Submitted URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS...
Effective URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f...
Submission: On May 26 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 14 HTTP transactions. The main IP is 20.190.159.4, located in and belongs to . The main domain is login.microsoftonline.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 3rd 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2620:1ec:a92:... 8068 (MICROSOFT...)
6 23.48.23.38 20940 (AKAMAI-ASN1)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 20.189.173.3 8075 (MICROSOFT...)
1 1 40.126.32.140 8075 (MICROSOFT...)
2 20.190.159.4 ()
1 152.199.23.37 ()
14 7
Apex Domain
Subdomains
Transfer
6 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 7896
216 KB
5 office.com
forms.office.com — Cisco Umbrella Rank: 5602
c.office.com — Cisco Umbrella Rank: 22620
16 KB
2 microsoftonline.com
login.microsoftonline.com
107 KB
1 msftauth.net
aadcdn.msftauth.net
108 KB
1 windows.net
login.windows.net — Cisco Umbrella Rank: 302
2 KB
1 microsoft.com
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 131
397 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 210
660 B
0 live.com Failed
login.live.com Failed
14 8
Domain Requested by
6 cdn.forms.office.net forms.office.com
cdn.forms.office.net
3 forms.office.com 1 redirects forms.office.com
2 login.microsoftonline.com cdn.forms.office.net
login.microsoftonline.com
2 c.office.com 1 redirects
1 aadcdn.msftauth.net login.microsoftonline.com
1 login.windows.net 1 redirects
1 browser.pipe.aria.microsoft.com cdn.forms.office.net
1 c.bing.com 1 redirects
0 login.live.com Failed login.microsoftonline.com
14 9

This site contains no links.

Subject Issuer Validity Valid
forms.office.com
DigiCert Cloud Services CA-1
2021-09-02 -
2022-09-01
a year crt.sh
cdn.forms.office.net
Microsoft RSA TLS CA 01
2021-10-12 -
2022-10-12
a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06
2022-03-02 -
2023-02-25
a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA
2022-03-03 -
2023-03-03
a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA
2022-04-01 -
2023-04-01
a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBZmJQcEtnTDZ3cmNyMy1nbTBuU0luQThCUWNCQlNCLXJmRjd2LXE5Nk1nU0lqNUdnSzJtVXpUaDlrNW1fQlotODVTWHpWSlI1d0FGemhYTHl0N3cxZ1UiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9RElWYU92X1VuVVNJX2ZNZWlvX0ZRVm1mYm8tV3FDeEZxeE43SFVEckxKZFVNVEZaTVZsWFRsZzRRVlV6UXpsRVNFc3dTMVpYTWs1TVdpNHUmc2lkPTdhZjMzYjJlLWU1MmUtNDY4MC1iZjU0LWUxMzNlYWFlMmU1ZSJ9fQ&response_mode=form_post&nonce=637891616559048914.YjZkMDAyOGItNDZlNC00YjIwLThjYzYtMDYxNDA4NWIzYTIzNmJkMzJiODAtMzRjZS00N2RmLWExN2UtNGI5NTkyNGIzNGJi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0&sso_reload=true
Frame ID: 29C4B6693718AF4D1E524B804709CF9D
Requests: 14 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://forms.office.com/Pages/ResponsePage.aspx?id=DIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZM... Page URL
  2. https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=https%3A%2F%2Fforms.office.com%2FPages%2FR... HTTP 302
    https://login.windows.net/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resou... HTTP 302
    https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resou... Page URL
  3. https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resou... Page URL

