urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fAdminPhishingReviewPage.aspx%3fid%3dxcyBez...
Submission: On July 23 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 6 countries across 9 domains to perform 28 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 5542.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 6 2620:1ec:a92:... 8068 (MICROSOFT...)
4 2.21.74.98 20940 (AKAMAI-ASN1)
1 2620:1ec:40::45 8075 (MICROSOFT...)
1 96.16.146.233 16625 (AKAMAI-AS)
1 1 20.190.159.68 8075 (MICROSOFT...)
2 40.126.32.140 8075 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 20.190.159.64 8075 (MICROSOFT...)
5 20.108.14.61 8075 (MICROSOFT...)
5 20.42.73.24 8075 (MICROSOFT...)
6 104.92.83.244 16625 (AKAMAI-AS)
28 9
6    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
4    2.21.74.98 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-74-98.deploy.static.akamaitechnologies.com
cdn.forms.office.net
1    2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
1    96.16.146.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-146-233.deploy.static.akamaitechnologies.com
static2.sharepointonline.com
1    20.190.159.68 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.windows.net
2    40.126.32.140 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    20.190.159.64 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
5    20.108.14.61 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
odc.officeapps.live.com
5    20.42.73.24 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
6    104.92.83.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-83-244.deploy.static.akamaitechnologies.com
cdn.odc.officeapps.live.com
Apex Domain
Subdomains		 Transfer
12 live.com
login.live.com — Cisco Umbrella Rank: 71
odc.officeapps.live.com — Cisco Umbrella Rank: 176
cdn.odc.officeapps.live.com — Cisco Umbrella Rank: 1437
98 KB
8 office.com
forms.office.com — Cisco Umbrella Rank: 5542
c.office.com — Cisco Umbrella Rank: 23644
14 KB
5 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 198
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 103
2 KB
4 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 9710
167 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 23
58 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 192
663 B
1 windows.net
login.windows.net — Cisco Umbrella Rank: 306
1 KB
1 sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 2200
36 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 2216
60 KB
28 9
Domain Requested by
6 cdn.odc.officeapps.live.com odc.officeapps.live.com
6 forms.office.com 3 redirects cdn.forms.office.net
5 odc.officeapps.live.com cdn.forms.office.net
odc.officeapps.live.com
4 browser.events.data.microsoft.com js.monitor.azure.com
4 cdn.forms.office.net forms.office.com
2 c.office.com 1 redirects forms.office.com
2 login.microsoftonline.com cdn.forms.office.net
login.microsoftonline.com
1 browser.pipe.aria.microsoft.com cdn.forms.office.net
1 login.live.com 1 redirects
1 c.bing.com 1 redirects
1 login.windows.net 1 redirects
1 static2.sharepointonline.com cdn.forms.office.net
1 js.monitor.azure.com forms.office.com
28 13

This site contains no links.

Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2022-07-20 -
2023-07-15		 a year crt.sh
cdn.forms.office.net
Microsoft RSA TLS CA 01		 2021-10-12 -
2022-10-12		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06		 2022-06-26 -
2023-06-21		 a year crt.sh
*.sharepointonline.com
Microsoft RSA TLS CA 01		 2022-04-26 -
2023-04-26		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-05-25 -
2023-05-25		 a year crt.sh
odc.officeapps.live.com
Microsoft RSA TLS CA 01		 2021-11-17 -
2022-11-17		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 01		 2022-05-21 -
2023-05-16		 a year crt.sh
cdn.odc.officeapps.live.com
Microsoft RSA TLS CA 01		 2021-12-15 -
2022-12-15		 a year crt.sh

This page contains 4 frames:

Primary Page: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fAdminPhishingReviewPage.aspx%3fid%3dxcyBezW6-EuFT0n5wC0_sTAVEGLeguZIoGBrJ1jqNotUM09ITjNQRUFYM084Qk1LMTlLS1M0WkpONS4u%26source%3dUnifiedAlertPage
Frame ID: 284D8A5E35D89816B21C87AFC69533F6
Requests: 11 HTTP requests in this frame

Frame: https://forms.office.com/pages/silentsignincomplete.aspx
Frame ID: 5C0C9E0477B6B26440C529545FCDF6A9
Requests: 3 HTTP requests in this frame

Frame: https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
Frame ID: F48167CA51EBDEC2903102CB1A1A3EDE
Requests: 1 HTTP requests in this frame

Frame: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Frame ID: 1BE7803D0FD9423A536C98040A651CF8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft Forms - Erstellen Sie ganz einfach Umfragen, Quizze und Abstimmungen.

