urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forms.office.com/Pages/DesignPage.aspx?origin=EmailReceipt
Effective URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx%3forigin%3dEmailReceipt
Submission: On March 16 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 26 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 5777.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on September 2nd 2021. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 7 2620:1ec:a92:... 8068 (MICROSOFT...)
4 92.123.225.26 20940 (AKAMAI-ASN1)
1 2620:1ec:48::45 8068 (MICROSOFT...)
1 104.90.149.108 16625 (AKAMAI-AS)
1 1 20.190.159.138 8075 (MICROSOFT...)
2 20.190.160.134 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 40.126.31.6 8075 (MICROSOFT...)
5 52.109.76.69 8075 (MICROSOFT...)
6 104.92.83.244 16625 (AKAMAI-AS)
3 52.168.117.170 8075 (MICROSOFT...)
26 9
7    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
4    92.123.225.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-26.deploy.static.akamaitechnologies.com
cdn.forms.office.net
1    2620:1ec:48::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
1    104.90.149.108 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-149-108.deploy.static.akamaitechnologies.com
static2.sharepointonline.com
1    20.190.159.138 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.windows.net
2    20.190.160.134 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    40.126.31.6 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
5    52.109.76.69 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
odc.officeapps.live.com
6    104.92.83.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-83-244.deploy.static.akamaitechnologies.com
cdn.odc.officeapps.live.com
3    52.168.117.170 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
Apex Domain
Subdomains		 Transfer
12 live.com
login.live.com — Cisco Umbrella Rank: 76
odc.officeapps.live.com — Cisco Umbrella Rank: 230
cdn.odc.officeapps.live.com — Cisco Umbrella Rank: 1613
98 KB
9 office.com
forms.office.com — Cisco Umbrella Rank: 5777
c.office.com — Cisco Umbrella Rank: 22901
14 KB
4 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 7907
166 KB
3 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 261
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 100
2 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 28
57 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 193
661 B
1 windows.net
login.windows.net — Cisco Umbrella Rank: 242
1 KB
1 sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 1604
36 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 3273
55 KB
26 9
Domain Requested by
7 forms.office.com 4 redirects cdn.forms.office.net
6 cdn.odc.officeapps.live.com odc.officeapps.live.com
5 odc.officeapps.live.com cdn.forms.office.net
odc.officeapps.live.com
4 cdn.forms.office.net forms.office.com
2 browser.events.data.microsoft.com js.monitor.azure.com
2 c.office.com 1 redirects forms.office.com
2 login.microsoftonline.com cdn.forms.office.net
login.microsoftonline.com
1 browser.pipe.aria.microsoft.com cdn.forms.office.net
1 login.live.com 1 redirects
1 c.bing.com 1 redirects
1 login.windows.net 1 redirects
1 static2.sharepointonline.com cdn.forms.office.net
1 js.monitor.azure.com forms.office.com
26 13

This site contains no links.

Subject Issuer Validity Valid
forms.office.com
DigiCert Cloud Services CA-1		 2021-09-02 -
2022-09-01		 a year crt.sh
cdn.forms.office.net
Microsoft RSA TLS CA 01		 2021-10-12 -
2022-10-12		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06		 2021-12-27 -
2022-12-22		 a year crt.sh
*.sharepointonline.com
Microsoft RSA TLS CA 01		 2021-07-08 -
2022-07-08		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-02-23 -
2023-02-23		 a year crt.sh
odc.officeapps.live.com
Microsoft RSA TLS CA 01		 2021-11-17 -
2022-11-17		 a year crt.sh
cdn.odc.officeapps.live.com
Microsoft RSA TLS CA 01		 2021-12-15 -
2022-12-15		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-03-02 -
2023-02-25		 a year crt.sh

This page contains 4 frames:

Primary Page: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx%3forigin%3dEmailReceipt
Frame ID: DE59BCDCB3E5B61A95BD98382C982B0A
Requests: 11 HTTP requests in this frame

Frame: https://forms.office.com/pages/silentsignincomplete.aspx
Frame ID: 89DB56901D2D412F616BCEFC340D7715
Requests: 3 HTTP requests in this frame

Frame: https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
Frame ID: E15197F9538FC30DD294D6103C99F492
Requests: 1 HTTP requests in this frame

Frame: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Frame ID: C49D8B6C3C82D1453B067E004C48B3DF
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft Forms - Erstellen Sie ganz einfach Umfragen, Quizze und Abstimmungen.

Page URL History Show full URLs

  1. https://forms.office.com/Pages/DesignPage.aspx?origin=EmailReceipt HTTP 302
    https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx%3forig... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