Page Statistics

14
Requests

86 %
HTTPS

25 %
IPv6

8
Domains

9
Subdomains

7
IPs

4
Countries

445 kB
Transfer

1380 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forms.office.com/Pages/ResponsePage.aspx?id=DIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZXMk5MWi4u Page URL
  2. https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3DDIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZXMk5MWi4u%26sid%3D7af33b2e-e52e-4680-bf54-e133eaae2e5e HTTP 302
    https://login.windows.net/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBZmJQcEtnTDZ3cmNyMy1nbTBuU0luQThCUWNCQlNCLXJmRjd2LXE5Nk1nU0lqNUdnSzJtVXpUaDlrNW1fQlotODVTWHpWSlI1d0FGemhYTHl0N3cxZ1UiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9RElWYU92X1VuVVNJX2ZNZWlvX0ZRVm1mYm8tV3FDeEZxeE43SFVEckxKZFVNVEZaTVZsWFRsZzRRVlV6UXpsRVNFc3dTMVpYTWs1TVdpNHUmc2lkPTdhZjMzYjJlLWU1MmUtNDY4MC1iZjU0LWUxMzNlYWFlMmU1ZSJ9fQ&response_mode=form_post&nonce=637891616559048914.YjZkMDAyOGItNDZlNC00YjIwLThjYzYtMDYxNDA4NWIzYTIzNmJkMzJiODAtMzRjZS00N2RmLWExN2UtNGI5NTkyNGIzNGJi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0 HTTP 302
    https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBZmJQcEtnTDZ3cmNyMy1nbTBuU0luQThCUWNCQlNCLXJmRjd2LXE5Nk1nU0lqNUdnSzJtVXpUaDlrNW1fQlotODVTWHpWSlI1d0FGemhYTHl0N3cxZ1UiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9RElWYU92X1VuVVNJX2ZNZWlvX0ZRVm1mYm8tV3FDeEZxeE43SFVEckxKZFVNVEZaTVZsWFRsZzRRVlV6UXpsRVNFc3dTMVpYTWs1TVdpNHUmc2lkPTdhZjMzYjJlLWU1MmUtNDY4MC1iZjU0LWUxMzNlYWFlMmU1ZSJ9fQ&response_mode=form_post&nonce=637891616559048914.YjZkMDAyOGItNDZlNC00YjIwLThjYzYtMDYxNDA4NWIzYTIzNmJkMzJiODAtMzRjZS00N2RmLWExN2UtNGI5NTkyNGIzNGJi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0 Page URL
  3. https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBZmJQcEtnTDZ3cmNyMy1nbTBuU0luQThCUWNCQlNCLXJmRjd2LXE5Nk1nU0lqNUdnSzJtVXpUaDlrNW1fQlotODVTWHpWSlI1d0FGemhYTHl0N3cxZ1UiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9RElWYU92X1VuVVNJX2ZNZWlvX0ZRVm1mYm8tV3FDeEZxeE43SFVEckxKZFVNVEZaTVZsWFRsZzRRVlV6UXpsRVNFc3dTMVpYTWs1TVdpNHUmc2lkPTdhZjMzYjJlLWU1MmUtNDY4MC1iZjU0LWUxMzNlYWFlMmU1ZSJ9fQ&response_mode=form_post&nonce=637891616559048914.YjZkMDAyOGItNDZlNC00YjIwLThjYzYtMDYxNDA4NWIzYTIzNmJkMzJiODAtMzRjZS00N2RmLWExN2UtNGI5NTkyNGIzNGJi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=A7B9591982B442E6A21D3124B89A6316&RedC=c.office.com&MXFR=029E9045889166D0292281F58C916DAB HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=A7B9591982B442E6A21D3124B89A6316&MUID=029E9045889166D0292281F58C916DAB
Request Chain 10
  • https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3DDIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZXMk5MWi4u%26sid%3D7af33b2e-e52e-4680-bf54-e133eaae2e5e HTTP 302
  • https://login.windows.net/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBZmJQcEtnTDZ3cmNyMy1nbTBuU0luQThCUWNCQlNCLXJmRjd2LXE5Nk1nU0lqNUdnSzJtVXpUaDlrNW1fQlotODVTWHpWSlI1d0FGemhYTHl0N3cxZ1UiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9RElWYU92X1VuVVNJX2ZNZWlvX0ZRVm1mYm8tV3FDeEZxeE43SFVEckxKZFVNVEZaTVZsWFRsZzRRVlV6UXpsRVNFc3dTMVpYTWs1TVdpNHUmc2lkPTdhZjMzYjJlLWU1MmUtNDY4MC1iZjU0LWUxMzNlYWFlMmU1ZSJ9fQ&response_mode=form_post&nonce=637891616559048914.YjZkMDAyOGItNDZlNC00YjIwLThjYzYtMDYxNDA4NWIzYTIzNmJkMzJiODAtMzRjZS00N2RmLWExN2UtNGI5NTkyNGIzNGJi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0 HTTP 302
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBZmJQcEtnTDZ3cmNyMy1nbTBuU0luQThCUWNCQlNCLXJmRjd2LXE5Nk1nU0lqNUdnSzJtVXpUaDlrNW1fQlotODVTWHpWSlI1d0FGemhYTHl0N3cxZ1UiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9RElWYU92X1VuVVNJX2ZNZWlvX0ZRVm1mYm8tV3FDeEZxeE43SFVEckxKZFVNVEZaTVZsWFRsZzRRVlV6UXpsRVNFc3dTMVpYTWs1TVdpNHUmc2lkPTdhZjMzYjJlLWU1MmUtNDY4MC1iZjU0LWUxMzNlYWFlMmU1ZSJ9fQ&response_mode=form_post&nonce=637891616559048914.YjZkMDAyOGItNDZlNC00YjIwLThjYzYtMDYxNDA4NWIzYTIzNmJkMzJiODAtMzRjZS00N2RmLWExN2UtNGI5NTkyNGIzNGJi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
ResponsePage.aspx
forms.office.com/Pages/
45 KB
13 KB
Document
General
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=DIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZXMk5MWi4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4eed34253434f3303c6ecc756296088c2643f79ef842d921785d26af62b8a5c5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, must-revalidate, no-cache
content-encoding
br
content-length
12356
content-type
text/html; charset=utf-8
date
Thu, 26 May 2022 11:34:12 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
14006345-24ac-4050-9a51-1ecbba3b9736
x-failurereason
Unknown
x-msedge-ref
Ref A: 8E5033A8EE51440781CA62B7B676C39E Ref B: AM3EDGE0717 Ref C: 2022-05-26T11:34:10Z
x-officecluster
weu-101.forms.office.com
x-officefe
FormsSingleBox_IN_14
x-officeversion
16.0.15319.36680
x-robots-tag
noindex, nofollow
x-routingcorrelationid
14006345-24ac-4050-9a51-1ecbba3b9736
x-routingofficecluster
weu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_14
x-routingofficeversion
16.0.15319.36680
x-routingsessionid
7af33b2e-e52e-4680-bf54-e133eaae2e5e
x-usersessionid
7af33b2e-e52e-4680-bf54-e133eaae2e5e
ls-response.de.572c89a31.js
cdn.forms.office.net/forms/scripts/dists/
26 KB
9 KB
Script
General
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.572c89a31.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZXMk5MWi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
528829c3829cafddd13a2b4cfb385aa22c9df17c487e203e0b0db58235a01c8a