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

96 %
HTTPS

25 %
IPv6

9
Domains

13
Subdomains

9
IPs

6
Countries

431 kB
Transfer

1507 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none HTTP 302
  • https://login.windows.net/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBVXE4MTEzU3AwY0puX3g5TkZxMEFpdUc1Tm5feUpCM0lLaVJFZmFvVTFlUExwVnZGbm9qb3Bqb2Jja3F5Q3RVZzZleW82S0lkaFZ0TS1jQ1h0NFpYOFUiLCJwcm9tcHQiOiJBVk5rRTZNNzl1RHdSWks1NGVKVC1SUk41cmozRGQ3d0lWMks2enMtNDVyaGUyUnR3eUEzZ1U5YU12cW1WMVE1NXo0ejNsVVdpZGxNRDFGNlFnUUkxd3MiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637941796616860739.YjhiZjU0Y2MtZTQzNy00MWQwLWI2NWYtOWNkOGZiNGE2YTljNzI3ZTFiOGUtNDFmZC00OGZkLTk1ZjEtYjEwZmUxNTk4N2M1&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0 HTTP 302
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBVXE4MTEzU3AwY0puX3g5TkZxMEFpdUc1Tm5feUpCM0lLaVJFZmFvVTFlUExwVnZGbm9qb3Bqb2Jja3F5Q3RVZzZleW82S0lkaFZ0TS1jQ1h0NFpYOFUiLCJwcm9tcHQiOiJBVk5rRTZNNzl1RHdSWks1NGVKVC1SUk41cmozRGQ3d0lWMks2enMtNDVyaGUyUnR3eUEzZ1U5YU12cW1WMVE1NXo0ejNsVVdpZGxNRDFGNlFnUUkxd3MiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637941796616860739.YjhiZjU0Y2MtZTQzNy00MWQwLWI2NWYtOWNkOGZiNGE2YTljNzI3ZTFiOGUtNDFmZC00OGZkLTk1ZjEtYjEwZmUxNTk4N2M1&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0
Request Chain 7
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=2199C71E9FC245238BCA6A732A388A29&RedC=c.office.com&MXFR=1C9449DCF1F16A00070C5836F5F161DE HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=2199C71E9FC245238BCA6A732A388A29&MUID=1C9449DCF1F16A00070C5836F5F161DE
Request Chain 9
  • https://forms.office.com/landing HTTP 302
  • https://forms.office.com/pages/silentsignincomplete.aspx
Request Chain 10
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1658582861&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.office.com%2FrpsLanding%3FRpsAuthState%3DR_wtPDF6ZIV7fzlE9Myh5qz4n3A9bTc6A8JpjlqvJyNBy7EZ-a786tzb8pSHuOugxlOQchdInpnBy7T-dnbXr_alrXF4JymsII5ax2goe8AsLF0Y5O-rUIusrw8p619Z-tCzCPr06pfsL31lUvZslzzVDsd6vgXOttB-neZ5AcWPR0kqQMVL-JZ57NdiK7WBCXXS4E4LIybdkSnxAKo411XikwV1GLr3J83vN-Y2_DdH6yoy3jTFnjDjrUecSb3ZTsOloXF8xyv-vQUYLxWiX6NDcVlNkEPFs6mFpl1N7bvIMoFDTrMuo1jcRBomEzOBWQeN4OSDQozNiKc5zPJ405p1JOmYId7KbT8payVniAA&id=295313&checkda=1 HTTP 302
  • https://forms.office.com/rpsLanding?RpsAuthState=R_wtPDF6ZIV7fzlE9Myh5qz4n3A9bTc6A8JpjlqvJyNBy7EZ-a786tzb8pSHuOugxlOQchdInpnBy7T-dnbXr_alrXF4JymsII5ax2goe8AsLF0Y5O-rUIusrw8p619Z-tCzCPr06pfsL31lUvZslzzVDsd6vgXOttB-neZ5AcWPR0kqQMVL-JZ57NdiK7WBCXXS4E4LIybdkSnxAKo411XikwV1GLr3J83vN-Y2_DdH6yoy3jTFnjDjrUecSb3ZTsOloXF8xyv-vQUYLxWiX6NDcVlNkEPFs6mFpl1N7bvIMoFDTrMuo1jcRBomEzOBWQeN4OSDQozNiKc5zPJ405p1JOmYId7KbT8payVniAA HTTP 302
  • https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
forms.office.com/ 		31 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fAdminPhishingReviewPage.aspx%3fid%3dxcyBezW6-EuFT0n5wC0_sTAVEGLeguZIoGBrJ1jqNotUM09ITjNQRUFYM084Qk1LMTlLS1M0WkpONS4u%26source%3dUnifiedAlertPage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
39fdcd0f2f953790c19b348fb9d5c61997d8566177f39d9f83bd26ddaa037fcf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
10320
content-type
text/html; charset=utf-8
date
Sat, 23 Jul 2022 13:27:41 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
6d81ea26-2c3d-4cd7-88c0-9a1503d4c4b0
x-failurereason
Unknown
x-msedge-ref
Ref A: 5147A1F4C0F845DD9B2287C7CA54EB9F Ref B: AM3EDGE0422 Ref C: 2022-07-23T13:27:41Z
x-officecluster
neu-101.forms.office.com
x-officefe
FormsSingleBox_IN_8
x-officeversion
16.0.15518.36680
x-routingcorrelationid
6d81ea26-2c3d-4cd7-88c0-9a1503d4c4b0
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_8
x-routingofficeversion
16.0.15518.36680
x-routingsessionid
38e77379-05ef-4cb8-93b8-8813d44aeb73
x-usersessionid
38e77379-05ef-4cb8-93b8-8813d44aeb73
default-page.min.af4013b.css
cdn.forms.office.net/forms/css/dist/ 		365 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/default-page.min.af4013b.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fAdminPhishingReviewPage.aspx%3fid%3dxcyBezW6-EuFT0n5wC0_sTAVEGLeguZIoGBrJ1jqNotUM09ITjNQRUFYM084Qk1LMTlLS1M0WkpONS4u%26source%3dUnifiedAlertPage
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c5b2fb0d6e24fbf50511174f8e96904e998d1bf67db00f78997dc35baca6d326