96 %
HTTPS

25 %
IPv6

9
Domains

13
Subdomains

9
IPs

4
Countries

423 kB
Transfer

1500 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forms.office.com/Pages/DesignPage.aspx?origin=EmailReceipt HTTP 302
    https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx%3forigin%3dEmailReceipt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none HTTP 302
  • https://login.windows.net/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBWExfVHdVb3BvbmNFNGx4QzdUN284MGVpLWhaMTI2S3Y4R1hidUh3WW5OSlY4MGlpa2pkV0t6Z3VYTXZzSVV4NVVkYzBlQnRJd0ZOTUtMZmZZaHNjWVkiLCJwcm9tcHQiOiJBWHZXS3lQY3NXR2NSNjNIZzN4OWhBWGVseFhScjN5WHJmV3ozLW1xWVd1X2NGUGFoQy1pRU83R0YtTjZOQVhtd0J2Vm5ZS01kcVprbml3aDFKRjVBZGciLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637830590756910815.YmU2YzA2OTItYzQ0NS00NWY0LTgyOTAtODM4MTM5Mzc2MDA2MDFlOTZjMWYtNjI5Ni00OTFlLThjMzQtNzM5MTkzOTcxYzcz&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0 HTTP 302
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBWExfVHdVb3BvbmNFNGx4QzdUN284MGVpLWhaMTI2S3Y4R1hidUh3WW5OSlY4MGlpa2pkV0t6Z3VYTXZzSVV4NVVkYzBlQnRJd0ZOTUtMZmZZaHNjWVkiLCJwcm9tcHQiOiJBWHZXS3lQY3NXR2NSNjNIZzN4OWhBWGVseFhScjN5WHJmV3ozLW1xWVd1X2NGUGFoQy1pRU83R0YtTjZOQVhtd0J2Vm5ZS01kcVprbml3aDFKRjVBZGciLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637830590756910815.YmU2YzA2OTItYzQ0NS00NWY0LTgyOTAtODM4MTM5Mzc2MDA2MDFlOTZjMWYtNjI5Ni00OTFlLThjMzQtNzM5MTkzOTcxYzcz&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0
Request Chain 7
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=FBF796DD00C14FC0A11729BA7548AF62&RedC=c.office.com&MXFR=037E3C264E59647C34A52D4F4A596F79 HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=FBF796DD00C14FC0A11729BA7548AF62&MUID=037E3C264E59647C34A52D4F4A596F79
Request Chain 9
  • https://forms.office.com/landing HTTP 302
  • https://forms.office.com/pages/silentsignincomplete.aspx
Request Chain 10
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1647462275&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.office.com%2FrpsLanding%3FRpsAuthState%3Dr6YYh_d2f5lsWAv-QSFI90rRpOrnnyWQgLsi1yf-AU54x7BQH1wu99U9P1cwtSHzf60QNJno0Q7Z_KcWSEiaufHXIB6t8aWR1OnTBxZ6rTQ2MVXd4gdzHa6GmNLlqCH48YjVmd3yw-ouDiAuFk-506a6XYgCNn7SyFmdi6G9ZuqrpEK_O-Ei3oaBEvZ5iu4pJ4VMTttzBNGfKkIE1sXaDD7sW1a-Kkuh85L7yK31MNFZv6Onqjqoj8mVFUa82hO_9DO1QvQSIiZDSQ_4K1LMFFBYLgCZdolmCUTgW65NF-nAg5tDxyaE1Ebx5MYiFVVXnySoZT6sLKlClSUhP564JsCZ4ohzqAqaNiw3vTnKGEc&id=295313&checkda=1 HTTP 302
  • https://forms.office.com/rpsLanding?RpsAuthState=r6YYh_d2f5lsWAv-QSFI90rRpOrnnyWQgLsi1yf-AU54x7BQH1wu99U9P1cwtSHzf60QNJno0Q7Z_KcWSEiaufHXIB6t8aWR1OnTBxZ6rTQ2MVXd4gdzHa6GmNLlqCH48YjVmd3yw-ouDiAuFk-506a6XYgCNn7SyFmdi6G9ZuqrpEK_O-Ei3oaBEvZ5iu4pJ4VMTttzBNGfKkIE1sXaDD7sW1a-Kkuh85L7yK31MNFZv6Onqjqoj8mVFUa82hO_9DO1QvQSIiZDSQ_4K1LMFFBYLgCZdolmCUTgW65NF-nAg5tDxyaE1Ebx5MYiFVVXnySoZT6sLKlClSUhP564JsCZ4ohzqAqaNiw3vTnKGEc HTTP 302
  • https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
forms.office.com/
Redirect Chain
  • https://forms.office.com/Pages/DesignPage.aspx?origin=EmailReceipt
  • https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx%3forigin%3dEmailReceipt
28 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx%3forigin%3dEmailReceipt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e1249dbd629757ffb6480d6ecc0da828b7e7a02ad8ce88bfccb8ba5d6c4220d9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
content-length
9562
content-type
text/html; charset=utf-8
content-encoding
br
expires
0
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_5
x-routingofficeversion
16.0.15115.34200
x-routingsessionid
10a8b4b8-edfb-40b8-b3dc-43be0b87b330
x-routingcorrelationid
07be277b-6ed8-472f-971e-b6a69bcd6497
x-correlationid
07be277b-6ed8-472f-971e-b6a69bcd6497
x-usersessionid
10a8b4b8-edfb-40b8-b3dc-43be0b87b330
x-officefe
FormsSingleBox_IN_5
x-officeversion
16.0.15115.34200
x-officecluster
neu-101.forms.office.com
x-failurereason
Unknown
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 2D6FBAA6106242DABF4DB0AEADE46F81 Ref B: AMS04EDGE1210 Ref C: 2022-03-16T20:24:35Z
date
Wed, 16 Mar 2022 20:24:34 GMT