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 26 May 2022 11:34:12 GMT
content-encoding
br
content-md5
snX9EHQXHY91tJMcja8PnQ==
content-length
8627
x-ms-lease-status
unlocked
last-modified
Mon, 23 May 2022 04:53:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA3C7825D0597D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a425637e-901e-004c-0167-6e6ee6000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 26 May 2023 11:34:12 GMT
light-response-page.min.c2b443d.css
cdn.forms.office.net/forms/css/dist/
132 KB
22 KB
Stylesheet
General
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.c2b443d.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZXMk5MWi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6b661feb197fae9bad6f665ec7be844b89f271ce2988dc03952c8f9a563d9612

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 26 May 2022 11:34:12 GMT
content-encoding
br
content-md5
HRVsH9owtdEj9lvImCDU9A==
content-length
22241
x-ms-lease-status
unlocked
last-modified
Tue, 24 May 2022 05:09:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA3D438514C34E
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ea74c003-d01e-002d-6033-6f2a39000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 26 May 2023 11:34:12 GMT
light-response-page.min.26d8b81.js
cdn.forms.office.net/forms/scripts/dists/
261 KB
76 KB
Script
General
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.26d8b81.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZXMk5MWi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d29acb473fc5699071c4fe75209b42ddeaa89e081e1c4a192e168d446e27ebd5