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 23 Jul 2022 13:27:41 GMT
content-encoding
br
content-md5
SDhSHN3P3vHZhz2k0hxDRg==
content-length
30518
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 04:46:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1B763D3B1D9F
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
408fe068-a01e-0022-1571-4dc7cf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sun, 23 Jul 2023 13:27:41 GMT
basics_osi_v3_m1_j3.min.6aa1f3d.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fAdminPhishingReviewPage.aspx%3fid%3dxcyBezW6-EuFT0n5wC0_sTAVEGLeguZIoGBrJ1jqNotUM09ITjNQRUFYM084Qk1LMTlLS1M0WkpONS4u%26source%3dUnifiedAlertPage
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
67dd96644fcce9cc703ebf1ede6a7a96b42fe909d024f0eee3e826ae0a59f66d

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 23 Jul 2022 13:27:41 GMT
content-encoding
br
content-md5
BdEW2V1tMY+QN8kblaXAYw==
content-length
70611
x-ms-lease-status
unlocked
last-modified
Mon, 07 Feb 2022 12:55:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9EA3914E31705
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a9b66571-d01e-0069-02b3-1cf655000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sun, 23 Jul 2023 13:27:41 GMT
aria_odata_v2.min.29dbe8c.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ 		125 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/aria_odata_v2.min.29dbe8c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fAdminPhishingReviewPage.aspx%3fid%3dxcyBezW6-EuFT0n5wC0_sTAVEGLeguZIoGBrJ1jqNotUM09ITjNQRUFYM084Qk1LMTlLS1M0WkpONS4u%26source%3dUnifiedAlertPage
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b66a5c41dda8640ef2fb42901bee5437dcdc746f018ab7bfa42fa6cfddc830f8

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 23 Jul 2022 13:27:41 GMT
content-encoding
br
content-md5
zL0YTaz76DBx0JM11lOSgA==
content-length
32555
x-ms-lease-status
unlocked
last-modified
Tue, 22 Mar 2022 04:36:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA0BBD8141A9FA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
698fe1fc-201e-0011-4bb1-3d9ee2000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sun, 23 Jul 2023 13:27:41 GMT
default-page.min.8161c8b.js
cdn.forms.office.net/forms/scripts/dists/ 		123 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/default-page.min.8161c8b.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fAdminPhishingReviewPage.aspx%3fid%3dxcyBezW6-EuFT0n5wC0_sTAVEGLeguZIoGBrJ1jqNotUM09ITjNQRUFYM084Qk1LMTlLS1M0WkpONS4u%26source%3dUnifiedAlertPage
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.98 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f06660d07d33d602d945eeda28bbaf7ceb330d9915fa4a5abef2ae58ef05c397

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 23 Jul 2022 13:27:41 GMT
content-encoding
br
content-md5
Uq06yLQ9TIyVgPhlGDMGuA==
content-length
35544
x-ms-lease-status
unlocked
last-modified
Tue, 19 Jul 2022 04:17:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA693D88B7274A
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
baba6ac6-b01e-0014-5a0c-9c6a9d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sun, 23 Jul 2023 13:27:41 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		176 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fAdminPhishingReviewPage.aspx%3fid%3dxcyBezW6-EuFT0n5wC0_sTAVEGLeguZIoGBrJ1jqNotUM09ITjNQRUFYM084Qk1LMTlLS1M0WkpONS4u%26source%3dUnifiedAlertPage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ce6c321ac0f0e6949acf1512249c849b988530d2299382cada607c9d6e974fbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 13:27:40 GMT
content-encoding
br
x-azure-ref-originshield
0N/fbYgAAAACUHICOyPyMTqhKhLpUnYVTRlJBMjMxMDUwNDE3MDI3AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
8cjYWA3pfYIIPe71xl1IYA==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.2.4
last-modified
Mon, 18 Jul 2022 17:50:10 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.4.min.js
etag
0x8DA68E5F5E1E310
x-azure-ref
0TffbYgAAAAA4/piefsAqSb9caQw6D2JdRlJBMjMxMDUwNDE5MDE5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9cc7cf64-501e-0058-1196-9e302a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/css/dist/default-page.min.af4013b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.146.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-146-233.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer
https://cdn.forms.office.net/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 23 Jul 2022 13:27:41 GMT
last-modified
Thu, 02 Nov 2017 17:22:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D522163B704E10
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
6314dbd6-e01e-0044-7879-430c12000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=21297881
x-ms-version
2009-09-19
content-length
36344
authorize
login.microsoftonline.com/common/oauth2/ Frame 5C0C
Redirect Chain
  • https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none
  • https://login.windows.net/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&s...
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20p...
151 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBVXE4MTEzU3AwY0puX3g5TkZxMEFpdUc1Tm5feUpCM0lLaVJFZmFvVTFlUExwVnZGbm9qb3Bqb2Jja3F5Q3RVZzZleW82S0lkaFZ0TS1jQ1h0NFpYOFUiLCJwcm9tcHQiOiJBVk5rRTZNNzl1RHdSWks1NGVKVC1SUk41cmozRGQ3d0lWMks2enMtNDVyaGUyUnR3eUEzZ1U5YU12cW1WMVE1NXo0ejNsVVdpZGxNRDFGNlFnUUkxd3MiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637941796616860739.YjhiZjU0Y2MtZTQzNy00MWQwLWI2NWYtOWNkOGZiNGE2YTljNzI3ZTFiOGUtNDFmZC00OGZkLTk1ZjEtYjEwZmUxNTk4N2M1&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.140 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15d790c31969b15e91b084b4867d1ad8c597cc5d11ab8ff8b4d10477d4725196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55120
Content-Type
text/html; charset=utf-8
Date
Sat, 23 Jul 2022 13:27:41 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.13315.8 - WEULR2 ProdSlices
x-ms-request-id
00f0becc-738a-4f33-980f-4ccf9e040a00

