urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.us Open in urlscan Pro
2001:489a:3500::9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPS...
Effective URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%...
Submission: On January 30 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 31 HTTP transactions. The main IP is 2001:489a:3500::9, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.us. The Cisco Umbrella rank of the primary domain is 11644.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 3rd 2023. Valid for: a year.
This is the only time login.microsoftonline.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 2001:489a:220... 8070 (MICROSOFT...)
4 13.89.179.11 8075 (MICROSOFT...)
2 2001:489a:350... 8070 (MICROSOFT...)
1 2620:1ec:bdf::40 8075 (MICROSOFT...)
8 2606:2800:21f... 15133 (EDGECAST)
31 6
16    2001:489a:2206:20::1b (Boydton, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.osi.office365.us
4    13.89.179.11 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
2    2001:489a:3500::9 (San Antonio, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.us
1    2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
8    2606:2800:21f:1b88:6342:f8de:86c:e98b (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
Apex Domain
Subdomains		 Transfer
16 office365.us
forms.osi.office365.us — Cisco Umbrella Rank: 572199
3 MB
8 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 943
224 KB
4 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 123
823 B
2 microsoftonline.us
login.microsoftonline.us — Cisco Umbrella Rank: 11644
29 KB
1 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 921
49 KB
31 5
Domain Requested by
16 forms.osi.office365.us 1 redirects forms.osi.office365.us
8 aadcdn.msftauth.net login.microsoftonline.us
aadcdn.msftauth.net
4 browser.events.data.microsoft.com forms.osi.office365.us
2 login.microsoftonline.us forms.osi.office365.us
aadcdn.msauth.net
1 aadcdn.msauth.net login.microsoftonline.us
31 5

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
forms.office365.us
DigiCert SHA2 Secure Server CA		 2023-12-16 -
2024-12-16		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2023-12-31 -
2024-12-25		 a year crt.sh
login.microsoftonline.us
DigiCert SHA2 Secure Server CA		 2023-12-03 -
2024-12-03		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-01-29 -
2025-01-29		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-12-01 -
2024-12-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%2Fforms.osi.office365.us%2Flanding&resource=153a74ba-783f-4394-bc9a-a109ef69f5c2&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638422402580302144.YjI3ZjI4YmEtMzViMC00MTU5LWI2MDYtNWVhNjA1YzY4MjQ3NmU0M2YwZDgtNGU0OC00MGE0LWI0ZDMtN2IyYmJhYWUwY2Jh&msafed=0&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzdQT2JuWHZLdm11Zm1MMW02V2hhWU5aWTdHNkZpbDVOZlo4ZHRmTllobnY4b251a0tNSk1GS01mSTV1WGNkSnNveGkzMW9Ud3hGV2x2cnFkLVJJaUkiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9zaS5vZmZpY2UzNjUudXMvUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9cVJRcEFsLTVlMHU2emxVYzRhQkFjZnVXVE9PR2p6NU9sMmNHcDZ6bldHOVVPVmROUzFrMlJqZzFXRmxOTUV3NFRVaFBTVEV4U1RKYVRDNHUmc2lkPWNkYzFjYjI2LWMxMTUtNDI3MS1iZDk0LWRmZmU0N2E2OGZkOCIsIi54c3JmIjoiQVVlMnA5TmVZT2w0a3NibmdEYTZFMS1WM01NN21hYTlDYW9jZ0JpMWVXWU1DSVRHTU9VU3JBWGVlQ1pWY3FQbmlFeXZmWV9ZV2xLLXhxLUNNSGtROVp4dXJTMGttMUg0eUpJR1lIVkplYmczUkpoUjNsODlxZ3lCbXNxTVBwYmE0ZyIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFYYUU3R3RONlQ5NTlldWVtVGl3eDhaRFJid2xBLWRCd2ZzMTJRQm02MHVwLVRLMUV2bW8zc0lCTjZBN3I2MklGWkkxSmx6NU1YTHM4a0JZWlRTNXpTaF9jUGZQSTJsaFo4dGtRQXhDVFk5Y2pNRG5FcmhWWEVVUlZtdHdlTXdldkEifX0&x-client-SKU=ID_NET6_0&x-client-ver=6.34.0.0&sso_reload=true
Frame ID: 52047CE51D0367E2E63B3A7DA50DDC7A
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS... Page URL
  2. https://forms.osi.office365.us/oidcLogin?IdentityProvider=aad&ru=https%3A%2F%2Fforms.osi.office365.us%2FPag... HTTP 302
    https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redir... Page URL
  3. https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redir... Page URL