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 26 May 2022 11:34:12 GMT
content-encoding
br
content-md5
OVXTXog3WqLb7eog+V5hDA==
content-length
76753
x-ms-lease-status
unlocked
last-modified
Tue, 24 May 2022 05:09:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA3D43A217F7B8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f05b59f2-701e-0046-6e33-6f776f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 26 May 2023 11:34:12 GMT
runtimeFormsWithResponses('DIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZXMk5MWi4u')
forms.office.com/formapi/api/3a5a850c-d4ff-449d-88fd-f31e8a8fc541/users/8f6e9f59-a896-452c-ab13-7b1d40eb2c97/light/
97 B
413 B
XHR
General
Full URL
https://forms.office.com/formapi/api/3a5a850c-d4ff-449d-88fd-f31e8a8fc541/users/8f6e9f59-a896-452c-ab13-7b1d40eb2c97/light/runtimeFormsWithResponses('DIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZXMk5MWi4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZXMk5MWi4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
804afd34b6a457c1e712bb336ef8c02babeaf7931973e0e733fa6399ac25eadb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=DIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZXMk5MWi4u
X-UserSessionId
7af33b2e-e52e-4680-bf54-e133eaae2e5e
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
Q2PfyztJKMti2jv2Nj5wlwT-7LyeEMwHEQz4jL_gQ9M4613aLAyvP69E4jlRZVCPWtSx-OMOlEwClQRQZBqTjvqeu8Dd_0nHy4EKKFwKiEA1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
x-officeversion
16.0.15319.36680
x-officefe
FormsSingleBox_IN_15
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_18
x-routingofficeversion
16.0.15319.36680
x-correlationid
f4ecccfd-f306-4d9e-8dcb-fe748524f3fc
x-officecluster
neu-100.forms.office.com
x-usersessionid
7af33b2e-e52e-4680-bf54-e133eaae2e5e
date
Thu, 26 May 2022 11:34:14 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
f4ecccfd-f306-4d9e-8dcb-fe748524f3fc
x-routingsessionid
7af33b2e-e52e-4680-bf54-e133eaae2e5e
x-msedge-ref
Ref A: 2A3DC53EB1DA4B5580B9C8D356487E2D Ref B: AM3EDGE0717 Ref C: 2022-05-26T11:34:12Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com
light-response-page.chunk.lrp_ext.3bd05f0.js
cdn.forms.office.net/forms/scripts/dists/
0
53 KB
Other
General
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.3bd05f0.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.26d8b81.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 26 May 2022 11:34:12 GMT
content-encoding
br
content-md5
b2BWNkD84vQhjdzbc7ZtTw==
content-length
53330
x-ms-lease-status
unlocked
last-modified
Tue, 24 May 2022 05:09:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA3D43A1EF8E1E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ee14ed83-501e-003c-7133-6f1d22000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 26 May 2023 11:34:12 GMT
light-response-page.chunk.lrp_post.boot.0708a47.js
cdn.forms.office.net/forms/scripts/dists/
0
4 KB
Other
General
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.0708a47.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.26d8b81.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 26 May 2022 11:34:12 GMT
content-encoding
br
content-md5
NCT1sCdrS23cMfezNKVd2Q==
content-length
3956
x-ms-lease-status
unlocked
last-modified
Tue, 24 May 2022 05:09:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA3D43A1FD20A8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ebacda4d-101e-0030-5b33-6ff3d3000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 26 May 2023 11:34:12 GMT
light-response-page.chunk.lrp_ext.3bd05f0.js
cdn.forms.office.net/forms/scripts/dists/
185 KB
53 KB
Script
General
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.3bd05f0.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.26d8b81.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-38.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f5201d9aeb7e6ec372dc7c06bf2c778c03d646c9df0fa32d9906f24848b20795