Redirect headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
770
Content-Type
text/html; charset=utf-8
Date
Sat, 23 Jul 2022 13:27:41 GMT
Location
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBVXE4MTEzU3AwY0puX3g5TkZxMEFpdUc1Tm5feUpCM0lLaVJFZmFvVTFlUExwVnZGbm9qb3Bqb2Jja3F5Q3RVZzZleW82S0lkaFZ0TS1jQ1h0NFpYOFUiLCJwcm9tcHQiOiJBVk5rRTZNNzl1RHdSWks1NGVKVC1SUk41cmozRGQ3d0lWMks2enMtNDVyaGUyUnR3eUEzZ1U5YU12cW1WMVE1NXo0ejNsVVdpZGxNRDFGNlFnUUkxd3MiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637941796616860739.YjhiZjU0Y2MtZTQzNy00MWQwLWI2NWYtOWNkOGZiNGE2YTljNzI3ZTFiOGUtNDFmZC00OGZkLTk1ZjEtYjEwZmUxNTk4N2M1&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
x-ms-ests-server
2.1.13201.7 - NEULR1 ProdSlices
x-ms-request-id
2a2b693d-73c1-4043-874f-8f6173284d00
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=2199C71E9FC245238BCA6A732A388A29&RedC=c.office.com&MXFR=1C9449DCF1F16A00070C5836F5F161DE
  • https://c.office.com/c.gif?CtsSyncId=2199C71E9FC245238BCA6A732A388A29&MUID=1C9449DCF1F16A00070C5836F5F161DE
42 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=2199C71E9FC245238BCA6A732A388A29&MUID=1C9449DCF1F16A00070C5836F5F161DE
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fAdminPhishingReviewPage.aspx%3fid%3dxcyBezW6-EuFT0n5wC0_sTAVEGLeguZIoGBrJ1jqNotUM09ITjNQRUFYM084Qk1LMTlLS1M0WkpONS4u%26source%3dUnifiedAlertPage
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Jul 2022 13:27:41 GMT
last-modified
Wed, 13 Jul 2022 17:48:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"96611cd5e096d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 23 Jul 2022 13:27:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AE882B30B6DB4BE89668382ED44E5699 Ref B: FRA31EDGE0814 Ref C: 2022-07-23T13:27:41Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=2199C71E9FC245238BCA6A732A388A29&MUID=1C9449DCF1F16A00070C5836F5F161DE
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
authorize
login.microsoftonline.com/common/oauth2/ Frame 5C0C 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBVXE4MTEzU3AwY0puX3g5TkZxMEFpdUc1Tm5feUpCM0lLaVJFZmFvVTFlUExwVnZGbm9qb3Bqb2Jja3F5Q3RVZzZleW82S0lkaFZ0TS1jQ1h0NFpYOFUiLCJwcm9tcHQiOiJBVk5rRTZNNzl1RHdSWks1NGVKVC1SUk41cmozRGQ3d0lWMks2enMtNDVyaGUyUnR3eUEzZ1U5YU12cW1WMVE1NXo0ejNsVVdpZGxNRDFGNlFnUUkxd3MiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637941796616860739.YjhiZjU0Y2MtZTQzNy00MWQwLWI2NWYtOWNkOGZiNGE2YTljNzI3ZTFiOGUtNDFmZC00OGZkLTk1ZjEtYjEwZmUxNTk4N2M1&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBVXE4MTEzU3AwY0puX3g5TkZxMEFpdUc1Tm5feUpCM0lLaVJFZmFvVTFlUExwVnZGbm9qb3Bqb2Jja3F5Q3RVZzZleW82S0lkaFZ0TS1jQ1h0NFpYOFUiLCJwcm9tcHQiOiJBVk5rRTZNNzl1RHdSWks1NGVKVC1SUk41cmozRGQ3d0lWMks2enMtNDVyaGUyUnR3eUEzZ1U5YU12cW1WMVE1NXo0ejNsVVdpZGxNRDFGNlFnUUkxd3MiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637941796616860739.YjhiZjU0Y2MtZTQzNy00MWQwLWI2NWYtOWNkOGZiNGE2YTljNzI3ZTFiOGUtNDFmZC00OGZkLTk1ZjEtYjEwZmUxNTk4N2M1&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.140 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fbf28f6fe0da4b77c63e5d3484f1f4d25373ff3359a7db1fd3aa37ee14ab6c94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBVXE4MTEzU3AwY0puX3g5TkZxMEFpdUc1Tm5feUpCM0lLaVJFZmFvVTFlUExwVnZGbm9qb3Bqb2Jja3F5Q3RVZzZleW82S0lkaFZ0TS1jQ1h0NFpYOFUiLCJwcm9tcHQiOiJBVk5rRTZNNzl1RHdSWks1NGVKVC1SUk41cmozRGQ3d0lWMks2enMtNDVyaGUyUnR3eUEzZ1U5YU12cW1WMVE1NXo0ejNsVVdpZGxNRDFGNlFnUUkxd3MiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637941796616860739.YjhiZjU0Y2MtZTQzNy00MWQwLWI2NWYtOWNkOGZiNGE2YTljNzI3ZTFiOGUtNDFmZC00OGZkLTk1ZjEtYjEwZmUxNTk4N2M1&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
960
Content-Type
text/html; charset=utf-8
Date
Sat, 23 Jul 2022 13:27:42 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.13315.8 - WEULR1 ProdSlices
x-ms-request-id
a8340dde-3d07-4213-92aa-64294af00f01
silentsignincomplete.aspx
forms.office.com/pages/ Frame 5C0C
Redirect Chain
  • https://forms.office.com/landing
  • https://forms.office.com/pages/silentsignincomplete.aspx
7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/silentsignincomplete.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
3115
content-type
text/html; charset=utf-8
date
Sat, 23 Jul 2022 13:27:41 GMT
expires
0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
4967e986-cdbb-491a-b06d-722c32f83939
x-failurereason
Unknown
x-msedge-ref
Ref A: A719DAA79BF74C5C9908DA9ECB1D2C36 Ref B: AM3EDGE0422 Ref C: 2022-07-23T13:27:42Z
x-officecluster
weu-100.forms.office.com
x-officefe
FormsSingleBox_IN_3
x-officeversion
16.0.15518.36680
x-robots-tag
noindex, nofollow
x-routingcorrelationid
4967e986-cdbb-491a-b06d-722c32f83939
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_3
x-routingofficeversion
16.0.15518.36680
x-routingsessionid
f5b593b2-a4eb-4489-8141-38bfb6b4f1d2
x-usersessionid
f5b593b2-a4eb-4489-8141-38bfb6b4f1d2

Redirect headers

content-length
0
date
Sat, 23 Jul 2022 13:27:41 GMT
location
pages/silentsignincomplete.aspx
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
2df69072-d535-4ab9-a6f8-cac2b35697c9
x-msedge-ref
Ref A: A6636419D08D4AEDAC0E7395C4ACB9F8 Ref B: AM3EDGE0422 Ref C: 2022-07-23T13:27:42Z
x-officecluster
frc-100.forms.office.com
x-officefe
FormsSingleBox_IN_9
x-officeversion
16.0.15518.36680
x-routingcorrelationid
2df69072-d535-4ab9-a6f8-cac2b35697c9
x-routingofficecluster
frc-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_9
x-routingofficeversion
16.0.15518.36680
x-routingsessionid
8211d5c6-3180-4942-b078-020c2610565f
x-usersessionid
8211d5c6-3180-4942-b078-020c2610565f
SilentSignInComplete.aspx
forms.office.com/Pages/ Frame F481
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1658582861&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.office.com%2FrpsLanding%3FRpsAuthState%3DR_wtPDF6ZIV7fzlE9Myh5qz4n3A9bTc6...
  • https://forms.office.com/rpsLanding?RpsAuthState=R_wtPDF6ZIV7fzlE9Myh5qz4n3A9bTc6A8JpjlqvJyNBy7EZ-a786tzb8pSHuOugxlOQchdInpnBy7T-dnbXr_alrXF4JymsII5ax2goe8AsLF0Y5O-rUIusrw8p619Z-tCzCPr06pfsL31lUvZs...
  • https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
3121
content-type
text/html; charset=utf-8
date
Sat, 23 Jul 2022 13:27:42 GMT
expires
0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
f604c9b4-d04c-4079-a732-5c7d66beb0b4
x-failurereason
Unknown
x-msedge-ref
Ref A: 7A25E6BA44AE447B8E111B5F045CC036 Ref B: AM3EDGE0422 Ref C: 2022-07-23T13:27:42Z
x-officecluster
neu-101.forms.office.com
x-officefe
FormsSingleBox_IN_3
x-officeversion
16.0.15518.36680
x-robots-tag
noindex, nofollow
x-routingcorrelationid
f604c9b4-d04c-4079-a732-5c7d66beb0b4
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_3
x-routingofficeversion
16.0.15518.36680
x-routingsessionid
3a91ec66-568c-4a94-81c5-cf9fdf69970f
x-usersessionid
3a91ec66-568c-4a94-81c5-cf9fdf69970f

