d23eed31481d4df9b66538a0b93930db40ebcbe6d2122ff3b
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0d16d925e0a818272ef0c4e3ec2009e6d10f2d7cea42f71c37a6f8733c79978
b66a5c41dda8640ef2fb42901bee5437dcdc746f018ab7bfa42fa6cfddc830f8
c18b233fd81c415701695fe1a2ca5fd4b84df60b87f3d5e026fd83f482d6e62e
e692332d66fc6bb6e5796e90b9ef6f2baf5b89886b3d07d98d2127e8fc1f64b2
ed20090ab9eac537cd83a784f70dd61f1ea14da013e0e9c38174bfc691353304