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 26 May 2022 11:34:14 GMT
content-encoding
br
content-md5
b2BWNkD84vQhjdzbc7ZtTw==
content-length
53330
x-ms-lease-status
unlocked
last-modified
Tue, 24 May 2022 05:09:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA3D43A1EF8E1E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ee14ed83-501e-003c-7133-6f1d22000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 26 May 2023 11:34:14 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=A7B9591982B442E6A21D3124B89A6316&RedC=c.office.com&MXFR=029E9045889166D0292281F58C916DAB
  • https://c.office.com/c.gif?CtsSyncId=A7B9591982B442E6A21D3124B89A6316&MUID=029E9045889166D0292281F58C916DAB
42 B
259 B
Image
General
Full URL
https://c.office.com/c.gif?CtsSyncId=A7B9591982B442E6A21D3124B89A6316&MUID=029E9045889166D0292281F58C916DAB
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 May 2022 11:34:14 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 26 May 2022 11:34:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A6747FE586314F67A426A0B735EF0D2D Ref B: FRAEDGE1517 Ref C: 2022-05-26T11:34:15Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=A7B9591982B442E6A21D3124B89A6316&MUID=029E9045889166D0292281F58C916DAB
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
/
browser.pipe.aria.microsoft.com/Collector/3.0/
0
397 B
XHR
General
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1653564855129&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.3bd05f0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 11:34:15 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
585
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
authorize
login.microsoftonline.com/common/oauth2/
Redirect Chain
  • https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3DDIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZX...
  • https://login.windows.net/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&s...
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20p...
150 KB
55 KB
Document
General
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBZmJQcEtnTDZ3cmNyMy1nbTBuU0luQThCUWNCQlNCLXJmRjd2LXE5Nk1nU0lqNUdnSzJtVXpUaDlrNW1fQlotODVTWHpWSlI1d0FGemhYTHl0N3cxZ1UiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9RElWYU92X1VuVVNJX2ZNZWlvX0ZRVm1mYm8tV3FDeEZxeE43SFVEckxKZFVNVEZaTVZsWFRsZzRRVlV6UXpsRVNFc3dTMVpYTWs1TVdpNHUmc2lkPTdhZjMzYjJlLWU1MmUtNDY4MC1iZjU0LWUxMzNlYWFlMmU1ZSJ9fQ&response_mode=form_post&nonce=637891616559048914.YjZkMDAyOGItNDZlNC00YjIwLThjYzYtMDYxNDA4NWIzYTIzNmJkMzJiODAtMzRjZS00N2RmLWExN2UtNGI5NTkyNGIzNGJi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.3bd05f0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.4 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=DIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZXMk5MWi4u
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
54879
Content-Type
text/html; charset=utf-8
Date
Thu, 26 May 2022 11:34:15 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.12794.5 - NEULR1 ProdSlices
x-ms-request-id
a1493611-cb24-414d-b340-da307fb71000