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Sat, 23 Jul 2022 13:27:42 GMT
location
/Pages/SilentSignInComplete.aspx?fromAR=1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
ada172fa-0ebf-44f6-8540-a539e940f33d
x-msedge-ref
Ref A: 7E9AA23353ED48C8B082E604C3C702C2 Ref B: AM3EDGE0422 Ref C: 2022-07-23T13:27:42Z
x-officecluster
frc-101.forms.office.com
x-officefe
FormsSingleBox_IN_4
x-officeversion
16.0.15518.36680
x-routingcorrelationid
ada172fa-0ebf-44f6-8540-a539e940f33d
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_4
x-routingofficeversion
16.0.15518.36680
x-routingsessionid
3f6ac408-a87c-4b1d-b8e4-5618f4e80bf9
x-usersessionid
3f6ac408-a87c-4b1d-b8e4-5618f4e80bf9
hrd
odc.officeapps.live.com/odc/v2.1/ Frame 1BE7 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.8161c8b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.108.14.61 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8c8de6c61f1f9bfbaeac8f98b20ee0b57050654eaadec77a54e57588e2a8d18f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=1200
content-length
8128
content-type
text/html; charset=utf-8
date
Sat, 23 Jul 2022 13:27:42 GMT
expires
Sat, 23 Jul 2022 13:47:42 GMT
last-modified
Sat, 23 Jul 2022 13:27:42 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
Microsoft-IIS/10.0
vary
*
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-correlationid
2876b103-f733-4445-b9e7-5a4abbd82e21
x-officecluster
uks-000.odc.officeapps.live.com
x-officefe
OdcFE_IN_42
x-officeversion
16.0.15510.30550
x-powered-by
ASP.NET
x-ua-compatible
IE=11
x-usersessionid
2876b103-f733-4445-b9e7-5a4abbd82e21
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
3d622f27eda770690cb84e4651fda486108f7b9f88047f95f925b810fc84c089
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1658582862806
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Referer
https://forms.office.com/
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Sat, 23 Jul 2022 13:27:43 GMT
time-delta-millis
780
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Sat, 23 Jul 2022 13:27:43 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
hrd.css
odc.officeapps.live.com/odc/stat/ Frame 1BE7 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.css?b=15510.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.108.14.61 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ff09ddce3a55505346a551874b4a1cac73120c05f1207f47d973c4e952b0987
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 13:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
uks-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_42
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
5050
cache-control
private, max-age=2678400
last-modified
Sun, 10 Jul 2022 17:50:16 GMT
server
Microsoft-IIS/10.0
x-usersessionid
e9948d65-9733-4b02-8891-5d729509cd64
etag
"0bc30838594d81:0"
vary
Accept-Encoding
content-type
text/css
x-correlationid
e9948d65-9733-4b02-8891-5d729509cd64
accept-ranges
bytes
x-officeversion
16.0.15510.30550
microsoft_logo.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame 1BE7 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.svg?b=15510.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 13:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
uks-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_63
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
1464
cache-control
private, max-age=1633510
last-modified
Wed, 06 Jul 2022 20:00:30 GMT
server
Microsoft-IIS/10.0
x-usersessionid
df34d266-8c79-442a-84a9-3ed01e42694d
etag
"083bb7391d81:0"
vary
Accept-Encoding
content-type
image/svg+xml
x-correlationid
df34d266-8c79-442a-84a9-3ed01e42694d
accept-ranges
bytes
x-officeversion
16.0.15506.30554
picker-account-aad.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame 1BE7 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-aad.svg?b=15510.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 13:27:42 GMT
x-content-type-options
nosniff
x-officecluster
neu-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_47
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
756
cache-control
private, max-age=1633514
last-modified
Wed, 06 Jul 2022 20:00:30 GMT
server
Microsoft-IIS/10.0
x-usersessionid
35831854-e208-4122-a899-d797dd1e5101
etag
"083bb7391d81:0"
content-type
image/svg+xml
x-correlationid
35831854-e208-4122-a899-d797dd1e5101
accept-ranges
bytes
x-officeversion
16.0.15506.30554
picker-account-msa.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame 1BE7 		379 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-msa.svg?b=15510.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 13:27:42 GMT
x-content-type-options
nosniff
x-officecluster
frc-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_33
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
379
cache-control
private, max-age=1633484
last-modified
Wed, 06 Jul 2022 20:00:30 GMT
server
Microsoft-IIS/10.0
x-usersessionid
4f7e65d9-4161-4b83-b169-1bc22a0647c3
etag
"083bb7391d81:0"
content-type
image/svg+xml
x-correlationid
4f7e65d9-4161-4b83-b169-1bc22a0647c3
accept-ranges
bytes
x-officeversion
16.0.15506.30554
jquery-1.12.4.1.min.js
cdn.odc.officeapps.live.com/odc/stat/ Frame 1BE7 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/jquery-1.12.4.1.min.js?b=15510.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 13:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
neu-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_56
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
33842
cache-control
private, max-age=1633463
last-modified
Wed, 06 Jul 2022 20:00:30 GMT
server
Microsoft-IIS/10.0
x-usersessionid
028b0311-bf9d-4e75-9f66-dd87ed0748d9
etag
"083bb7391d81:0"
vary
Accept-Encoding
content-type
application/javascript
x-correlationid
028b0311-bf9d-4e75-9f66-dd87ed0748d9
accept-ranges
bytes
x-officeversion
16.0.15506.30554
knockout-3.4.2.js
cdn.odc.officeapps.live.com/odc/stat/ Frame 1BE7 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/knockout-3.4.2.js?b=15510.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 13:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
uks-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_49
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
22381
cache-control
private, max-age=1633458
last-modified
Wed, 06 Jul 2022 20:00:30 GMT
server
Microsoft-IIS/10.0
x-usersessionid
4844ef2d-29d7-49cb-945e-b858af4443a1
etag
"083bb7391d81:0"
vary
Accept-Encoding
content-type
application/javascript
x-correlationid
4844ef2d-29d7-49cb-945e-b858af4443a1
accept-ranges
bytes
x-officeversion
16.0.15506.30554
CommonDiagnostics.js
cdn.odc.officeapps.live.com/odc/stat/ Frame 1BE7 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/CommonDiagnostics.js?b=15510.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
60f37ce966440ca57e233756476cff9ed52a8177bbdf77b5cee321d12a0d6d94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 13:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
frc-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
12279
cache-control
private, max-age=1633465
last-modified
Wed, 06 Jul 2022 20:00:30 GMT
server
Microsoft-IIS/10.0
x-usersessionid
a84cd3d7-737b-4fdb-bae4-805393d6b524
etag
"083bb7391d81:0"
vary
Accept-Encoding
content-type
application/javascript
x-correlationid
a84cd3d7-737b-4fdb-bae4-805393d6b524
accept-ranges
bytes
x-officeversion
16.0.15506.30554
jsonstrings
odc.officeapps.live.com/odc/ Frame 1BE7 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/jsonstrings?g=EmailHrdv2&mkt=1031&hm=0
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.108.14.61 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7082370b9b7d1debf58ad37e1847a2bc87f48396137eddc0d0ae7eec4ce5abed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 13:27:42 GMT
x-content-type-options
nosniff
x-correlationid
0d2173ff-b46e-41c3-b974-c85988b670a4
x-officecluster
uks-000.odc.officeapps.live.com
x-usersessionid
0d2173ff-b46e-41c3-b974-c85988b670a4
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_42
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public, max-age=3600
server
Microsoft-IIS/10.0
content-type
text/javascript; charset=utf-8
content-length
3549
x-officeversion
16.0.15510.30550
hrd.min.js
odc.officeapps.live.com/odc/stat/ Frame 1BE7 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.min.js?b=15510.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.108.14.61 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
54a2f5eca1b0e7eda5cd0863fe8acbc23825a3d93108f11a2f654d537687f963
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 13:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
uks-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_42
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
4909
cache-control
private, max-age=2678400
last-modified
Sun, 10 Jul 2022 17:50:16 GMT
server
Microsoft-IIS/10.0
x-usersessionid
71c2d07c-aaaa-4130-9de4-20d91333be3a
etag
"0bc30838594d81:0"
vary
Accept-Encoding
content-type
application/javascript
x-correlationid
71c2d07c-aaaa-4130-9de4-20d91333be3a
accept-ranges
bytes
x-officeversion
16.0.15510.30550
Background-blurryGradient.svg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame 1BE7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odc.officeapps.live.com/odc/stat/images/hrd/Background-blurryGradient.svg
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/stat/hrd.css?b=15510.30550
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.108.14.61 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=15510.30550
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 13:27:42 GMT
x-content-type-options
nosniff
x-officecluster
uks-000.odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_42
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
2267
cache-control
private, max-age=2678400
last-modified
Sun, 10 Jul 2022 17:50:16 GMT
server
Microsoft-IIS/10.0
x-usersessionid
dbdddf1c-0bdf-49f7-bfd7-4d89c58fcf8b
etag
"0bc30838594d81:0"
content-type
image/svg+xml
x-correlationid
dbdddf1c-0bdf-49f7-bfd7-4d89c58fcf8b
accept-ranges
bytes
x-officeversion
16.0.15510.30550
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
3f33c89878def9ff6baf7b25481afe80cc00b61eeedf411208c8762947c3fa30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1658582863811
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
time-delta-to-apply-millis
780
content-type
application/x-json-stream
cache-control
no-cache, no-store
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Referer
https://forms.office.com/
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Sat, 23 Jul 2022 13:27:43 GMT
time-delta-millis
134
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Sat, 23 Jul 2022 13:27:43 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.3&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1658582863918&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/aria_odata_v2.min.29dbe8c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.24 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Sat, 23 Jul 2022 13:27:43 GMT
time-delta-millis
333
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| reloadNoCdn object| OfficeFormServerInfo object| NavKeyPoints function| $ function| jQuery function| _ object| React object| ReactDOM function| init object| datas object| modules function| require object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ object| odatajs function| DomStore function| IndexedDBStore function| MemoryStore function| setPublicPath function| replaceChunkSrc object| webpackChunk object| Forms object| FormsPro function| formsModuleResolveErrorCallback undefined| formsDetectUserLoggedInCallback function| jsllloaded object| e function| t object| oneDS object| awa

24 Cookies

Domain/Path Name / Value
.forms.office.com/ Name: FormsWebSessionId
Value: f486e542-3d42-42a3-aeb5-1fa8561ee9e9
.forms.office.com/ Name: usenewauthrollout
Value: True
.forms.office.com/ Name: RpsAuthNonce
Value: 58fbff01-8b8f-4199-a01c-f81d7582c77d
forms.office.com/ Name: OpenIdConnect.nonce.J3%2FQejhepaq2JCu7RwzG8XkrwsIxHgKxPNgvM2%2Fz1A0%3D
Value: ZXlKMlpYSnphVzl1SWpveExDSmtZWFJoSWpwN0lrNGlPaUpCVTIwM2IycFNTVmhaVGs1WE1EbEZabFF3YUdwalYwTTVOMU50V1VaNGVETk5la05wYkVRNVJFcHVRbFpZYWxSQ1RWVnROMk50V25SeVVVWTJVMU40T1VoSU9ITkRSbEJWWjNweGFucHJiRk5vUzFsVWVXOUlTVkZJZDE5bGMyTlhaek0wWjJ0VlVUZG5hWEpRU1VadVVtcEJhbWg2UzNGNlZYbzRkbm8xVFZsak1IWnViMjF2WjI1VmN6TnJjakJYT0hWeWVVUlpiM1J3U2xjd1R6RXdkbTR5VlVKcVdtMUtlVFZXU21kUFJtSTVPRVp5U1ZoMVFrUm9UbTFTUVRkT1JuTlNkRWxFTkhwMFVteEdTMDkzYjJ4S1JVbGZYMjluTFU5c1gycElXRkYwY1VadGFFZGpSVXM0TXlKOWZR
forms.office.com/ Name: ai_session
Value: 1m4xHobNjKJcj7lzVZBevm|1658582861798|1658582861798
.office.com/ Name: MUID
Value: 1C9449DCF1F16A00070C5836F5F161DE
login.windows.net/ Name: x-ms-gateway-slice
Value: estsfd
login.windows.net/ Name: stsservicecookie
Value: estsfd
.bing.com/ Name: MUID
Value: 1C9449DCF1F16A00070C5836F5F161DE
.c.bing.com/ Name: SRM_B
Value: 1C9449DCF1F16A00070C5836F5F161DE
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: ANONCHK
Value: 0
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AWAAMe_N-B6jSkuT5F9XHpElWtJZpcmrehNPpu3n6cUq7IcBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevrdih9-rbvECY98ExS0jpmZf1Ir-3XSt5S8whNFdP4I5--1m26vyJ4sJc0daq0WatrfJ2oZaGz5Uwu2OvQvUJ4B3YjQ7avYxPnjqPjy0CyOTUgAA
login.microsoftonline.com/ Name: fpc
Value: Ats5DsVG98JGtMuMZYd86hJiQQPhAQAAAE3ubdoOAAAA
.login.microsoftonline.com/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrCz8oBd_GfbahgHDoXB96de4PzBQv4-0PeByPUzvkGTWpxgJcC_LGpeDVNcxKW0HX4CPFie448Z1YyVqgPg0IN_YlrpOrR_7Z1sC5rGag8Bnyi66JqHC2G_d6S_KrJYmbHTF0d9OJmLXolHQA_paJIUUwAY4Rd5p9zLOr9X1Bl8wgAA
.login.live.com/ Name: uaid
Value: 1241e192a70b4a0f9f395e479310c83f
.login.live.com/ Name: MSPRequ
Value: id=295313&lt=1658582862&co=1
.microsoft.com/ Name: MC1
Value: GUID=e95cc18dda6748cca094bcc8fdb1ab97&HASH=e95c&LV=202207&V=4&LU=1658582863586
.microsoft.com/ Name: MS0
Value: 10d84e3e243b45fe9cb1e7962a93133b
forms.office.com/ Name: MSFPC
Value: GUID=e95cc18dda6748cca094bcc8fdb1ab97&HASH=e95c&LV=202207&V=4&LU=1658582863586

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
cdn.odc.officeapps.live.com
forms.office.com
js.monitor.azure.com
login.live.com
login.microsoftonline.com
login.windows.net
odc.officeapps.live.com
static2.sharepointonline.com
104.92.83.244
2.21.74.98
20.108.14.61
20.190.159.64
20.190.159.68
20.234.93.27
20.42.73.24
2620:1ec:40::45
2620:1ec:a92::194
2620:1ec:c11::200
40.126.32.140
96.16.146.233
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
15d790c31969b15e91b084b4867d1ad8c597cc5d11ab8ff8b4d10477d4725196
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
2ff09ddce3a55505346a551874b4a1cac73120c05f1207f47d973c4e952b0987
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
39fdcd0f2f953790c19b348fb9d5c61997d8566177f39d9f83bd26ddaa037fcf
3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5
3d622f27eda770690cb84e4651fda486108f7b9f88047f95f925b810fc84c089
3f33c89878def9ff6baf7b25481afe80cc00b61eeedf411208c8762947c3fa30
54a2f5eca1b0e7eda5cd0863fe8acbc23825a3d93108f11a2f654d537687f963
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
60f37ce966440ca57e233756476cff9ed52a8177bbdf77b5cee321d12a0d6d94
67dd96644fcce9cc703ebf1ede6a7a96b42fe909d024f0eee3e826ae0a59f66d
7082370b9b7d1debf58ad37e1847a2bc87f48396137eddc0d0ae7eec4ce5abed
8c8de6c61f1f9bfbaeac8f98b20ee0b57050654eaadec77a54e57588e2a8d18f
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
b66a5c41dda8640ef2fb42901bee5437dcdc746f018ab7bfa42fa6cfddc830f8
c5b2fb0d6e24fbf50511174f8e96904e998d1bf67db00f78997dc35baca6d326
ce6c321ac0f0e6949acf1512249c849b988530d2299382cada607c9d6e974fbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f06660d07d33d602d945eeda28bbaf7ceb330d9915fa4a5abef2ae58ef05c397
fbf28f6fe0da4b77c63e5d3484f1f4d25373ff3359a7db1fd3aa37ee14ab6c94