Redirect headers

cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
content-length
211
content-type
text/html; charset=utf-8
expires
0
location
/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx%3forigin%3dEmailReceipt
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_23
x-routingofficeversion
16.0.15115.34200
x-routingsessionid
7269a714-ff2f-4918-9ce6-d8a6cf70fad1
x-routingcorrelationid
3e08aae3-3f16-4747-9cbb-84582dd9a485
x-correlationid
3e08aae3-3f16-4747-9cbb-84582dd9a485
x-usersessionid
7269a714-ff2f-4918-9ce6-d8a6cf70fad1
x-officefe
FormsSingleBox_IN_23
x-officeversion
16.0.15115.34200
x-officecluster
neu-101.forms.office.com
x-failurereason
Unknown
x-robots-tag
noindex, nofollow
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: D074FE654DC142C2B4BF6B63985DA9C6 Ref B: AMS04EDGE1210 Ref C: 2022-03-16T20:24:35Z
date
Wed, 16 Mar 2022 20:24:34 GMT
default-page.min.fdba485.css
cdn.forms.office.net/forms/css/dist/ 		365 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/default-page.min.fdba485.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx%3forigin%3dEmailReceipt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-26.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
31b9b3aec91e58582c3a1aa07bb5f1b8dc1df8a5ca3e137e05719a23009799d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 20:24:35 GMT
content-encoding
br
content-md5
+ZAPGwsb+A3NJfdm/8f75Q==
content-length
30461
x-ms-lease-status
unlocked
last-modified
Tue, 07 Sep 2021 03:35:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D971B094C08C24
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
da2448d2-f01e-00e5-38a4-a34623000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 16 Mar 2023 20:24:35 GMT
basics_osi_v3_m1_j3.min.6aa1f3d.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx%3forigin%3dEmailReceipt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-26.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
67dd96644fcce9cc703ebf1ede6a7a96b42fe909d024f0eee3e826ae0a59f66d

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 20:24:35 GMT
content-encoding
br
content-md5
BdEW2V1tMY+QN8kblaXAYw==
content-length
70611
x-ms-lease-status
unlocked
last-modified
Fri, 21 May 2021 03:24:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D91C07ECA103D5
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8fc2e255-601e-0005-14f4-4da0ab000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 16 Mar 2023 20:24:35 GMT
aria_odata_v2.min.2405dcd.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ 		124 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/aria_odata_v2.min.2405dcd.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx%3forigin%3dEmailReceipt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-26.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7e77a640164b61234f5f4645fabad4257d6e37c0f2c047bdcf437be3f3b66e73

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 20:24:35 GMT
content-encoding
br
content-md5
JYNnKmse/D+LIOw0YI8/zg==
content-length
32399
x-ms-lease-status
unlocked
last-modified
Fri, 23 Apr 2021 06:25:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D906209D041807
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ee07cf8d-101e-00cd-032d-38319c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 16 Mar 2023 20:24:35 GMT
default-page.min.22914b2.js
cdn.forms.office.net/forms/scripts/dists/ 		121 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/default-page.min.22914b2.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx%3forigin%3dEmailReceipt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-26.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
41cfa19294864afaaa09ef79e4f558e09b8985497427eb0854cb2e6b3f3603e0

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 20:24:35 GMT
content-encoding
br
content-md5
kVvxWVXuuff16oS0JfdOXA==
content-length
34853
x-ms-lease-status
unlocked
last-modified
Mon, 14 Mar 2022 23:47:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA06150717C11F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2210aa14-301e-0041-253c-3881ea000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 16 Mar 2023 20:24:35 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		177 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx%3forigin%3dEmailReceipt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2798f151600e63249fe8ecb9e50ee6075ade8bfb5da57d2394bdfe091274ddc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 20:24:35 GMT
content-encoding
br
x-ms-meta-jssdkver
3.1.11
last-modified
Fri, 04 Mar 2022 00:40:58 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.1.11.min.js
content-md5
o1adWcKopF4PFhenqd1UQw==
etag
0x8D9FD77A6AD1BE6
x-azure-ref
0g0cyYgAAAACQ1SWteRrUToUj4ZMMYltJTE9OMjFFREdFMTUxOABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ecf00d20-b01e-006f-426f-39e286000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/css/dist/default-page.min.fdba485.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.149.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-149-108.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer
https://cdn.forms.office.net/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 16 Mar 2022 20:24:35 GMT
last-modified
Thu, 02 Nov 2017 17:22:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D522163B704E10
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
3d94f3a3-e01e-0009-365d-27c3fe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=29308288
x-ms-version
2009-09-19
content-length
36344
authorize
login.microsoftonline.com/common/oauth2/ Frame 89DB
Redirect Chain
  • https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none
  • https://login.windows.net/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&s...
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20p...
150 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBWExfVHdVb3BvbmNFNGx4QzdUN284MGVpLWhaMTI2S3Y4R1hidUh3WW5OSlY4MGlpa2pkV0t6Z3VYTXZzSVV4NVVkYzBlQnRJd0ZOTUtMZmZZaHNjWVkiLCJwcm9tcHQiOiJBWHZXS3lQY3NXR2NSNjNIZzN4OWhBWGVseFhScjN5WHJmV3ozLW1xWVd1X2NGUGFoQy1pRU83R0YtTjZOQVhtd0J2Vm5ZS01kcVprbml3aDFKRjVBZGciLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637830590756910815.YmU2YzA2OTItYzQ0NS00NWY0LTgyOTAtODM4MTM5Mzc2MDA2MDFlOTZjMWYtNjI5Ni00OTFlLThjMzQtNzM5MTkzOTcxYzcz&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
393b5cce2876df6449527e176a6c7bd35f99517c558fe572698d5fdcb67a80bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/