Redirect headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
802
Content-Type
text/html; charset=utf-8
Date
Thu, 26 May 2022 11:34:15 GMT
Location
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBZmJQcEtnTDZ3cmNyMy1nbTBuU0luQThCUWNCQlNCLXJmRjd2LXE5Nk1nU0lqNUdnSzJtVXpUaDlrNW1fQlotODVTWHpWSlI1d0FGemhYTHl0N3cxZ1UiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9RElWYU92X1VuVVNJX2ZNZWlvX0ZRVm1mYm8tV3FDeEZxeE43SFVEckxKZFVNVEZaTVZsWFRsZzRRVlV6UXpsRVNFc3dTMVpYTWs1TVdpNHUmc2lkPTdhZjMzYjJlLWU1MmUtNDY4MC1iZjU0LWUxMzNlYWFlMmU1ZSJ9fQ&response_mode=form_post&nonce=637891616559048914.YjZkMDAyOGItNDZlNC00YjIwLThjYzYtMDYxNDA4NWIzYTIzNmJkMzJiODAtMzRjZS00N2RmLWExN2UtNGI5NTkyNGIzNGJi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
x-ms-ests-server
2.1.12794.4 - NEULR2 ProdSlices
x-ms-request-id
189a22d6-cc0b-4086-8f23-1752139f0900
Primary Request authorize
login.microsoftonline.com/common/oauth2/
202 KB
52 KB
Document
General
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBZmJQcEtnTDZ3cmNyMy1nbTBuU0luQThCUWNCQlNCLXJmRjd2LXE5Nk1nU0lqNUdnSzJtVXpUaDlrNW1fQlotODVTWHpWSlI1d0FGemhYTHl0N3cxZ1UiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9RElWYU92X1VuVVNJX2ZNZWlvX0ZRVm1mYm8tV3FDeEZxeE43SFVEckxKZFVNVEZaTVZsWFRsZzRRVlV6UXpsRVNFc3dTMVpYTWs1TVdpNHUmc2lkPTdhZjMzYjJlLWU1MmUtNDY4MC1iZjU0LWUxMzNlYWFlMmU1ZSJ9fQ&response_mode=form_post&nonce=637891616559048914.YjZkMDAyOGItNDZlNC00YjIwLThjYzYtMDYxNDA4NWIzYTIzNmJkMzJiODAtMzRjZS00N2RmLWExN2UtNGI5NTkyNGIzNGJi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBZmJQcEtnTDZ3cmNyMy1nbTBuU0luQThCUWNCQlNCLXJmRjd2LXE5Nk1nU0lqNUdnSzJtVXpUaDlrNW1fQlotODVTWHpWSlI1d0FGemhYTHl0N3cxZ1UiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9RElWYU92X1VuVVNJX2ZNZWlvX0ZRVm1mYm8tV3FDeEZxeE43SFVEckxKZFVNVEZaTVZsWFRsZzRRVlV6UXpsRVNFc3dTMVpYTWs1TVdpNHUmc2lkPTdhZjMzYjJlLWU1MmUtNDY4MC1iZjU0LWUxMzNlYWFlMmU1ZSJ9fQ&response_mode=form_post&nonce=637891616559048914.YjZkMDAyOGItNDZlNC00YjIwLThjYzYtMDYxNDA4NWIzYTIzNmJkMzJiODAtMzRjZS00N2RmLWExN2UtNGI5NTkyNGIzNGJi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.4 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9819c8000a37735b7bad73cd4f521fe8c191cdb416784075ba09ad7b1f11b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBZmJQcEtnTDZ3cmNyMy1nbTBuU0luQThCUWNCQlNCLXJmRjd2LXE5Nk1nU0lqNUdnSzJtVXpUaDlrNW1fQlotODVTWHpWSlI1d0FGemhYTHl0N3cxZ1UiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9RElWYU92X1VuVVNJX2ZNZWlvX0ZRVm1mYm8tV3FDeEZxeE43SFVEckxKZFVNVEZaTVZsWFRsZzRRVlV6UXpsRVNFc3dTMVpYTWs1TVdpNHUmc2lkPTdhZjMzYjJlLWU1MmUtNDY4MC1iZjU0LWUxMzNlYWFlMmU1ZSJ9fQ&response_mode=form_post&nonce=637891616559048914.YjZkMDAyOGItNDZlNC00YjIwLThjYzYtMDYxNDA4NWIzYTIzNmJkMzJiODAtMzRjZS00N2RmLWExN2UtNGI5NTkyNGIzNGJi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
51634
Content-Type
text/html; charset=utf-8
Date
Thu, 26 May 2022 11:34:16 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.12794.5 - WEULR2 ProdSlices
x-ms-request-id
d2023a81-f94b-4c1d-84a0-9f51a2b81c00
ConvergedLogin_PCore_6J06iic7msGxWHwxS1Qglg2.js
aadcdn.msftauth.net/shared/1.0/content/js/
378 KB
108 KB
Script
General
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_6J06iic7msGxWHwxS1Qglg2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBZmJQcEtnTDZ3cmNyMy1nbTBuU0luQThCUWNCQlNCLXJmRjd2LXE5Nk1nU0lqNUdnSzJtVXpUaDlrNW1fQlotODVTWHpWSlI1d0FGemhYTHl0N3cxZ1UiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9mZmljZS5jb20vUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9RElWYU92X1VuVVNJX2ZNZWlvX0ZRVm1mYm8tV3FDeEZxeE43SFVEckxKZFVNVEZaTVZsWFRsZzRRVlV6UXpsRVNFc3dTMVpYTWs1TVdpNHUmc2lkPTdhZjMzYjJlLWU1MmUtNDY4MC1iZjU0LWUxMzNlYWFlMmU1ZSJ9fQ&response_mode=form_post&nonce=637891616559048914.YjZkMDAyOGItNDZlNC00YjIwLThjYzYtMDYxNDA4NWIzYTIzNmJkMzJiODAtMzRjZS00N2RmLWExN2UtNGI5NTkyNGIzNGJi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/8FCE) /
Resource Hash
b746691179c33d55dc8737603d7bc595a91f3602415851af3d40d0c5d7b3fa8b