Page Statistics

31
Requests

97 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

2946 kB
Transfer

2271 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u Page URL
  2. https://forms.osi.office365.us/oidcLogin?IdentityProvider=aad&ru=https%3A%2F%2Fforms.osi.office365.us%2FPages%2FResponsePage.aspx%3Fid%3DqRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u%26sid%3Dcdc1cb26-c115-4271-bd94-dffe47a68fd8 HTTP 302
    https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%2Fforms.osi.office365.us%2Flanding&resource=153a74ba-783f-4394-bc9a-a109ef69f5c2&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638422402580302144.YjI3ZjI4YmEtMzViMC00MTU5LWI2MDYtNWVhNjA1YzY4MjQ3NmU0M2YwZDgtNGU0OC00MGE0LWI0ZDMtN2IyYmJhYWUwY2Jh&msafed=0&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzdQT2JuWHZLdm11Zm1MMW02V2hhWU5aWTdHNkZpbDVOZlo4ZHRmTllobnY4b251a0tNSk1GS01mSTV1WGNkSnNveGkzMW9Ud3hGV2x2cnFkLVJJaUkiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9zaS5vZmZpY2UzNjUudXMvUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9cVJRcEFsLTVlMHU2emxVYzRhQkFjZnVXVE9PR2p6NU9sMmNHcDZ6bldHOVVPVmROUzFrMlJqZzFXRmxOTUV3NFRVaFBTVEV4U1RKYVRDNHUmc2lkPWNkYzFjYjI2LWMxMTUtNDI3MS1iZDk0LWRmZmU0N2E2OGZkOCIsIi54c3JmIjoiQVVlMnA5TmVZT2w0a3NibmdEYTZFMS1WM01NN21hYTlDYW9jZ0JpMWVXWU1DSVRHTU9VU3JBWGVlQ1pWY3FQbmlFeXZmWV9ZV2xLLXhxLUNNSGtROVp4dXJTMGttMUg0eUpJR1lIVkplYmczUkpoUjNsODlxZ3lCbXNxTVBwYmE0ZyIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFYYUU3R3RONlQ5NTlldWVtVGl3eDhaRFJid2xBLWRCd2ZzMTJRQm02MHVwLVRLMUV2bW8zc0lCTjZBN3I2MklGWkkxSmx6NU1YTHM4a0JZWlRTNXpTaF9jUGZQSTJsaFo4dGtRQXhDVFk5Y2pNRG5FcmhWWEVVUlZtdHdlTXdldkEifX0&x-client-SKU=ID_NET6_0&x-client-ver=6.34.0.0 Page URL
  3. https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%2Fforms.osi.office365.us%2Flanding&resource=153a74ba-783f-4394-bc9a-a109ef69f5c2&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638422402580302144.YjI3ZjI4YmEtMzViMC00MTU5LWI2MDYtNWVhNjA1YzY4MjQ3NmU0M2YwZDgtNGU0OC00MGE0LWI0ZDMtN2IyYmJhYWUwY2Jh&msafed=0&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzdQT2JuWHZLdm11Zm1MMW02V2hhWU5aWTdHNkZpbDVOZlo4ZHRmTllobnY4b251a0tNSk1GS01mSTV1WGNkSnNveGkzMW9Ud3hGV2x2cnFkLVJJaUkiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9zaS5vZmZpY2UzNjUudXMvUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9cVJRcEFsLTVlMHU2emxVYzRhQkFjZnVXVE9PR2p6NU9sMmNHcDZ6bldHOVVPVmROUzFrMlJqZzFXRmxOTUV3NFRVaFBTVEV4U1RKYVRDNHUmc2lkPWNkYzFjYjI2LWMxMTUtNDI3MS1iZDk0LWRmZmU0N2E2OGZkOCIsIi54c3JmIjoiQVVlMnA5TmVZT2w0a3NibmdEYTZFMS1WM01NN21hYTlDYW9jZ0JpMWVXWU1DSVRHTU9VU3JBWGVlQ1pWY3FQbmlFeXZmWV9ZV2xLLXhxLUNNSGtROVp4dXJTMGttMUg0eUpJR1lIVkplYmczUkpoUjNsODlxZ3lCbXNxTVBwYmE0ZyIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFYYUU3R3RONlQ5NTlldWVtVGl3eDhaRFJid2xBLWRCd2ZzMTJRQm02MHVwLVRLMUV2bW8zc0lCTjZBN3I2MklGWkkxSmx6NU1YTHM4a0JZWlRTNXpTaF9jUGZQSTJsaFo4dGtRQXhDVFk5Y2pNRG5FcmhWWEVVUlZtdHdlTXdldkEifX0&x-client-SKU=ID_NET6_0&x-client-ver=6.34.0.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://forms.osi.office365.us/oidcLogin?IdentityProvider=aad&ru=https%3A%2F%2Fforms.osi.office365.us%2FPages%2FResponsePage.aspx%3Fid%3DqRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u%26sid%3Dcdc1cb26-c115-4271-bd94-dffe47a68fd8 HTTP 302
  • https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%2Fforms.osi.office365.us%2Flanding&resource=153a74ba-783f-4394-bc9a-a109ef69f5c2&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638422402580302144.YjI3ZjI4YmEtMzViMC00MTU5LWI2MDYtNWVhNjA1YzY4MjQ3NmU0M2YwZDgtNGU0OC00MGE0LWI0ZDMtN2IyYmJhYWUwY2Jh&msafed=0&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzdQT2JuWHZLdm11Zm1MMW02V2hhWU5aWTdHNkZpbDVOZlo4ZHRmTllobnY4b251a0tNSk1GS01mSTV1WGNkSnNveGkzMW9Ud3hGV2x2cnFkLVJJaUkiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9zaS5vZmZpY2UzNjUudXMvUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9cVJRcEFsLTVlMHU2emxVYzRhQkFjZnVXVE9PR2p6NU9sMmNHcDZ6bldHOVVPVmROUzFrMlJqZzFXRmxOTUV3NFRVaFBTVEV4U1RKYVRDNHUmc2lkPWNkYzFjYjI2LWMxMTUtNDI3MS1iZDk0LWRmZmU0N2E2OGZkOCIsIi54c3JmIjoiQVVlMnA5TmVZT2w0a3NibmdEYTZFMS1WM01NN21hYTlDYW9jZ0JpMWVXWU1DSVRHTU9VU3JBWGVlQ1pWY3FQbmlFeXZmWV9ZV2xLLXhxLUNNSGtROVp4dXJTMGttMUg0eUpJR1lIVkplYmczUkpoUjNsODlxZ3lCbXNxTVBwYmE0ZyIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFYYUU3R3RONlQ5NTlldWVtVGl3eDhaRFJid2xBLWRCd2ZzMTJRQm02MHVwLVRLMUV2bW8zc0lCTjZBN3I2MklGWkkxSmx6NU1YTHM4a0JZWlRTNXpTaF9jUGZQSTJsaFo4dGtRQXhDVFk5Y2pNRG5FcmhWWEVVUlZtdHdlTXdldkEifX0&x-client-SKU=ID_NET6_0&x-client-ver=6.34.0.0

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ResponsePage.aspx
forms.osi.office365.us/Pages/ 		49 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3dcbb0e3526ba831946b11e682082bfd3e1e0ee1404189a07a58fcb4c7252c5e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 30 Jan 2024 19:37:35 GMT
expires
0
link
<https://forms.osi.office365.us/cdn>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-correlationid
9a9a4cbd-3362-4a5c-97c9-074c6768e4fb
x-officecluster
usge-000.forms.office365.us
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.17315.42053
x-robots-tag
noindex, nofollow
x-routingcorrelationid
9a9a4cbd-3362-4a5c-97c9-074c6768e4fb
x-routingofficecluster
usge-000.forms.office365.us
x-routingofficefe
FormsSingleBox_IN_0
x-routingofficeversion
16.0.17315.42053
x-routingsessionid
cdc1cb26-c115-4271-bd94-dffe47a68fd8
x-usersessionid
cdc1cb26-c115-4271-bd94-dffe47a68fd8
ls-response.en-us.e13bf9770.js
forms.osi.office365.us/cdn/scripts/dists/ 		34 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/cdn/scripts/dists/ls-response.en-us.e13bf9770.js
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e92223d0593b70f28434879f6ec5555d7d527f3e3819c5c053c2e05b8e2169c4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
Origin
https://forms.osi.office365.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-md5
KQObB1UP1uYDZNIzfANEVg==
content-length
34486
x-routingofficefe
FormsSingleBox_IN_0
x-ms-lease-status
unlocked
x-routingofficeversion
16.0.17315.42053
last-modified
Tue, 23 Jan 2024 21:18:23 GMT
etag
0x8DC1C58D5368B5E
content-type
application/javascript
access-control-allow-origin
*
x-routingcorrelationid
221682db-86cd-4424-8b7e-2ed56ff71eb1
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-request-id
9b2c90c2-601e-0027-0eb3-53a5db000000
x-ms-version
2009-09-19
x-routingsessionid
0cc2ffed-fedd-46b5-a519-1716ff610d25
x-routingofficecluster
usge-000.forms.office365.us
dll-dompurify.min.b12dd51.js
forms.osi.office365.us/cdn/scripts/dists/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/cdn/scripts/dists/dll-dompurify.min.b12dd51.js
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aa1d1b639fd3dca8c6d202d97c9908b015d09b6f7336b8e048d23f77a144511c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
Origin
https://forms.osi.office365.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-md5
nhK4L3XjropAxFkrHiZ/hA==
content-length
37912
x-routingofficefe
FormsSingleBox_IN_0
x-ms-lease-status
unlocked
x-routingofficeversion
16.0.17315.42053
last-modified
Tue, 23 Jan 2024 21:18:16 GMT
etag
0x8DC1C58D0F51322
content-type
application/javascript
access-control-allow-origin
*
x-routingcorrelationid
94cab3a1-c612-4a7b-949b-53dcdd54a298
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-request-id
535e0ddd-c01e-0065-16b3-538ecf000000
x-ms-version
2009-09-19
x-routingsessionid
9c44703e-5d2a-46ae-853f-efa8504f29cd
x-routingofficecluster
usge-000.forms.office365.us
light-response-page.min.1c5db81.js
forms.osi.office365.us/cdn/scripts/dists/ 		458 KB
459 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.min.1c5db81.js
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b1635b8b31939a1951dc8dfc04e1725955636ce0fec583beaba5b7b9b14f46db
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
Origin
https://forms.osi.office365.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-md5
L5j/QjgwzSsmVM4tJcIRXQ==
content-length
469408
x-routingofficefe
FormsSingleBox_IN_0
x-ms-lease-status
unlocked
x-routingofficeversion
16.0.17315.42053
last-modified
Tue, 23 Jan 2024 21:18:19 GMT
etag
0x8DC1C58D2D3C6C6
content-type
application/javascript
access-control-allow-origin
*
x-routingcorrelationid
4ce6fe2d-462b-41f1-9078-b5e6504ab1f3
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-request-id
c3e72598-501e-0024-21b3-53a6dc000000
x-ms-version
2009-09-19
x-routingsessionid
458ac2f2-0c9f-44c8-a9de-9bb8e7ac14f9
x-routingofficecluster
usge-000.forms.office365.us
runtimeFormsWithResponses('qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u')
forms.osi.office365.us/formapi/api/022914a9-b95f-4b7b-bace-551ce1a04071/users/e34c96fb-8f86-4e3e-9767-06a7ace7586f/light/ 		97 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/formapi/api/022914a9-b95f-4b7b-bace-551ce1a04071/users/e34c96fb-8f86-4e3e-9767-06a7ace7586f/light/runtimeFormsWithResponses('qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
804afd34b6a457c1e712bb336ef8c02babeaf7931973e0e733fa6399ac25eadb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
X-UserSessionId
cdc1cb26-c115-4271-bd94-dffe47a68fd8
accept-language
en-US,en;q=0.9
__RequestVerificationToken
1KwVYh1G6exUQn9lVLwDY5_9w2eZX5oBIn-oLLZDZUVLCCYJqIupE-tTcv62RQ6XhNJyAsWUdpKgOqTl65iYpZR8goVgih6w3YGJ6Ap8hc01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 30 Jan 2024 19:37:36 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000; includeSubDomains
x-officeversion
16.0.17315.42053
x-officefe
FormsSingleBox_IN_1
x-routingofficefe
FormsSingleBox_IN_0
x-routingofficeversion
16.0.17315.42053
x-correlationid
c2f39869-e369-40b4-b591-7a70cd311601
x-officecluster
usge-000.forms.office365.us
x-usersessionid
cdc1cb26-c115-4271-bd94-dffe47a68fd8
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
c2f39869-e369-40b4-b591-7a70cd311601
x-routingsessionid
cdc1cb26-c115-4271-bd94-dffe47a68fd8
x-robots-tag
noindex, nofollow
x-routingofficecluster
usge-000.forms.office365.us
light-response-page.chunk.lrp_ext.604cff0.js
forms.osi.office365.us/cdn/scripts/dists/ 		0
407 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.chunk.lrp_ext.604cff0.js
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.min.1c5db81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-md5
+UuvPAebt5a28yvxo9njXA==
content-length
416617
x-routingofficefe
FormsSingleBox_IN_0
x-ms-lease-status
unlocked
x-routingofficeversion
16.0.17315.42053
last-modified
Tue, 23 Jan 2024 21:18:19 GMT
etag
0x8DC1C58D2BA7613
content-type
application/javascript
access-control-allow-origin
*
x-routingcorrelationid
16d39022-7076-4b58-9b54-7b30392c0653
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-request-id
c3e726ea-501e-0024-4ab3-53a6dc000000
x-ms-version
2009-09-19
x-routingsessionid
8dc8efc2-f8b6-4564-bf74-9f527280afb0
x-routingofficecluster
usge-000.forms.office365.us
light-response-page.chunk.lrp_saveresponse.1b7ebad.js
forms.osi.office365.us/cdn/scripts/dists/ 		0
30 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.chunk.lrp_saveresponse.1b7ebad.js
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.min.1c5db81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-md5
n74vW4I1ZHH0eHQbZKdiZw==
content-length
30747
x-routingofficefe
FormsSingleBox_IN_0
x-ms-lease-status
unlocked
x-routingofficeversion
16.0.17315.42053
last-modified
Tue, 23 Jan 2024 21:18:19 GMT
etag
0x8DC1C58D2BEE241
content-type
application/javascript
access-control-allow-origin
*
x-routingcorrelationid
e93cdca7-c262-4ffd-b5e3-1e5f629ea55a
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-request-id
2844a455-c01e-00a9-1cb3-53ea7a000000
x-ms-version
2009-09-19
x-routingsessionid
3d1eba10-f753-4b31-9439-90cba0f4138d
x-routingofficecluster
usge-000.forms.office365.us
light-response-page.chunk.lrp_cover.c25aacb.js
forms.osi.office365.us/cdn/scripts/dists/ 		0
68 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.chunk.lrp_cover.c25aacb.js
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.min.1c5db81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-md5
XzB47k95idpL0P04aoRgCw==
content-length
69885
x-routingofficefe
FormsSingleBox_IN_0
x-ms-lease-status
unlocked
x-routingofficeversion
16.0.17315.42053
last-modified
Tue, 23 Jan 2024 21:18:19 GMT
etag
0x8DC1C58D2AEDEFF
content-type
application/javascript
access-control-allow-origin
*
x-routingcorrelationid
4e31e8b2-327a-4e65-8bdf-7acc9a77591d
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-request-id
535e0e95-c01e-0065-3fb3-538ecf000000
x-ms-version
2009-09-19
x-routingsessionid
abeca483-b7d5-4146-b427-bc86e8ffe40a
x-routingofficecluster
usge-000.forms.office365.us
light-response-page.chunk.lrp_post.boot.70e5530.js
forms.osi.office365.us/cdn/scripts/dists/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.chunk.lrp_post.boot.70e5530.js
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.min.1c5db81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-md5
ejbvYkPsgR+jo2E8aWhcCg==
content-length
14307
x-routingofficefe
FormsSingleBox_IN_0
x-ms-lease-status
unlocked
x-routingofficeversion
16.0.17315.42053
last-modified
Tue, 23 Jan 2024 21:18:19 GMT
etag
0x8DC1C58D2BD0DBD
content-type
application/javascript
access-control-allow-origin
*
x-routingcorrelationid
7eed16c3-be6c-494b-b221-d59fb519a4e3
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-request-id
9b2c91d3-601e-0027-04b3-53a5db000000
x-ms-version
2009-09-19
x-routingsessionid
61e20369-2702-4f67-b04c-3bb1108a4e5e
x-routingofficecluster
usge-000.forms.office365.us
light-response-page.chunk.lrp_ext.604cff0.js
forms.osi.office365.us/cdn/scripts/dists/ 		407 KB
408 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.chunk.lrp_ext.604cff0.js
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.min.1c5db81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
508c845692134302fb3540f9e90e59a0352ac584c3f1a204c8c4d45f0434e6ae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-md5
+UuvPAebt5a28yvxo9njXA==
content-length
416617
x-routingofficefe
FormsSingleBox_IN_0
x-ms-lease-status
unlocked
x-routingofficeversion
16.0.17315.42053
last-modified
Tue, 23 Jan 2024 21:18:19 GMT
etag
0x8DC1C58D2BA7613
content-type
application/javascript
access-control-allow-origin
*
x-routingcorrelationid
6fe95ffd-2bc9-4c63-bbb7-8818e70b8815
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-request-id
c3e726f9-501e-0024-59b3-53a6dc000000
x-ms-version
2009-09-19
x-routingsessionid
d7771845-6015-4171-b4fb-aa20e8764091
x-routingofficecluster
usge-000.forms.office365.us
light-response-page.chunk.officebrowserfeedback.39bdf71.js
forms.osi.office365.us/cdn/scripts/dists/ 		0
934 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.chunk.officebrowserfeedback.39bdf71.js
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.min.1c5db81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-md5
LLmqutq3zARC0VScC5CYAA==
content-length
955425
x-routingofficefe
FormsSingleBox_IN_0
x-ms-lease-status
unlocked
x-routingofficeversion
16.0.17315.42053
last-modified
Tue, 23 Jan 2024 21:18:19 GMT
etag
0x8DC1C58D2C79395
content-type
application/javascript
access-control-allow-origin
*
x-routingcorrelationid
f264d44e-6f64-441e-84bd-84fbaa600d11
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-request-id
c3e72758-501e-0024-2fb3-53a6dc000000
x-ms-version
2009-09-19
x-routingsessionid
54932a95-8ea8-460d-8ad8-67d02d2f49aa
x-routingofficecluster
usge-000.forms.office365.us
light-response-page.chunk.try_dv.d33b8a6.js
forms.osi.office365.us/cdn/scripts/dists/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.chunk.try_dv.d33b8a6.js
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.min.1c5db81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-md5
ZfrTMKzsNA1zI/o5hFNC3A==
content-length
10051
x-routingofficefe
FormsSingleBox_IN_0
x-ms-lease-status
unlocked
x-routingofficeversion
16.0.17315.42053
last-modified
Tue, 23 Jan 2024 21:18:19 GMT
etag
0x8DC1C58D2C65B38
content-type
application/javascript
access-control-allow-origin
*
x-routingcorrelationid
c941ea29-01f7-4f15-bddf-6e25a1a07a6c
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-request-id
2844a4bd-c01e-00a9-78b3-53ea7a000000
x-ms-version
2009-09-19
x-routingsessionid
acc45180-a654-4983-9334-2ad4069f3800
x-routingofficecluster
usge-000.forms.office365.us
light-response-page.chunk.1ds.229113a.js
forms.osi.office365.us/cdn/scripts/dists/ 		104 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.chunk.1ds.229113a.js
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.min.1c5db81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a0188efa86628eb3dfad5772ebfb37ee7bb503c18526dce3b5fa63ea73a33a89
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-md5
5+5tU+VAOnhCEK/vOcRk4w==
content-length
106577
x-routingofficefe
FormsSingleBox_IN_0
x-ms-lease-status
unlocked
x-routingofficeversion
16.0.17315.42053
last-modified
Tue, 23 Jan 2024 21:18:19 GMT
etag
0x8DC1C58D2AC6E61
content-type
application/javascript
access-control-allow-origin
*
x-routingcorrelationid
686de3bb-fe6c-452b-a5cf-b990ded4bf94
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-request-id
2844a4ce-c01e-00a9-08b3-53ea7a000000
x-ms-version
2009-09-19
x-routingsessionid
cef44317-20b2-4128-9e95-77433d2445aa
x-routingofficecluster
usge-000.forms.office365.us
light-response-page.chunk.utel.86ef361.js
forms.osi.office365.us/cdn/scripts/dists/ 		28 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.chunk.utel.86ef361.js
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.min.1c5db81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
81a9550cb8697373510a1c9e6d21f28fce0139f43e2d19b7f15ce37c9e73104d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-md5
2v+S/MAYQt+4lEimLkiWhg==
content-length
28415
x-routingofficefe
FormsSingleBox_IN_0
x-ms-lease-status
unlocked
x-routingofficeversion
16.0.17315.42053
last-modified
Tue, 23 Jan 2024 21:18:19 GMT
etag
0x8DC1C58D2C6823F
content-type
application/javascript
access-control-allow-origin
*
x-routingcorrelationid
ef0aa11c-f371-409a-af11-51b18e07c667
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-request-id
535e0edc-c01e-0065-03b3-538ecf000000
x-ms-version
2009-09-19
x-routingsessionid
49f97fbf-b8a7-4c76-921e-b3ef8bed8e4e
x-routingofficecluster
usge-000.forms.office365.us
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.chunk.1ds.229113a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.89.179.11 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2a4e1c78d9255f077de450fa0cba14d53a2492e4d1c76a7ca11476e382a32c19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1706643456761
accept-language
en-US,en;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.osi.office365.us/
apikey
577e32a3275e48c5a639a92c9a8af033-4028cb75-b5f4-4ad0-835e-0e26d79ff209-6823
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 19:37:36 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
734
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://forms.osi.office365.us
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.89.179.11 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.osi.office365.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.osi.office365.us
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 30 Jan 2024 19:37:36 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
telemetry-worker.1.js
forms.osi.office365.us/cdn/scripts/dists/ 		94 KB
94 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.osi.office365.us/cdn/scripts/dists/telemetry-worker.1.js
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:489a:2206:20::1b Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:37 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-md5
AuTwtTN3P1A4yfUqcTydmA==
content-length
96086
x-routingofficefe
FormsSingleBox_IN_0
x-ms-lease-status
unlocked
x-routingofficeversion
16.0.17315.42053
last-modified
Tue, 23 Jan 2024 21:18:36 GMT
etag
0x8DC1C58DCA09388
content-type
application/javascript
access-control-allow-origin
*
x-routingcorrelationid
c4f7e578-6cd4-4597-a8fa-0c94a5ed2361
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-request-id
535e1138-c01e-0065-44b3-538ecf000000
x-ms-version
2009-09-19
x-routingsessionid
7ef9cdc6-c41b-45d5-9f6a-280ca9c9fd5f
x-routingofficecluster
usge-000.forms.office365.us
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&apikey=4e990506778b4d9cbf05300e98315eed-682648e1-a406-45c4-9d5b-709b9899d662-7161
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.chunk.utel.86ef361.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.89.179.11 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://forms.osi.office365.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
authorize
login.microsoftonline.us/common/oauth2/
Redirect Chain
  • https://forms.osi.office365.us/oidcLogin?IdentityProvider=aad&ru=https%3A%2F%2Fforms.osi.office365.us%2FPages%2FResponsePage.aspx%3Fid%3DqRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlN...
  • https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%2Fforms.osi.office365.us%2Flanding&resource=153a74ba-783f-4394-bc9a-...
21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%2Fforms.osi.office365.us%2Flanding&resource=153a74ba-783f-4394-bc9a-a109ef69f5c2&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638422402580302144.YjI3ZjI4YmEtMzViMC00MTU5LWI2MDYtNWVhNjA1YzY4MjQ3NmU0M2YwZDgtNGU0OC00MGE0LWI0ZDMtN2IyYmJhYWUwY2Jh&msafed=0&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzdQT2JuWHZLdm11Zm1MMW02V2hhWU5aWTdHNkZpbDVOZlo4ZHRmTllobnY4b251a0tNSk1GS01mSTV1WGNkSnNveGkzMW9Ud3hGV2x2cnFkLVJJaUkiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9zaS5vZmZpY2UzNjUudXMvUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9cVJRcEFsLTVlMHU2emxVYzRhQkFjZnVXVE9PR2p6NU9sMmNHcDZ6bldHOVVPVmROUzFrMlJqZzFXRmxOTUV3NFRVaFBTVEV4U1RKYVRDNHUmc2lkPWNkYzFjYjI2LWMxMTUtNDI3MS1iZDk0LWRmZmU0N2E2OGZkOCIsIi54c3JmIjoiQVVlMnA5TmVZT2w0a3NibmdEYTZFMS1WM01NN21hYTlDYW9jZ0JpMWVXWU1DSVRHTU9VU3JBWGVlQ1pWY3FQbmlFeXZmWV9ZV2xLLXhxLUNNSGtROVp4dXJTMGttMUg0eUpJR1lIVkplYmczUkpoUjNsODlxZ3lCbXNxTVBwYmE0ZyIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFYYUU3R3RONlQ5NTlldWVtVGl3eDhaRFJid2xBLWRCd2ZzMTJRQm02MHVwLVRLMUV2bW8zc0lCTjZBN3I2MklGWkkxSmx6NU1YTHM4a0JZWlRTNXpTaF9jUGZQSTJsaFo4dGtRQXhDVFk5Y2pNRG5FcmhWWEVVUlZtdHdlTXdldkEifX0&x-client-SKU=ID_NET6_0&x-client-ver=6.34.0.0
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.chunk.lrp_ext.604cff0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3500::9 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e5f4e108076e2b510eec52bb9dd01e45a870a1bd14d3420b78fb419ae01bfce7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.osi.office365.us/Pages/ResponsePage.aspx?id=qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
9074
Content-Type
text/html; charset=utf-8
Date
Tue, 30 Jan 2024 19:37:38 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.17184.4 - USGVA ProdSlices
x-ms-request-id
c38ec05c-d46d-4c4f-bfa8-030317b70900

Redirect headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 30 Jan 2024 19:37:37 GMT
location
https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%2Fforms.osi.office365.us%2Flanding&resource=153a74ba-783f-4394-bc9a-a109ef69f5c2&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638422402580302144.YjI3ZjI4YmEtMzViMC00MTU5LWI2MDYtNWVhNjA1YzY4MjQ3NmU0M2YwZDgtNGU0OC00MGE0LWI0ZDMtN2IyYmJhYWUwY2Jh&msafed=0&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzdQT2JuWHZLdm11Zm1MMW02V2hhWU5aWTdHNkZpbDVOZlo4ZHRmTllobnY4b251a0tNSk1GS01mSTV1WGNkSnNveGkzMW9Ud3hGV2x2cnFkLVJJaUkiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9zaS5vZmZpY2UzNjUudXMvUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9cVJRcEFsLTVlMHU2emxVYzRhQkFjZnVXVE9PR2p6NU9sMmNHcDZ6bldHOVVPVmROUzFrMlJqZzFXRmxOTUV3NFRVaFBTVEV4U1RKYVRDNHUmc2lkPWNkYzFjYjI2LWMxMTUtNDI3MS1iZDk0LWRmZmU0N2E2OGZkOCIsIi54c3JmIjoiQVVlMnA5TmVZT2w0a3NibmdEYTZFMS1WM01NN21hYTlDYW9jZ0JpMWVXWU1DSVRHTU9VU3JBWGVlQ1pWY3FQbmlFeXZmWV9ZV2xLLXhxLUNNSGtROVp4dXJTMGttMUg0eUpJR1lIVkplYmczUkpoUjNsODlxZ3lCbXNxTVBwYmE0ZyIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFYYUU3R3RONlQ5NTlldWVtVGl3eDhaRFJid2xBLWRCd2ZzMTJRQm02MHVwLVRLMUV2bW8zc0lCTjZBN3I2MklGWkkxSmx6NU1YTHM4a0JZWlRTNXpTaF9jUGZQSTJsaFo4dGtRQXhDVFk5Y2pNRG5FcmhWWEVVUlZtdHdlTXdldkEifX0&x-client-SKU=ID_NET6_0&x-client-ver=6.34.0.0
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-correlationid
e981cf02-1ab5-4c10-b1c6-65859c42e85b
x-officecluster
usge-000.forms.office365.us
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.17315.42053
x-routingcorrelationid
e981cf02-1ab5-4c10-b1c6-65859c42e85b
x-routingofficecluster
usge-000.forms.office365.us
x-routingofficefe
FormsSingleBox_IN_0
x-routingofficeversion
16.0.17315.42053
x-routingsessionid
d78eb220-4df8-427f-9da2-b57d820e242b
x-usersessionid
d78eb220-4df8-427f-9da2-b57d820e242b
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
59 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=577e32a3275e48c5a639a92c9a8af033-4028cb75-b5f4-4ad0-835e-0e26d79ff209-6823&upload-time=1706643457813&time-delta-to-apply-millis=734&w=0&NoResponseBody=true
Requested by
Host: forms.osi.office365.us
URL: https://forms.osi.office365.us/cdn/scripts/dists/light-response-page.chunk.1ds.229113a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.89.179.11 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://forms.osi.office365.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 19:37:37 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
44
access-control-allow-methods
POST
access-control-allow-origin
https://forms.osi.office365.us
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0
BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		136 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%2Fforms.osi.office365.us%2Flanding&resource=153a74ba-783f-4394-bc9a-a109ef69f5c2&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638422402580302144.YjI3ZjI4YmEtMzViMC00MTU5LWI2MDYtNWVhNjA1YzY4MjQ3NmU0M2YwZDgtNGU0OC00MGE0LWI0ZDMtN2IyYmJhYWUwY2Jh&msafed=0&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzdQT2JuWHZLdm11Zm1MMW02V2hhWU5aWTdHNkZpbDVOZlo4ZHRmTllobnY4b251a0tNSk1GS01mSTV1WGNkSnNveGkzMW9Ud3hGV2x2cnFkLVJJaUkiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9zaS5vZmZpY2UzNjUudXMvUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9cVJRcEFsLTVlMHU2emxVYzRhQkFjZnVXVE9PR2p6NU9sMmNHcDZ6bldHOVVPVmROUzFrMlJqZzFXRmxOTUV3NFRVaFBTVEV4U1RKYVRDNHUmc2lkPWNkYzFjYjI2LWMxMTUtNDI3MS1iZDk0LWRmZmU0N2E2OGZkOCIsIi54c3JmIjoiQVVlMnA5TmVZT2w0a3NibmdEYTZFMS1WM01NN21hYTlDYW9jZ0JpMWVXWU1DSVRHTU9VU3JBWGVlQ1pWY3FQbmlFeXZmWV9ZV2xLLXhxLUNNSGtROVp4dXJTMGttMUg0eUpJR1lIVkplYmczUkpoUjNsODlxZ3lCbXNxTVBwYmE0ZyIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFYYUU3R3RONlQ5NTlldWVtVGl3eDhaRFJid2xBLWRCd2ZzMTJRQm02MHVwLVRLMUV2bW8zc0lCTjZBN3I2MklGWkkxSmx6NU1YTHM4a0JZWlRTNXpTaF9jUGZQSTJsaFo4dGtRQXhDVFk5Y2pNRG5FcmhWWEVVUlZtdHdlTXdldkEifX0&x-client-SKU=ID_NET6_0&x-client-ver=6.34.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:38 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
49102
x-ms-lease-status
unlocked
last-modified
Fri, 22 Dec 2023 23:52:28 GMT
etag
0x8DC03490E5BD232
x-azure-ref
20240130T193738Z-26a49pzkp96ch94658ypk0zh1400000002r0000000008e58
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
38a2ecd5-701e-0064-2979-52d959000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request authorize
login.microsoftonline.us/common/oauth2/ 		48 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%2Fforms.osi.office365.us%2Flanding&resource=153a74ba-783f-4394-bc9a-a109ef69f5c2&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638422402580302144.YjI3ZjI4YmEtMzViMC00MTU5LWI2MDYtNWVhNjA1YzY4MjQ3NmU0M2YwZDgtNGU0OC00MGE0LWI0ZDMtN2IyYmJhYWUwY2Jh&msafed=0&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzdQT2JuWHZLdm11Zm1MMW02V2hhWU5aWTdHNkZpbDVOZlo4ZHRmTllobnY4b251a0tNSk1GS01mSTV1WGNkSnNveGkzMW9Ud3hGV2x2cnFkLVJJaUkiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9zaS5vZmZpY2UzNjUudXMvUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9cVJRcEFsLTVlMHU2emxVYzRhQkFjZnVXVE9PR2p6NU9sMmNHcDZ6bldHOVVPVmROUzFrMlJqZzFXRmxOTUV3NFRVaFBTVEV4U1RKYVRDNHUmc2lkPWNkYzFjYjI2LWMxMTUtNDI3MS1iZDk0LWRmZmU0N2E2OGZkOCIsIi54c3JmIjoiQVVlMnA5TmVZT2w0a3NibmdEYTZFMS1WM01NN21hYTlDYW9jZ0JpMWVXWU1DSVRHTU9VU3JBWGVlQ1pWY3FQbmlFeXZmWV9ZV2xLLXhxLUNNSGtROVp4dXJTMGttMUg0eUpJR1lIVkplYmczUkpoUjNsODlxZ3lCbXNxTVBwYmE0ZyIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFYYUU3R3RONlQ5NTlldWVtVGl3eDhaRFJid2xBLWRCd2ZzMTJRQm02MHVwLVRLMUV2bW8zc0lCTjZBN3I2MklGWkkxSmx6NU1YTHM4a0JZWlRTNXpTaF9jUGZQSTJsaFo4dGtRQXhDVFk5Y2pNRG5FcmhWWEVVUlZtdHdlTXdldkEifX0&x-client-SKU=ID_NET6_0&x-client-ver=6.34.0.0&sso_reload=true
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_aoxn9LgNNeyAz3OYDcN7uA2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3500::9 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
81b8f4334b2973f52e0b85bf290a73abb1c36223a558e3dcf3a2892368a5e766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%2Fforms.osi.office365.us%2Flanding&resource=153a74ba-783f-4394-bc9a-a109ef69f5c2&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638422402580302144.YjI3ZjI4YmEtMzViMC00MTU5LWI2MDYtNWVhNjA1YzY4MjQ3NmU0M2YwZDgtNGU0OC00MGE0LWI0ZDMtN2IyYmJhYWUwY2Jh&msafed=0&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzdQT2JuWHZLdm11Zm1MMW02V2hhWU5aWTdHNkZpbDVOZlo4ZHRmTllobnY4b251a0tNSk1GS01mSTV1WGNkSnNveGkzMW9Ud3hGV2x2cnFkLVJJaUkiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9zaS5vZmZpY2UzNjUudXMvUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9cVJRcEFsLTVlMHU2emxVYzRhQkFjZnVXVE9PR2p6NU9sMmNHcDZ6bldHOVVPVmROUzFrMlJqZzFXRmxOTUV3NFRVaFBTVEV4U1RKYVRDNHUmc2lkPWNkYzFjYjI2LWMxMTUtNDI3MS1iZDk0LWRmZmU0N2E2OGZkOCIsIi54c3JmIjoiQVVlMnA5TmVZT2w0a3NibmdEYTZFMS1WM01NN21hYTlDYW9jZ0JpMWVXWU1DSVRHTU9VU3JBWGVlQ1pWY3FQbmlFeXZmWV9ZV2xLLXhxLUNNSGtROVp4dXJTMGttMUg0eUpJR1lIVkplYmczUkpoUjNsODlxZ3lCbXNxTVBwYmE0ZyIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFYYUU3R3RONlQ5NTlldWVtVGl3eDhaRFJid2xBLWRCd2ZzMTJRQm02MHVwLVRLMUV2bW8zc0lCTjZBN3I2MklGWkkxSmx6NU1YTHM4a0JZWlRTNXpTaF9jUGZQSTJsaFo4dGtRQXhDVFk5Y2pNRG5FcmhWWEVVUlZtdHdlTXdldkEifX0&x-client-SKU=ID_NET6_0&x-client-ver=6.34.0.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
17061
Content-Type
text/html; charset=utf-8
Date
Tue, 30 Jan 2024 19:37:39 GMT
Expires
-1
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.17122.3 - USGTX ProdSlices
x-ms-request-id
40f28e37-e2cb-4b41-8ac0-e3a3dcfdff00
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		110 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%2Fforms.osi.office365.us%2Flanding&resource=153a74ba-783f-4394-bc9a-a109ef69f5c2&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638422402580302144.YjI3ZjI4YmEtMzViMC00MTU5LWI2MDYtNWVhNjA1YzY4MjQ3NmU0M2YwZDgtNGU0OC00MGE0LWI0ZDMtN2IyYmJhYWUwY2Jh&msafed=0&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzdQT2JuWHZLdm11Zm1MMW02V2hhWU5aWTdHNkZpbDVOZlo4ZHRmTllobnY4b251a0tNSk1GS01mSTV1WGNkSnNveGkzMW9Ud3hGV2x2cnFkLVJJaUkiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9zaS5vZmZpY2UzNjUudXMvUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9cVJRcEFsLTVlMHU2emxVYzRhQkFjZnVXVE9PR2p6NU9sMmNHcDZ6bldHOVVPVmROUzFrMlJqZzFXRmxOTUV3NFRVaFBTVEV4U1RKYVRDNHUmc2lkPWNkYzFjYjI2LWMxMTUtNDI3MS1iZDk0LWRmZmU0N2E2OGZkOCIsIi54c3JmIjoiQVVlMnA5TmVZT2w0a3NibmdEYTZFMS1WM01NN21hYTlDYW9jZ0JpMWVXWU1DSVRHTU9VU3JBWGVlQ1pWY3FQbmlFeXZmWV9ZV2xLLXhxLUNNSGtROVp4dXJTMGttMUg0eUpJR1lIVkplYmczUkpoUjNsODlxZ3lCbXNxTVBwYmE0ZyIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFYYUU3R3RONlQ5NTlldWVtVGl3eDhaRFJid2xBLWRCd2ZzMTJRQm02MHVwLVRLMUV2bW8zc0lCTjZBN3I2MklGWkkxSmx6NU1YTHM4a0JZWlRTNXpTaF9jUGZQSTJsaFo4dGtRQXhDVFk5Y2pNRG5FcmhWWEVVUlZtdHdlTXdldkEifX0&x-client-SKU=ID_NET6_0&x-client-ver=6.34.0.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/47DF) /
Resource Hash
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:39 GMT
content-encoding
gzip
content-md5
kqhA3D0Xczna4D/t8ioitQ==
age
2829800
x-cache
HIT
content-length
20314
x-ms-lease-status
unlocked
last-modified
Wed, 27 Dec 2023 18:19:21 GMT
server
ECAcc (nyb/47DF)
etag
0x8DC070858CA028D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
e3451abe-c01e-0013-4ff7-399702000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_G8Z5rroNOgOG4sM8nNFBUw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		421 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_G8Z5rroNOgOG4sM8nNFBUw2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%2Fforms.osi.office365.us%2Flanding&resource=153a74ba-783f-4394-bc9a-a109ef69f5c2&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638422402580302144.YjI3ZjI4YmEtMzViMC00MTU5LWI2MDYtNWVhNjA1YzY4MjQ3NmU0M2YwZDgtNGU0OC00MGE0LWI0ZDMtN2IyYmJhYWUwY2Jh&msafed=0&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzdQT2JuWHZLdm11Zm1MMW02V2hhWU5aWTdHNkZpbDVOZlo4ZHRmTllobnY4b251a0tNSk1GS01mSTV1WGNkSnNveGkzMW9Ud3hGV2x2cnFkLVJJaUkiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9zaS5vZmZpY2UzNjUudXMvUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9cVJRcEFsLTVlMHU2emxVYzRhQkFjZnVXVE9PR2p6NU9sMmNHcDZ6bldHOVVPVmROUzFrMlJqZzFXRmxOTUV3NFRVaFBTVEV4U1RKYVRDNHUmc2lkPWNkYzFjYjI2LWMxMTUtNDI3MS1iZDk0LWRmZmU0N2E2OGZkOCIsIi54c3JmIjoiQVVlMnA5TmVZT2w0a3NibmdEYTZFMS1WM01NN21hYTlDYW9jZ0JpMWVXWU1DSVRHTU9VU3JBWGVlQ1pWY3FQbmlFeXZmWV9ZV2xLLXhxLUNNSGtROVp4dXJTMGttMUg0eUpJR1lIVkplYmczUkpoUjNsODlxZ3lCbXNxTVBwYmE0ZyIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFYYUU3R3RONlQ5NTlldWVtVGl3eDhaRFJid2xBLWRCd2ZzMTJRQm02MHVwLVRLMUV2bW8zc0lCTjZBN3I2MklGWkkxSmx6NU1YTHM4a0JZWlRTNXpTaF9jUGZQSTJsaFo4dGtRQXhDVFk5Y2pNRG5FcmhWWEVVUlZtdHdlTXdldkEifX0&x-client-SKU=ID_NET6_0&x-client-ver=6.34.0.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/470B) /
Resource Hash
f46a9d9c96d9343a0774ff88e584a2f41c67144cca542a0c006a7d7ded45b8da

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:39 GMT
content-encoding
gzip
content-md5
mxbQIOvnkJd51fNVvziCNA==
age
757818
x-cache
HIT
content-length
118619
x-ms-lease-status
unlocked
last-modified
Fri, 22 Dec 2023 23:52:14 GMT
server
ECAcc (nyb/470B)
etag
0x8DC034905E60116
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
89d5be76-f01e-00b0-17cf-4c2c62000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en.min_pwhoosk_q-bz40xlez3ihq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_pwhoosk_q-bz40xlez3ihq2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=153a74ba-783f-4394-bc9a-a109ef69f5c2&redirect_uri=https%3A%2F%2Fforms.osi.office365.us%2Flanding&resource=153a74ba-783f-4394-bc9a-a109ef69f5c2&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=638422402580302144.YjI3ZjI4YmEtMzViMC00MTU5LWI2MDYtNWVhNjA1YzY4MjQ3NmU0M2YwZDgtNGU0OC00MGE0LWI0ZDMtN2IyYmJhYWUwY2Jh&msafed=0&state=eyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBYzdQT2JuWHZLdm11Zm1MMW02V2hhWU5aWTdHNkZpbDVOZlo4ZHRmTllobnY4b251a0tNSk1GS01mSTV1WGNkSnNveGkzMW9Ud3hGV2x2cnFkLVJJaUkiLCIucmVkaXJlY3QiOiJodHRwczovL2Zvcm1zLm9zaS5vZmZpY2UzNjUudXMvUGFnZXMvUmVzcG9uc2VQYWdlLmFzcHg_aWQ9cVJRcEFsLTVlMHU2emxVYzRhQkFjZnVXVE9PR2p6NU9sMmNHcDZ6bldHOVVPVmROUzFrMlJqZzFXRmxOTUV3NFRVaFBTVEV4U1RKYVRDNHUmc2lkPWNkYzFjYjI2LWMxMTUtNDI3MS1iZDk0LWRmZmU0N2E2OGZkOCIsIi54c3JmIjoiQVVlMnA5TmVZT2w0a3NibmdEYTZFMS1WM01NN21hYTlDYW9jZ0JpMWVXWU1DSVRHTU9VU3JBWGVlQ1pWY3FQbmlFeXZmWV9ZV2xLLXhxLUNNSGtROVp4dXJTMGttMUg0eUpJR1lIVkplYmczUkpoUjNsODlxZ3lCbXNxTVBwYmE0ZyIsIk9wZW5JZENvbm5lY3QuQ29kZS5SZWRpcmVjdFVyaSI6IkFYYUU3R3RONlQ5NTlldWVtVGl3eDhaRFJid2xBLWRCd2ZzMTJRQm02MHVwLVRLMUV2bW8zc0lCTjZBN3I2MklGWkkxSmx6NU1YTHM4a0JZWlRTNXpTaF9jUGZQSTJsaFo4dGtRQXhDVFk5Y2pNRG5FcmhWWEVVUlZtdHdlTXdldkEifX0&x-client-SKU=ID_NET6_0&x-client-ver=6.34.0.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/478B) /
Resource Hash
03779f821cf3d1898257b5b8a372790d1535c8a37248fd099a2e2995b15f966d

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:39 GMT
content-encoding
gzip
content-md5
BvJw428lx+F6l+8WmIOfEA==
age
4524843
x-cache
HIT
content-length
15186
x-ms-lease-status
unlocked
last-modified
Thu, 07 Dec 2023 23:24:56 GMT
server
ECAcc (nyb/478B)
etag
0x8DBF77BB998D52E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4ec5f8e4-c01e-0013-1d8c-2a9702000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_3c4dade0e77065ef0ebe.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		153 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_3c4dade0e77065ef0ebe.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_G8Z5rroNOgOG4sM8nNFBUw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/1D74) /
Resource Hash
f4d950c649876fb897ae9732dc13e17fd19303c2bbe7fb628141c096c9f02949

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:40 GMT
content-encoding
gzip
content-md5
QYb0e9HyvT1Uj5ho0quyFg==
age
3322164
x-cache
HIT
content-length
34606
x-ms-lease-status
unlocked
last-modified
Fri, 22 Dec 2023 07:51:19 GMT
server
ECAcc (nyb/1D74)
etag
0x8DC02C2C8CB70CE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
292b4ae5-d01e-00b2-717c-357a66000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/4688) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:40 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
19625497
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:43 GMT
server
ECAcc (nyb/4688)
etag
0x8DB5C3F466DE917
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
3e861c87-101e-008b-2135-a1f28f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/475B) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:40 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
19625497
x-cache
HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
server
ECAcc (nyb/475B)
etag
0x8DB5C3F495F4B8C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
66d170fa-801e-002f-7b35-a19f37000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pstringcustomizationhelper_e1c340cfb6c159379a9a.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_e1c340cfb6c159379a9a.js
Requested by
Host: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_G8Z5rroNOgOG4sM8nNFBUw2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/46BA) /
Resource Hash
c87dafb24d33a259dc38fd50c3ac11d90f4dc1d770e32bedecabdb33ca25be61

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:40 GMT
content-encoding
gzip
content-md5
Caw4nqvXpRPsKa0sGbFYvA==
age
3322163
x-cache
HIT
content-length
35907
x-ms-lease-status
unlocked
last-modified
Fri, 22 Dec 2023 07:51:19 GMT
server
ECAcc (nyb/46BA)
etag
0x8DC02C2C8DAEFC2
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1c71d2c2-501e-0012-3c7c-35bc00000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:1b88:6342:f8de:86c:e98b , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/474B) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Jan 2024 19:37:41 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
19625498
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:52 GMT
server
ECAcc (nyb/474B)
etag
0x8DB5C3F4BB4F03C
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
123ea262-901e-0088-2d35-a101ef000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=577e32a3275e48c5a639a92c9a8af033-4028cb75-b5f4-4ad0-835e-0e26d79ff209-6823&upload-time=1706643458660&time-delta-to-apply-millis=734&w=0&NoResponseBody=true

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_3c4dade0e77065ef0ebe boolean| __convergedlogin_pstringcustomizationhelper_e1c340cfb6c159379a9a

16 Cookies

Domain/Path Name / Value
forms.osi.office365.us/ Name: FormsWebSessionId
Value: c7d61ee8-3b6a-4139-89e2-00848685a9a9
forms.osi.office365.us/ Name: __RequestVerificationToken
Value: XQKRTIiWyA0u_rOej6CgueEZVZLNCIlVzi90ObMZjDBsgvDtxoa4zyORj-g4bt2MdQLvIpTKxtsK_jogETajNArvwXZgI1THHTAkt5wS3rE1
.microsoft.com/ Name: MC1
Value: GUID=6c3374b19dae4009afa98f70b108df88&HASH=6c33&LV=202401&V=4&LU=1706643457495
.microsoft.com/ Name: MS0
Value: 7d4fa4001f4a4ea1b087de81db0bd643
forms.osi.office365.us/ Name: .AspNetCore.OpenIdConnect.Nonce.Af6WXLWGytM0Iu1xdSkTrrcTYsksqfCRr8iU-zad4drD2NcwErx2G9etDP-M3tCivtmSOO4-Ya9WDR8i1ww6Hjnzy8Uf-X00m091EX6ZhlBQvWVlOzRVr7TK8cxRYeHBlihHVSjv_x44igGeAbtiv-OebEHWWxm-xU5wZpOe66bfnaRLIwM6CcvR2CCDUVoU1hX7RxGqLsKssUj-tjIRhryPJmkqJIB6eJxpGSH1jK6W
Value: N
forms.osi.office365.us/ Name: .AspNetCore.Correlation.z8KIolKaW_YZXVGGUum9SaUw1ELnY_tWLgIQF5rV1d8
Value: N
.login.microsoftonline.us/ Name: esctx-PIew7qdd1J0
Value: AQABAAEAAgBBAibdPA4KTJ6veDTjCiyHUWkQMHfTB4wKL5C6nq4tXZmhhsAk9OBuA9ErH_3fjXaWkNqZv5GpO0kgsYLTlwdb_q4iysL2LKIMdC2EvNm9Lc7vctPXWluRxZY1Q0fVIcHAZOZutF3Dmil1L5QAsdjEK1P3I_ywLSAqhIZG4g7vxSAA
login.microsoftonline.us/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.us/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.us/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.us/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.us/ Name: buid
Value: 0.CwUAMe_N-B6jSkuT5F9XHpElWrp0OhU_eJRDvJqhCe9p9cIBAAA.AQABAAEAAgBBAibdPA4KTJ6veDTjCiyH5C13upIhMlvgvKQq6SAZbB6hlDQcxAn2CcDYMDMqRXwkA_fpj_o9msqgwLA1QBf-Ehbc5-GxLzvHM5cXawW393Hr2WidVB85mUDgZqlWmnAgAA
.login.microsoftonline.us/ Name: esctx
Value: PAQABAAEAAgBBAibdPA4KTJ6veDTjCiyH8ahoMPqT4aP8O7LV330r67yrmSUrL5wwsg3HQddW9G16v2D7hwfI5LforvpjExI8isjjj7y0EhGjHIJvKMrId1RyLwTWPj_Igq6TO3oUwDlX_tWndZEMElPPVPqposTbPDfpa5Ztp136vX3_a6YNlXqXBg_su7bv2dfZ1Svg2qIgAA
.login.microsoftonline.us/ Name: esctx-HzvcN30Ok40
Value: AQABAAEAAgBBAibdPA4KTJ6veDTjCiyHeeEFviXrfhWlZU91MBiqD67V-CmNR2YqbYdfkGER47rFlDV25Gq4Fa2fnf1dP8aeFv-Mh9VsZUN5oDITG9JzalpW2dyZv1LhURGbhsg_0aJ9_DZADSHWrPZ-IadiJa6rUMSq-PdSMIpcVu4xKruqtiAA
login.microsoftonline.us/ Name: fpc
Value: AgNyRcfGCfpKkq8mmZyRLQ8Iq8gLAQAAAANHS90OAAAA
.login.microsoftonline.us/ Name: brcap
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://forms.osi.office365.us/formapi/api/022914a9-b95f-4b7b-bace-551ce1a04071/users/e34c96fb-8f86-4e3e-9767-06a7ace7586f/light/runtimeFormsWithResponses('qRQpAl-5e0u6zlUc4aBAcfuWTOOGjz5Ol2cGp6znWG9UOVdNS1k2Rjg1WFlNMEw4TUhPSTExSTJaTC4u')?$expand=questions($expand=choices)&$top=1
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
browser.events.data.microsoft.com
forms.osi.office365.us
login.microsoftonline.us
browser.events.data.microsoft.com
13.89.179.11
2001:489a:2206:20::1b
2001:489a:3500::9
2606:2800:21f:1b88:6342:f8de:86c:e98b
2620:1ec:bdf::40
03779f821cf3d1898257b5b8a372790d1535c8a37248fd099a2e2995b15f966d
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
2a4e1c78d9255f077de450fa0cba14d53a2492e4d1c76a7ca11476e382a32c19
3dcbb0e3526ba831946b11e682082bfd3e1e0ee1404189a07a58fcb4c7252c5e
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
508c845692134302fb3540f9e90e59a0352ac584c3f1a204c8c4d45f0434e6ae
804afd34b6a457c1e712bb336ef8c02babeaf7931973e0e733fa6399ac25eadb
81a9550cb8697373510a1c9e6d21f28fce0139f43e2d19b7f15ce37c9e73104d
81b8f4334b2973f52e0b85bf290a73abb1c36223a558e3dcf3a2892368a5e766
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
a0188efa86628eb3dfad5772ebfb37ee7bb503c18526dce3b5fa63ea73a33a89
aa1d1b639fd3dca8c6d202d97c9908b015d09b6f7336b8e048d23f77a144511c
b1635b8b31939a1951dc8dfc04e1725955636ce0fec583beaba5b7b9b14f46db
c87dafb24d33a259dc38fd50c3ac11d90f4dc1d770e32bedecabdb33ca25be61
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f4e108076e2b510eec52bb9dd01e45a870a1bd14d3420b78fb419ae01bfce7
e92223d0593b70f28434879f6ec5555d7d527f3e3819c5c053c2e05b8e2169c4
f46a9d9c96d9343a0774ff88e584a2f41c67144cca542a0c006a7d7ded45b8da
f4d950c649876fb897ae9732dc13e17fd19303c2bbe7fb628141c096c9f02949