Response headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
da1dca0b-23f4-419a-9acb-b068d33f1b00
x-ms-ests-server
2.1.12529.19 - NEULR1 ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,50168,0,,
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 16 Mar 2022 20:24:35 GMT
Content-Length
54699

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Location
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBWExfVHdVb3BvbmNFNGx4QzdUN284MGVpLWhaMTI2S3Y4R1hidUh3WW5OSlY4MGlpa2pkV0t6Z3VYTXZzSVV4NVVkYzBlQnRJd0ZOTUtMZmZZaHNjWVkiLCJwcm9tcHQiOiJBWHZXS3lQY3NXR2NSNjNIZzN4OWhBWGVseFhScjN5WHJmV3ozLW1xWVd1X2NGUGFoQy1pRU83R0YtTjZOQVhtd0J2Vm5ZS01kcVprbml3aDFKRjVBZGciLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637830590756910815.YmU2YzA2OTItYzQ0NS00NWY0LTgyOTAtODM4MTM5Mzc2MDA2MDFlOTZjMWYtNjI5Ni00OTFlLThjMzQtNzM5MTkzOTcxYzcz&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
x-ms-request-id
cea9925f-99ee-40ae-8022-d77b089c4300
x-ms-ests-server
2.1.12559.10 - NEULR1 ProdSlices
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 16 Mar 2022 20:24:35 GMT
Content-Length
767
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=FBF796DD00C14FC0A11729BA7548AF62&RedC=c.office.com&MXFR=037E3C264E59647C34A52D4F4A596F79
  • https://c.office.com/c.gif?CtsSyncId=FBF796DD00C14FC0A11729BA7548AF62&MUID=037E3C264E59647C34A52D4F4A596F79
42 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=FBF796DD00C14FC0A11729BA7548AF62&MUID=037E3C264E59647C34A52D4F4A596F79
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx%3forigin%3dEmailReceipt
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 20:24:35 GMT
last-modified
Mon, 28 Feb 2022 22:29:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7c5ed6a6f22cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 16 Mar 2022 20:24:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FF795FA141A346978338BEC89F00D557 Ref B: FRAEDGE1210 Ref C: 2022-03-16T20:24:35Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=FBF796DD00C14FC0A11729BA7548AF62&MUID=037E3C264E59647C34A52D4F4A596F79
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
authorize
login.microsoftonline.com/common/oauth2/ Frame 89DB 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBWExfVHdVb3BvbmNFNGx4QzdUN284MGVpLWhaMTI2S3Y4R1hidUh3WW5OSlY4MGlpa2pkV0t6Z3VYTXZzSVV4NVVkYzBlQnRJd0ZOTUtMZmZZaHNjWVkiLCJwcm9tcHQiOiJBWHZXS3lQY3NXR2NSNjNIZzN4OWhBWGVseFhScjN5WHJmV3ozLW1xWVd1X2NGUGFoQy1pRU83R0YtTjZOQVhtd0J2Vm5ZS01kcVprbml3aDFKRjVBZGciLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637830590756910815.YmU2YzA2OTItYzQ0NS00NWY0LTgyOTAtODM4MTM5Mzc2MDA2MDFlOTZjMWYtNjI5Ni00OTFlLThjMzQtNzM5MTkzOTcxYzcz&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBWExfVHdVb3BvbmNFNGx4QzdUN284MGVpLWhaMTI2S3Y4R1hidUh3WW5OSlY4MGlpa2pkV0t6Z3VYTXZzSVV4NVVkYzBlQnRJd0ZOTUtMZmZZaHNjWVkiLCJwcm9tcHQiOiJBWHZXS3lQY3NXR2NSNjNIZzN4OWhBWGVseFhScjN5WHJmV3ozLW1xWVd1X2NGUGFoQy1pRU83R0YtTjZOQVhtd0J2Vm5ZS01kcVprbml3aDFKRjVBZGciLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637830590756910815.YmU2YzA2OTItYzQ0NS00NWY0LTgyOTAtODM4MTM5Mzc2MDA2MDFlOTZjMWYtNjI5Ni00OTFlLThjMzQtNzM5MTkzOTcxYzcz&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.134 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b06ceac57545eb261548282c91ee6e68b09f2001b35c93772758b9993a7ab312
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBWExfVHdVb3BvbmNFNGx4QzdUN284MGVpLWhaMTI2S3Y4R1hidUh3WW5OSlY4MGlpa2pkV0t6Z3VYTXZzSVV4NVVkYzBlQnRJd0ZOTUtMZmZZaHNjWVkiLCJwcm9tcHQiOiJBWHZXS3lQY3NXR2NSNjNIZzN4OWhBWGVseFhScjN5WHJmV3ozLW1xWVd1X2NGUGFoQy1pRU83R0YtTjZOQVhtd0J2Vm5ZS01kcVprbml3aDFKRjVBZGciLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=637830590756910815.YmU2YzA2OTItYzQ0NS00NWY0LTgyOTAtODM4MTM5Mzc2MDA2MDFlOTZjMWYtNjI5Ni00OTFlLThjMzQtNzM5MTkzOTcxYzcz&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.15.1.0

Response headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
fe1ba0f0-48f5-4961-a67f-c18579a41200
x-ms-ests-server
2.1.12559.10 - WEULR1 ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,0,0,,
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 16 Mar 2022 20:24:35 GMT
Content-Length
961
silentsignincomplete.aspx
forms.office.com/pages/ Frame 89DB
Redirect Chain
  • https://forms.office.com/landing
  • https://forms.office.com/pages/silentsignincomplete.aspx
6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/silentsignincomplete.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
Origin
https://login.microsoftonline.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/

Response headers

cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
content-length
2830
content-type
text/html; charset=utf-8
content-encoding
br
expires
0
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficecluster
neu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_13
x-routingofficeversion
16.0.15115.34200
x-routingsessionid
70d43450-b27f-46e0-8bfa-6fd1d2884bac
x-routingcorrelationid
d390333d-ab95-4309-8db7-ba2b838207f4
x-correlationid
d390333d-ab95-4309-8db7-ba2b838207f4
x-usersessionid
70d43450-b27f-46e0-8bfa-6fd1d2884bac
x-officefe
FormsSingleBox_IN_13
x-officeversion
16.0.15115.34200
x-officecluster
neu-100.forms.office.com
x-failurereason
Unknown
x-robots-tag
noindex, nofollow
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 99D536A43ED8454490EE1B1EE0FC25A7 Ref B: AMS04EDGE1210 Ref C: 2022-03-16T20:24:36Z
date
Wed, 16 Mar 2022 20:24:35 GMT

Redirect headers

location
pages/silentsignincomplete.aspx
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_19
x-routingofficeversion
16.0.15115.34200
x-routingsessionid
765a8758-ec13-4f0a-8579-311f56498048
x-routingcorrelationid
745621c9-0e7f-4e04-b331-f4b9b4593b00
x-correlationid
745621c9-0e7f-4e04-b331-f4b9b4593b00
x-usersessionid
765a8758-ec13-4f0a-8579-311f56498048
x-officefe
FormsSingleBox_IN_19
x-officeversion
16.0.15115.34200
x-officecluster
weu-100.forms.office.com
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 9DFBC48ABA654499861538651BBB6F7C Ref B: AMS04EDGE1210 Ref C: 2022-03-16T20:24:36Z
date
Wed, 16 Mar 2022 20:24:35 GMT
content-length
0
SilentSignInComplete.aspx
forms.office.com/Pages/ Frame E151
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1647462275&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.office.com%2FrpsLanding%3FRpsAuthState%3Dr6YYh_d2f5lsWAv-QSFI90rRpOrnnyWQ...
  • https://forms.office.com/rpsLanding?RpsAuthState=r6YYh_d2f5lsWAv-QSFI90rRpOrnnyWQgLsi1yf-AU54x7BQH1wu99U9P1cwtSHzf60QNJno0Q7Z_KcWSEiaufHXIB6t8aWR1OnTBxZ6rTQ2MVXd4gdzHa6GmNLlqCH48YjVmd3yw-ouDiAuFk-5...
  • https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/

Response headers

cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
content-length
2853
content-type
text/html; charset=utf-8
content-encoding
br
expires
0
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficecluster
weu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_19
x-routingofficeversion
16.0.15115.34200
x-routingsessionid
51410fa3-2bfd-4b8a-8854-b6b16742b0cf
x-routingcorrelationid
4094b824-dbfd-4404-9635-5942af353644
x-correlationid
4094b824-dbfd-4404-9635-5942af353644
x-usersessionid
51410fa3-2bfd-4b8a-8854-b6b16742b0cf
x-officefe
FormsSingleBox_IN_19
x-officeversion
16.0.15115.34200
x-officecluster
weu-101.forms.office.com
x-failurereason
Unknown
x-robots-tag
noindex, nofollow
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: A4B633A9146C42658F3A25D34F408552 Ref B: AMS04EDGE1210 Ref C: 2022-03-16T20:24:36Z
date
Wed, 16 Mar 2022 20:24:35 GMT

Redirect headers

content-type
text/html; charset=utf-8
location
/Pages/SilentSignInComplete.aspx?fromAR=1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficecluster
weu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_13
x-routingofficeversion
16.0.15115.34200
x-routingsessionid
d8e019cc-601a-4fe7-9fa7-033f0f73d2bf
x-routingcorrelationid
274aa9bf-1eff-4eb0-b981-0b82e24ff58a
x-correlationid
274aa9bf-1eff-4eb0-b981-0b82e24ff58a
x-usersessionid
d8e019cc-601a-4fe7-9fa7-033f0f73d2bf
x-officefe
FormsSingleBox_IN_13
x-officeversion
16.0.15115.34200
x-officecluster
weu-101.forms.office.com
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 5A1993AB0DB249B7A62F601B03003F8D Ref B: AMS04EDGE1210 Ref C: 2022-03-16T20:24:36Z
date
Wed, 16 Mar 2022 20:24:35 GMT
content-length
0
hrd
odc.officeapps.live.com/odc/v2.1/ Frame C49D 		8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.22914b2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.76.69 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
13693bc926047d467978f55714ced9e85a10d5f49c051ff8450dd47d690300de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/

Response headers

cache-control
public, max-age=1200
content-type
text/html; charset=utf-8
expires
Wed, 16 Mar 2022 20:44:36 GMT
last-modified
Wed, 16 Mar 2022 20:24:36 GMT
vary
*
server
Microsoft-IIS/10.0
x-correlationid
9b5044dd-63a0-4390-80ee-f2969309a8d3
x-usersessionid
9b5044dd-63a0-4390-80ee-f2969309a8d3
x-officefe
OdcFE_IN_32
x-officeversion
16.0.15106.30550
x-officecluster
neu-odc.officeapps.live.com
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-ua-compatible
IE=11
x-powered-by
ASP.NET
x-content-type-options
nosniff
date
Wed, 16 Mar 2022 20:24:36 GMT
content-length
8380
hrd.css
odc.officeapps.live.com/odc/stat/ Frame C49D 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.css?b=15106.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.76.69 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ff09ddce3a55505346a551874b4a1cac73120c05f1207f47d973c4e952b0987
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
neu-odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
5050
cache-control
private, max-age=2678400
last-modified
Sun, 06 Mar 2022 16:56:06 GMT
server
Microsoft-IIS/10.0
x-usersessionid
a783c88e-cc36-4d17-ae31-b9239cdc5c1f
etag
"097fd117b31d81:0"
vary
Accept-Encoding
content-type
text/css
x-correlationid
a783c88e-cc36-4d17-ae31-b9239cdc5c1f
accept-ranges
bytes
x-officeversion
16.0.15106.30550
microsoft_logo.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame C49D 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.svg?b=15106.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
frc-odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_15
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
1464
cache-control
private, max-age=1835846
last-modified
Mon, 28 Feb 2022 11:42:28 GMT
server
Microsoft-IIS/10.0
x-usersessionid
7c5e3bf7-8bda-42c0-a25e-94d85317d034
etag
"02a1c43982cd81:0"
vary
Accept-Encoding
content-type
image/svg+xml
x-correlationid
7c5e3bf7-8bda-42c0-a25e-94d85317d034
accept-ranges
bytes
x-officeversion
16.0.15028.30550
picker-account-aad.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame C49D 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-aad.svg?b=15106.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 20:24:36 GMT
x-content-type-options
nosniff
x-officecluster
neu-odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_9
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
756
cache-control
private, max-age=1913466
last-modified
Mon, 28 Feb 2022 11:42:28 GMT
server
Microsoft-IIS/10.0
x-usersessionid
abba7020-fe8a-4952-83d8-85ec2e71f347
etag
"02a1c43982cd81:0"
content-type
image/svg+xml
x-correlationid
abba7020-fe8a-4952-83d8-85ec2e71f347
accept-ranges
bytes
x-officeversion
16.0.15028.30550
picker-account-msa.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame C49D 		379 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-msa.svg?b=15106.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 20:24:36 GMT
x-content-type-options
nosniff
x-officecluster
weu-odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_75
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
379
cache-control
private, max-age=1835870
last-modified
Mon, 28 Feb 2022 11:42:28 GMT
server
Microsoft-IIS/10.0
x-usersessionid
6e807de3-390e-4d07-9617-99a4f757c88f
etag
"02a1c43982cd81:0"
content-type
image/svg+xml
x-correlationid
6e807de3-390e-4d07-9617-99a4f757c88f
accept-ranges
bytes
x-officeversion
16.0.15028.30550
jquery-1.12.4.1.min.js
cdn.odc.officeapps.live.com/odc/stat/ Frame C49D 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/jquery-1.12.4.1.min.js?b=15106.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
frc-odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
33842
cache-control
private, max-age=1835811
last-modified
Mon, 28 Feb 2022 11:42:28 GMT
server
Microsoft-IIS/10.0
x-usersessionid
4dd14444-0ef3-410b-b12e-23d71806fcbe
etag
"02a1c43982cd81:0"
vary
Accept-Encoding
content-type
application/javascript
x-correlationid
4dd14444-0ef3-410b-b12e-23d71806fcbe
accept-ranges
bytes
x-officeversion
16.0.15028.30550
knockout-3.4.2.js
cdn.odc.officeapps.live.com/odc/stat/ Frame C49D 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/knockout-3.4.2.js?b=15106.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
frc-odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_81
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
22381
cache-control
private, max-age=1835871
last-modified
Mon, 28 Feb 2022 11:42:28 GMT
server
Microsoft-IIS/10.0
x-usersessionid
0feb555a-dc4d-42ae-ac4f-828120507bde
etag
"02a1c43982cd81:0"
vary
Accept-Encoding
content-type
application/javascript
x-correlationid
0feb555a-dc4d-42ae-ac4f-828120507bde
accept-ranges
bytes
x-officeversion
16.0.15028.30550
CommonDiagnostics.js
cdn.odc.officeapps.live.com/odc/stat/ Frame C49D 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/CommonDiagnostics.js?b=15106.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.83.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-83-244.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
68d8a572a872ab3c0762240e1df4ce38d6dcb97bc74ea160e234909b5c4eb735
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
frc-odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_8
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
12113
cache-control
private, max-age=1918856
last-modified
Mon, 28 Feb 2022 11:42:28 GMT
server
Microsoft-IIS/10.0
x-usersessionid
c67b5e10-47d5-44f7-8ece-8118c3ab31f5
etag
"02a1c43982cd81:0"
vary
Accept-Encoding
content-type
application/javascript
x-correlationid
c67b5e10-47d5-44f7-8ece-8118c3ab31f5
accept-ranges
bytes
x-officeversion
16.0.15028.30550
jsonstrings
odc.officeapps.live.com/odc/ Frame C49D 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/jsonstrings?g=EmailHrdv2&mkt=1031&hm=0
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.76.69 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
06c6e8e135b50d87ffa0451f929b06fb674abeb3d8ae5d5e580a8fbad16e0f1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 20:24:36 GMT
x-content-type-options
nosniff
x-correlationid
9d214bf4-d953-40df-9e8e-0e6b95937132
x-officecluster
neu-odc.officeapps.live.com
x-usersessionid
9d214bf4-d953-40df-9e8e-0e6b95937132
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public, max-age=3600
server
Microsoft-IIS/10.0
content-type
text/javascript; charset=utf-8
content-length
3521
x-officeversion
16.0.15106.30550
hrd.min.js
odc.officeapps.live.com/odc/stat/ Frame C49D 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.min.js?b=15106.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.76.69 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2c4cd84c3be9bc7f6ed0d2d3b6fe4a1933d59e24655014b9ec754ad1eb37788b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=de-DE&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 20:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
neu-odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
4955
cache-control
private, max-age=2678400
last-modified
Sun, 06 Mar 2022 16:56:06 GMT
server
Microsoft-IIS/10.0
x-usersessionid
4be4f34b-405e-4c9b-b302-84075c4b9043
etag
"097fd117b31d81:0"
vary
Accept-Encoding
content-type
application/javascript
x-correlationid
4be4f34b-405e-4c9b-b302-84075c4b9043
accept-ranges
bytes
x-officeversion
16.0.15106.30550
Background-blurryGradient.svg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame C49D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odc.officeapps.live.com/odc/stat/images/hrd/Background-blurryGradient.svg
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/stat/hrd.css?b=15106.30550
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.76.69 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=15106.30550
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 20:24:36 GMT
x-content-type-options
nosniff
x-officecluster
neu-odc.officeapps.live.com
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
2267
cache-control
private, max-age=2678400
last-modified
Sun, 06 Mar 2022 16:56:06 GMT
server
Microsoft-IIS/10.0
x-usersessionid
893f08f1-0b3b-49ca-8f8a-4152e1f02d97
etag
"097fd117b31d81:0"
content-type
image/svg+xml
x-correlationid
893f08f1-0b3b-49ca-8f8a-4152e1f02d97
accept-ranges
bytes
x-officeversion
16.0.15106.30550
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1009 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.11&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1647462276842&time-delta-to-apply-millis=use-collector-delta&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.168.117.170 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
6165f4fe9e5f8a2bfdf0ec197fbb5116286cb762e014a4aef07e3174150bdceb

Request headers

Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 16 Mar 2022 20:24:36 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
342
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.11&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1647462277844&time-delta-to-apply-millis=342&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.168.117.170 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
4fbadd443190c1d73b64e5c638f27533049ce583a18203a288ded6f8137ea368

Request headers

Referer
https://forms.office.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 16 Mar 2022 20:24:36 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
43
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.0&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1647462278012&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/aria_odata_v2.min.2405dcd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.168.117.170 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 20:24:37 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
342
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| reloadNoCdn object| OfficeFormServerInfo object| NavKeyPoints function| $ function| jQuery function| _ object| React object| ReactDOM function| init object| datas object| modules function| require object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ object| odatajs function| DomStore function| IndexedDBStore function| MemoryStore function| setPublicPath function| replaceChunkSrc object| webpackChunk object| Forms object| FormsPro undefined| formsDetectUserLoggedInCallback function| jsllloaded object| e function| t object| oneDS object| awa

25 Cookies

Domain/Path Name / Value
forms.office.com/ Name: DcLcid
Value: ui=1031&data=1031
.forms.office.com/ Name: FormsWebSessionId
Value: 0beaefa2-983d-4ccc-9038-8338d2391ee4
.forms.office.com/ Name: usenewauthrollout
Value: True
.forms.office.com/ Name: RpsAuthNonce
Value: 0e889395-fe7f-45d8-9e03-f52699ace4f6
forms.office.com/ Name: OpenIdConnect.nonce.KTRsfXi4bmKGT3UuenzRueA%2FHvgpADquY4MxDkaL%2BpQ%3D
Value: ZXlKMlpYSnphVzl1SWpveExDSmtZWFJoSWpwN0lrNGlPaUpCWTBKa04ySmxTVkk1YkRORWNtaFphbU5YWkVSWlUxOUdRMk0zZGpOQ1NVVjFYMHRQTlVWa1lUUnpTWGhHZFV0ME1tWm5SV3MzU1hnd2NWbE1NVUZRVjJwU2QxbzVlWGR0WVVabVZVZFJWVmxIV1Rab1dYaFBNRUV0V1hZNE0weFNhMEpSTUVsUE9EaGFSVGw1ZGkxRmEwRmhiRjlaUnpaRWQxQkplRzVyVm5GWVJXSkpXbTAwZUdKMk5VRkVaMlphWW1wR2RYUlhWVjl2YkVZMVF6ZFVSQzFwVGtkRU9WWlFhVkpxVW5GNGJFRnRkblZoUjJ3dGRHMTFVazFHU2toSU5FUjNWVmxFV0VaNU56SlFPV2hwVG01c09Xb3pjR3d4WjNBMFRHaFpiVmhsYW5aWGVGRTFhWEp5ZHlKOWZR
forms.office.com/ Name: ai_session
Value: 3Px8lQO/uqXxHOQdJKEUHi|1647462275838|1647462275838
login.windows.net/ Name: x-ms-gateway-slice
Value: estsfd
login.windows.net/ Name: stsservicecookie
Value: estsfd
.office.com/ Name: MUID
Value: 037E3C264E59647C34A52D4F4A596F79
.bing.com/ Name: MUID
Value: 037E3C264E59647C34A52D4F4A596F79
.c.bing.com/ Name: SRM_B
Value: 037E3C264E59647C34A52D4F4A596F79
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: ANONCHK
Value: 0
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ATQAMe_N-B6jSkuT5F9XHpElWtJZpcmrehNPpu3n6cUq7IcBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrmIz8gHBSmwIdMCLOvM5K4piPpSRaO_5rq4exTCvOa88Z2wzVt6sAvQGcEXMEPap6Q4_nWJ_QHTmIvdVSThF3-u4t7t-1Fv0uunYwJZhrgmAgAA
login.microsoftonline.com/ Name: fpc
Value: ApPkTjtMDhJCkH9-OscVM5BiQQPhAQAAAIM-xNkOAAAA
.login.microsoftonline.com/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrDqax24iuxGYkANp6IQbzAblFMupN7_V2qA0h1pu62nUtdhJ8U6ZKyMTluhqfObhr04Kn8iF9ncUMyUm3UaTsp6jRD_LfPUc9GEUQI1FJgFusBl1cgi63dH8rJ2nhpss5e2LrrFjLUlgydk0j0zhe3qhQeW8S_35vuW5r10qu-ecgAA
.login.live.com/ Name: uaid
Value: b84e1db51f10472bb27724ad29ce8321
.login.live.com/ Name: MSPRequ
Value: id=295313&lt=1647462276&co=1
.microsoft.com/ Name: MC1
Value: GUID=663dd6a808b141e4aebe5cc0b8bd7bbe&HASH=663d&LV=202203&V=4&LU=1647462277184
.microsoft.com/ Name: MS0
Value: f73c4eb3e2d94d2b932fc3d081c8b79c
forms.office.com/ Name: MSFPC
Value: GUID=663dd6a808b141e4aebe5cc0b8bd7bbe&HASH=663d&LV=202203&V=4&LU=1647462277184

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
cdn.odc.officeapps.live.com
forms.office.com
js.monitor.azure.com
login.live.com
login.microsoftonline.com
login.windows.net
odc.officeapps.live.com
static2.sharepointonline.com
104.90.149.108
104.92.83.244
20.190.159.138
20.190.160.134
2620:1ec:48::45
2620:1ec:a92::194
2620:1ec:c11::200
40.126.31.6
52.109.76.69
52.142.114.2
52.168.117.170
92.123.225.26
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
06c6e8e135b50d87ffa0451f929b06fb674abeb3d8ae5d5e580a8fbad16e0f1c
13693bc926047d467978f55714ced9e85a10d5f49c051ff8450dd47d690300de
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
2c4cd84c3be9bc7f6ed0d2d3b6fe4a1933d59e24655014b9ec754ad1eb37788b
2ff09ddce3a55505346a551874b4a1cac73120c05f1207f47d973c4e952b0987
31b9b3aec91e58582c3a1aa07bb5f1b8dc1df8a5ca3e137e05719a23009799d8
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
393b5cce2876df6449527e176a6c7bd35f99517c558fe572698d5fdcb67a80bc
3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5
41cfa19294864afaaa09ef79e4f558e09b8985497427eb0854cb2e6b3f3603e0
4fbadd443190c1d73b64e5c638f27533049ce583a18203a288ded6f8137ea368
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
6165f4fe9e5f8a2bfdf0ec197fbb5116286cb762e014a4aef07e3174150bdceb
67dd96644fcce9cc703ebf1ede6a7a96b42fe909d024f0eee3e826ae0a59f66d
68d8a572a872ab3c0762240e1df4ce38d6dcb97bc74ea160e234909b5c4eb735
7e77a640164b61234f5f4645fabad4257d6e37c0f2c047bdcf437be3f3b66e73
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
b06ceac57545eb261548282c91ee6e68b09f2001b35c93772758b9993a7ab312
e1249dbd629757ffb6480d6ecc0da828b7e7a02ad8ce88bfccb8ba5d6c4220d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2798f151600e63249fe8ecb9e50ee6075ade8bfb5da57d2394bdfe091274ddc