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 26 May 2022 11:34:16 GMT
content-encoding
gzip
content-md5
M3t8e+XUfBAKmTYAmwYX9g==
age
1882276
x-cache
HIT
content-length
110092
x-ms-lease-status
unlocked
last-modified
Tue, 03 May 2022 01:12:50 GMT
server
ECAcc (frc/8FCE)
etag
0x8DA2CA20AD96529
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
afa1b907-101e-0044-3bd6-5fc98b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.live.com
URL
https://login.live.com/Me.htm?v=3

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation

12 Cookies

Domain/Path Name / Value
forms.office.com/ Name: DcLcid
Value: ui=1031&data=1031
.forms.office.com/ Name: FormsWebSessionId
Value: d8646dc7-3c25-43a0-9746-291e041d86bc
.forms.office.com/ Name: usenewauthrollout
Value: True
forms.office.com/ Name: __RequestVerificationToken
Value: DdqvxklsBt0X1mBfmZFPuPcA_enLpRdtaECJ8fUA1LEJKzu2DuCbyhEh1BAzhkq1-kwEyHCZuWNqJd4HNdkf8fvOknmTzn88FFCYAQMsVZE1
.office.com/ Name: MUID
Value: 029E9045889166D0292281F58C916DAB
.bing.com/ Name: MUID
Value: 029E9045889166D0292281F58C916DAB
.c.bing.com/ Name: SRM_B
Value: 029E9045889166D0292281F58C916DAB
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: ANONCHK
Value: 0
forms.office.com/ Name: OpenIdConnect.nonce.mHbJr3Jf7yTNvuE7GoLqUiz0g%2BZdvjgmsECpjUu8Ku8%3D
Value: ZXlKMlpYSnphVzl1SWpveExDSmtZWFJoSWpwN0lrNGlPaUpCVjFCTmVqYzBRVkJMTW05TVJqZERZM0l0VFVSQlNEWmtUazlpUkU1cVNXbGtVR2QwWDJ0SVVVbGlkWE42U25acGJUazFValJtUkdOcWVuZFJUbFkxYkZSSVRISmxOUzFVYmxJNU5YbENlVzU2UkZkMVpqUXdiR0pRTFhwNlUweFBObTVFTkdWMFVHcEJlSFpSYW5sdFFuRXpYMkpRT1VWTVNrcGFhV0ZrVEVkQ2FUWTBkeTFYWlhKemVuY3hkMHR6T1ZSelVEUmhSVFpmTms1aGJ6aENaa0ZLWDFFM1dFWnNja2MyYWtWS2FsRmljVGRyYW5relZWOVliVTQ0VkRJNGFuZFBVVU55TlhoUlVIWnhMVE5ZWnpWTmEzWjZjRmRYYUhocGRGQktXR1EyTjJWSWRXSlVOMWx0V2lKOWZR
login.windows.net/ Name: x-ms-gateway-slice
Value: estsfd
login.windows.net/ Name: stsservicecookie
Value: estsfd

1 Console Messages

Source Level URL
Text
network error URL: https://forms.office.com/formapi/api/3a5a850c-d4ff-449d-88fd-f31e8a8fc541/users/8f6e9f59-a896-452c-ab13-7b1d40eb2c97/light/runtimeFormsWithResponses('DIVaOv_UnUSI_fMeio_FQVmfbo-WqCxFqxN7HUDrLJdUMTFZMVlXTlg4QVUzQzlESEswS1ZXMk5MWi4u')?$expand=questions($expand=choices)
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff