r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6632
Expires: Mon, 12 Dec 2022 03:51:07 GMT
Date: Mon, 12 Dec 2022 02:00:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15667
Expires: Mon, 12 Dec 2022 06:21:42 GMT
Date: Mon, 12 Dec 2022 02:00:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16407
Expires: Mon, 12 Dec 2022 06:34:02 GMT
Date: Mon, 12 Dec 2022 02:00:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 01:08:33 GMT
content-type: application/json
age: 3122
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: i6SUviQyzWK4areIslYZ9Do03wZNo7fa7IA6GkL7BfDk8+Lj88Xa8FS9f/Rbo8X8zJagQQNhvWA=
x-amz-request-id: 9GCZ7Z7C9CG1JJ77
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 01:51:19 GMT
age: 556
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 02:00:35 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
forms.office.com/Pages/DesignPage.aspx
13.107.6.194302 Found 0 B URL HTTP/2 forms.office.com/Pages/DesignPage.aspx
IP 13.107.6.194:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Pages/DesignPage.aspx HTTP/1.1
Host: forms.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Connection: keep-alive
HTTP/2 302 Found
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
location: /?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx
strict-transport-security: max-age=2592000; includeSubDomains
x-routingofficecluster: frc-101.forms.office.com
x-routingofficefe: FormsSingleBox_IN_10
x-routingofficeversion: 16.0.16004.42050
x-routingsessionid: 7800be45-c5b1-40fc-a336-381b815d6ed6
x-routingcorrelationid: 4217fb84-9d00-4aad-943e-515ebe42a84e
x-correlationid: 4217fb84-9d00-4aad-943e-515ebe42a84e
x-officecluster: frc-101.forms.office.com
x-officefe: FormsSingleBox_IN_10
x-officeversion: 16.0.16004.42050
x-usersessionid: 7800be45-c5b1-40fc-a336-381b815d6ed6
link: <https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: EFBA10FDE92C44759494CE49E0567EFB Ref B: SVG20EDGE0216 Ref C: 2022-12-12T02:00:35Z
date: Mon, 12 Dec 2022 02:00:35 GMT
content-length: 0
X-Firefox-Spdy: h2
forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx
13.107.6.194200 OK 11 kB URL HTTP/2 forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx
IP 13.107.6.194:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14504), with CRLF line terminators
Hash 24f16ada28d577256309d24c67a83b2d
a22fbc4053b7ec783655bfc43712685927743403
7b8eb3badc636fe2defa751639adaf01e4ebba4b850be31424c845ba928fdfdf
GET /?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx HTTP/1.1
Host: forms.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 11373
content-type: text/html; charset=utf-8
content-encoding: br
expires: 0
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: FormsWebSessionId=92285a80-614d-41ba-9276-0ed698aaaf77; domain=forms.office.com; expires=Wed, 11-Jan-2023 02:00:35 GMT; path=/; samesite=none; secure; HttpOnly
usenewauthrollout=True; domain=forms.office.com; expires=Wed, 11-Jan-2023 02:00:35 GMT; path=/; samesite=none; secure; HttpOnly
RpsAuthNonce=7461dd5d-c86a-4999-9e56-2bef9fee81a9; domain=forms.office.com; expires=Wed, 11-Jan-2023 02:00:35 GMT; path=/; samesite=none; secure; HttpOnly
strict-transport-security: max-age=2592000; includeSubDomains
x-routingofficecluster: frc-101.forms.office.com
x-routingofficefe: FormsSingleBox_IN_10
x-routingofficeversion: 16.0.16004.42050
x-routingsessionid: db8b76f3-32ef-4466-b912-38b6687d8590
x-routingcorrelationid: a3e88c0a-1028-4ead-bed8-3a7b07421c76
x-correlationid: a3e88c0a-1028-4ead-bed8-3a7b07421c76
x-usersessionid: db8b76f3-32ef-4466-b912-38b6687d8590
x-officefe: FormsSingleBox_IN_10
x-officeversion: 16.0.16004.42050
x-officecluster: frc-101.forms.office.com
x-failurereason: Unknown
link: <https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F4EE9C57F9F94998B4BA23F25537779B Ref B: SVG20EDGE0216 Ref C: 2022-12-12T02:00:35Z
date: Mon, 12 Dec 2022 02:00:35 GMT
X-Firefox-Spdy: h2
cdn.forms.office.net/forms/css/dist/default-page.min.e0a783f.css
23.36.76.145200 OK 31 kB URL HTTP/2 cdn.forms.office.net/forms/css/dist/default-page.min.e0a783f.css
IP 23.36.76.145:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash b6c7cf6df0c4286062a5fb5efa9cbd4e
81cb724d37035f46ea68fca88be588ddd1064187
7a5ee04985789e18b78853aa9bc95778520f8340afd86ab8c214a949fcbafbe9
GET /forms/css/dist/default-page.min.e0a783f.css HTTP/1.1
Host: cdn.forms.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forms.office.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 30632
content-type: text/css
content-md5: tsfPbfDEKGBipfte+py9Tg==
last-modified: Wed, 07 Dec 2022 05:09:56 GMT
etag: 0x8DAD81148411CAD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 100064bd-e01e-0061-1c0d-0aed26000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 02:00:35 GMT
date: Mon, 12 Dec 2022 02:00:35 GMT
timing-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
cdn.forms.office.net/forms/scripts/dists/default-page.min.9716b70.js
23.36.76.145200 OK 34 kB URL HTTP/2 cdn.forms.office.net/forms/scripts/dists/default-page.min.9716b70.js
IP 23.36.76.145:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65125)
Hash 73c9169c9a9e5d105ad808a475016856
bff3da1e2b4a7d9e0cd425c7e1d90863eba0aaad
a5334ca5e179eff87fdb942534149e08c389d53afc8478ec11ba11066c084499
GET /forms/scripts/dists/default-page.min.9716b70.js HTTP/1.1
Host: cdn.forms.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://forms.office.com
Connection: keep-alive
Referer: https://forms.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 34199
content-type: application/javascript
content-md5: c8kWnJqeXRBa2AikdQFoVg==
last-modified: Wed, 07 Dec 2022 13:33:05 GMT
etag: 0x8DAD8579281EACE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 317fe355-b01e-001f-0dab-0a72e9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 02:00:35 GMT
date: Mon, 12 Dec 2022 02:00:35 GMT
timing-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js
23.36.76.145200 OK 71 kB URL HTTP/2 cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js
IP 23.36.76.145:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65446), with CRLF line terminators
Hash 05d116d95d6d318f9037c91b95a5c063
dbf43ac0a287cc6a3bfb3929d4ed8bd7ed363777
7031d703c57f8668c56e01677b63d8172b65db31290506ef7c3db92fdcad0a2b
GET /forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js HTTP/1.1
Host: cdn.forms.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://forms.office.com
Connection: keep-alive
Referer: https://forms.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 70611
content-type: application/javascript
content-md5: BdEW2V1tMY+QN8kblaXAYw==
last-modified: Thu, 14 Apr 2022 01:09:32 GMT
etag: 0x8DA1DB36F316C58
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3bec87cb-101e-0019-0ffe-4f8591000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 02:00:35 GMT
date: Mon, 12 Dec 2022 02:00:35 GMT
timing-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
cdn.forms.office.net/forms/scripts/vendors/combinedmin/aria_odata_v2.min.29dbe8c.js
23.36.76.145200 OK 33 kB URL HTTP/2 cdn.forms.office.net/forms/scripts/vendors/combinedmin/aria_odata_v2.min.29dbe8c.js
IP 23.36.76.145:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (47421), with CRLF line terminators
Hash ccbd184dacfbe83071d09335d6539280
eb8c90ea7abd41e3334fcb0e48ea6dccb59505bd
f0982af262237bf031b499cc76a3dd3e142255201b7698280f6e1399721ad815
GET /forms/scripts/vendors/combinedmin/aria_odata_v2.min.29dbe8c.js HTTP/1.1
Host: cdn.forms.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://forms.office.com
Connection: keep-alive
Referer: https://forms.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 32555
content-type: application/javascript
content-md5: zL0YTaz76DBx0JM11lOSgA==
last-modified: Tue, 22 Mar 2022 04:36:17 GMT
etag: 0x8DA0BBD8141A9FA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8d98cbd1-b01e-0050-34af-3db6f1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
access-control-allow-origin: *
unused62: 8096267
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 02:00:35 GMT
date: Mon, 12 Dec 2022 02:00:35 GMT
timing-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 01:07:56 GMT
age: 3159
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e12bb655426d080117693ba116f398cf
8fe1f7f8d0b191baed2decba3523656da97077f5
2c25ba0d1c806de98d5489934acd8e2f17487e4f7e40c7f0d39094ce49f91b8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5288
Cache-Control: max-age=117268
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 02:00:36 GMT
Etag: "63959db0-1d7"
Expires: Tue, 13 Dec 2022 10:35:04 GMT
Last-Modified: Sun, 11 Dec 2022 09:06:56 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
cdn.forms.office.net/forms/scripts/dists/default-page.chunk.1ds.6dc5e5d.js
23.36.76.145200 OK 30 kB URL HTTP/2 cdn.forms.office.net/forms/scripts/dists/default-page.chunk.1ds.6dc5e5d.js
IP 23.36.76.145:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (35971)
Hash f7b9cd3c2765eb018eb69b7b1a175d9a
2932f0ad4711769b451842ea83cb22d5ed8c3688
0600b0c70ee38a34438664846cc9bb04c98390ce2d69b79d608a06c338bbbcbf
GET /forms/scripts/dists/default-page.chunk.1ds.6dc5e5d.js HTTP/1.1
Host: cdn.forms.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forms.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 30129
content-type: application/javascript
content-md5: 97nNPCdl6wGOtpt7Ghddmg==
last-modified: Fri, 28 Oct 2022 04:14:09 GMT
etag: 0x8DAB89ADCD45DA8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 109175a0-e01e-0048-14ee-ec9b64000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 02:00:36 GMT
date: Mon, 12 Dec 2022 02:00:36 GMT
timing-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
23.13.246.185200 OK 36 kB URL HTTP/2 static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
IP 23.13.246.185:0
File type Web Open Font Format (Version 2), TrueType, length 36344, version 0.0\012- data
Hash 865f1db6545fc94a2f4444dd60e7bbc6
b00d806dd42101881ab94e1c96f8235b74f6ab7f
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
GET /files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2 HTTP/1.1
Host: static2.sharepointonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://forms.office.com
Connection: keep-alive
Referer: https://cdn.forms.office.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 36344
content-type: application/font-woff2
content-md5: hl8dtlRfyUovRETdYOe7xg==
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
etag: 0x8D522163B704E10
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c6e23372-a01e-00a1-7b86-c85d50000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=23679810
date: Mon, 12 Dec 2022 02:00:36 GMT
X-Firefox-Spdy: h2
forms.office.com/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none
13.107.6.194302 Found 0 B URL HTTP/2 forms.office.com/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none
IP 13.107.6.194:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none HTTP/1.1
Host: forms.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Connection: keep-alive
Cookie: FormsWebSessionId=92285a80-614d-41ba-9276-0ed698aaaf77; usenewauthrollout=True; RpsAuthNonce=7461dd5d-c86a-4999-9e56-2bef9fee81a9; MicrosoftApplicationsTelemetryDeviceId=01b17d47-7201-40fd-9314-89187b11ee3d; ai_session=XiInGb+jEzb0gBEziTLVRY|1670810434393|1670810434393
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBUUJaQzNkSGVVZ2o0M05WdXNvNjBvV19WNm1UdG9KMXd3WmZQZnJVXzdtQjdTNUd2NENDams3OF9Bek4wN2ZwZ2FIa1NmelJhOVVGSFZIV3BJS24wTEEiLCJwcm9tcHQiOiJBUTkzZ2xQVDNpWWYwN20zSzlHSlcyYTVlb1NBU0F6RlJCVDg5akZ6c2tGMy1XWVVhbzFXRHIxbmVMRlJqbXlIeGNYblJTVXBKaDNReHR1OXk4MW9RRFEiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638064072361079341.OWVhOWMxMTctYTgwNS00MzZlLThlZGMtYmI3ZDNmNjYwMGMzNjQxMTg4ZjQtZThkYi00YmYzLWI3ZWEtNDQ5ODZiN2RiNjM1&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: OpenIdConnect.nonce.YcmSNW8RCzfKczYFTGx7NhxDNtLHwLflv662FfvWYLo%3D=ZXlKMlpYSnphVzl1SWpveExDSmtZWFJoSWpwN0lrNGlPaUpCWTNsbmNHWmllalpLUlRGeGRFeHNRMDQxWWsxQ2QwOUZZVkJWWVRoUU5YSkthVzVZYTJ0M2VGaEhVMk5ET1dKdFdGUlpaWEF4ZWxwQmVGSndaREo0V1hvemFXWkdhMmxFY0hveVowSTVhSE0yUVRrd00xOXBTblZyTkhwWk5GbHVNVkUyVlRaMFpXWjJPRmRVVFVWR05qWTRkek5SUjFCSVJtZGlkbUZqVjBGWmN6RkJZVzk1ZEdSTGJGbHhUVW93Um10UlpEZGtjSFZ4WDI5V1VrMXplbEo0TWs5NWVYVmZXRzlVWWxoRFVHWjFNV0pKWm1kMlJreHhPVzFpYkRkUVJGaGFRVEpEVFhsWWQzQjJiMkZNTld0VVFuaG9NVWxtTm1SVU5EQnBlVEZLYkZwMVlqVnBaM2htWnlKOWZR; path=/; samesite=none; expires=Mon, 12-Dec-2022 02:15:36 GMT; secure; HttpOnly; SameSite=None
strict-transport-security: max-age=2592000; includeSubDomains
x-routingofficecluster: frc-101.forms.office.com
x-routingofficefe: FormsSingleBox_IN_10
x-routingofficeversion: 16.0.16004.42050
x-routingsessionid: 6f56393a-5add-4b42-a1fd-2cb02e457565
x-routingcorrelationid: 92ac0904-391f-4862-b810-d252a0fc05f4
x-correlationid: 92ac0904-391f-4862-b810-d252a0fc05f4
x-usersessionid: 6f56393a-5add-4b42-a1fd-2cb02e457565
x-officefe: FormsSingleBox_IN_10
x-officeversion: 16.0.16004.42050
x-officecluster: frc-101.forms.office.com
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E17951B5D6C94141BBCC60BFC0C9DDA3 Ref B: SVG20EDGE0216 Ref C: 2022-12-12T02:00:36Z
date: Mon, 12 Dec 2022 02:00:35 GMT
content-length: 0
X-Firefox-Spdy: h2
cdn.forms.office.net/forms/images/favicon.ico
23.36.76.145200 OK 7.9 kB URL HTTP/2 cdn.forms.office.net/forms/images/favicon.ico
IP 23.36.76.145:0
ASN #20940 Akamai International B.V.
File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 9425d8e9313a692bb3f022e8055fab82
eddcf3ea767d4c3042d01ac88594d7e795d8615c
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1
GET /forms/images/favicon.ico HTTP/1.1
Host: cdn.forms.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forms.office.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 7886
content-type: image/x-icon
content-md5: lCXY6TE6aSuz8CLoBV+rgg==
last-modified: Mon, 27 Jun 2022 04:08:36 GMT
etag: 0x8DA57F2B5C5EE03
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 770a9f31-601e-001d-4325-8a7013000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 02:00:36 GMT
date: Mon, 12 Dec 2022 02:00:36 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
c.office.com/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forms.office.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=065DD3FF138A4E3DB9A8F341C9BBC5BF&RedC=c.office.com&MXFR=111C77A3923C6B6B086A65DB963C6078
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.office.com; path=/; SameSite=None; Secure;
MUID=111C77A3923C6B6B086A65DB963C6078; domain=.office.com; expires=Sat, 06-Jan-2024 02:00:36 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Mon, 12 Dec 2022 02:00:35 GMT
content-length: 0
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.88.25.203101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.25.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FOcTwAw2CbFOmbJ8sP/pJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XBuQdx2H0pG2sbr/xrKdNU48P5g=
c.bing.com/c.gif?CtsSyncId=065DD3FF138A4E3DB9A8F341C9BBC5BF&RedC=c.office.com&MXFR=111C77A3923C6B6B086A65DB963C6078
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=065DD3FF138A4E3DB9A8F341C9BBC5BF&RedC=c.office.com&MXFR=111C77A3923C6B6B086A65DB963C6078
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=065DD3FF138A4E3DB9A8F341C9BBC5BF&RedC=c.office.com&MXFR=111C77A3923C6B6B086A65DB963C6078 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://forms.office.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.office.com/c.gif?CtsSyncId=065DD3FF138A4E3DB9A8F341C9BBC5BF&MUID=111C77A3923C6B6B086A65DB963C6078
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: MUID=111C77A3923C6B6B086A65DB963C6078; domain=.bing.com; expires=Sat, 06-Jan-2024 02:00:36 GMT; path=/; SameSite=None; Secure; Priority=High;
SRM_B=111C77A3923C6B6B086A65DB963C6078; domain=c.bing.com; expires=Sat, 06-Jan-2024 02:00:36 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BB30784D64704AB193859F8440268792 Ref B: OSL30EDGE0413 Ref C: 2022-12-12T02:00:36Z
date: Mon, 12 Dec 2022 02:00:36 GMT
content-length: 0
X-Firefox-Spdy: h2
c.office.com/c.gif?CtsSyncId=065DD3FF138A4E3DB9A8F341C9BBC5BF&MUID=111C77A3923C6B6B086A65DB963C6078
20.234.93.27200 OK 42 B URL HTTP/2 c.office.com/c.gif?CtsSyncId=065DD3FF138A4E3DB9A8F341C9BBC5BF&MUID=111C77A3923C6B6B086A65DB963C6078
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=065DD3FF138A4E3DB9A8F341C9BBC5BF&MUID=111C77A3923C6B6B086A65DB963C6078 HTTP/1.1
Host: c.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://forms.office.com/
Connection: keep-alive
Cookie: SM=T; MUID=111C77A3923C6B6B086A65DB963C6078
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=C; domain=c.office.com; path=/; SameSite=None; Secure;
ANONCHK=0; domain=c.office.com; expires=Mon, 12-Dec-2022 02:10:36 GMT; path=/; SameSite=None; Secure;
date: Mon, 12 Dec 2022 02:00:35 GMT
content-length: 42
X-Firefox-Spdy: h2
login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBUUJaQzNkSGVVZ2o0M05WdXNvNjBvV19WNm1UdG9KMXd3WmZQZnJVXzdtQjdTNUd2NENDams3OF9Bek4wN2ZwZ2FIa1NmelJhOVVGSFZIV3BJS24wTEEiLCJwcm9tcHQiOiJBUTkzZ2xQVDNpWWYwN20zSzlHSlcyYTVlb1NBU0F6RlJCVDg5akZ6c2tGMy1XWVVhbzFXRHIxbmVMRlJqbXlIeGNYblJTVXBKaDNReHR1OXk4MW9RRFEiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638064072361079341.OWVhOWMxMTctYTgwNS00MzZlLThlZGMtYmI3ZDNmNjYwMGMzNjQxMTg4ZjQtZThkYi00YmYzLWI3ZWEtNDQ5ODZiN2RiNjM1&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
20.190.160.23200 OK 962 B URL HTTP/1.1 login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBUUJaQzNkSGVVZ2o0M05WdXNvNjBvV19WNm1UdG9KMXd3WmZQZnJVXzdtQjdTNUd2NENDams3OF9Bek4wN2ZwZ2FIa1NmelJhOVVGSFZIV3BJS24wTEEiLCJwcm9tcHQiOiJBUTkzZ2xQVDNpWWYwN20zSzlHSlcyYTVlb1NBU0F6RlJCVDg5akZ6c2tGMy1XWVVhbzFXRHIxbmVMRlJqbXlIeGNYblJTVXBKaDNReHR1OXk4MW9RRFEiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638064072361079341.OWVhOWMxMTctYTgwNS00MzZlLThlZGMtYmI3ZDNmNjYwMGMzNjQxMTg4ZjQtZThkYi00YmYzLWI3ZWEtNDQ5ODZiN2RiNjM1&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
IP 20.190.160.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (786), with CRLF line terminators
Hash 411979abc60a78de9518d19e4b9931aa
ca8e9a78fa61a1dafdf2207d52be71e96290057d
71658669e8ff0656f89fc30000816470e925ef90f31360c9d93ff22ea6ade391
GET /common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBUUJaQzNkSGVVZ2o0M05WdXNvNjBvV19WNm1UdG9KMXd3WmZQZnJVXzdtQjdTNUd2NENDams3OF9Bek4wN2ZwZ2FIa1NmelJhOVVGSFZIV3BJS24wTEEiLCJwcm9tcHQiOiJBUTkzZ2xQVDNpWWYwN20zSzlHSlcyYTVlb1NBU0F6RlJCVDg5akZ6c2tGMy1XWVVhbzFXRHIxbmVMRlJqbXlIeGNYblJTVXBKaDNReHR1OXk4MW9RRFEiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638064072361079341.OWVhOWMxMTctYTgwNS00MzZlLThlZGMtYmI3ZDNmNjYwMGMzNjQxMTg4ZjQtZThkYi00YmYzLWI3ZWEtNDQ5ODZiN2RiNjM1&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0 HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://forms.office.com/
Connection: keep-alive
Cookie: brcap=0; MSFPC=GUID=27491a5fca0c436896bdbf20a1588da0&HASH=2749&LV=202205&V=4&LU=1652883922743; ESTSSSOTILES=1; AADSSOTILES=1; buid=0.AXcAH-RwARmx7E2FUhb3g-gHIsDmPF4fK4VCjUt17nh4c0Z3AAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevrgjov-IMgjdzIZPPFDTbVGCOjkZso8CSw39RHnxXgBHI3gnOz1lesuuJp1N_p0I9EwB3ZgrUBdTsVMBOiQ9SfpVJIrSBUmjV5HF_LAxvmJf0gAA; fpc=AvQ6wvXwbmFBk_Zi1VVkBPaCeMQLAwAAAKJ_KNsOAAAA; clrc={%2219338%22%3a[%22VTMWozMv%22%2c%22Y061OVTV%22]}
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: c95a6c66-5c1e-4fba-872a-38b19d228c03
x-ms-ests-server: 2.1.14167.14 - WUS2 ProdSlices
x-ms-clitelem: 1,0,0,,
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: buid=0.AXcAH-RwARmx7E2FUhb3g-gHIsDmPF4fK4VCjUt17nh4c0Z3AAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevru-jxlNWSHkPKt4uOuJlwLuDMGR1Siw5So260_JVRBg0mH0ZC5hFxy93kORfyL5dthE8CAs3tXpo9Znq7uxp5BcCvMDLGOmgL0rGfYp4mQhAgAA; expires=Wed, 11-Jan-2023 02:00:36 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=AvQ6wvXwbmFBk_Zi1VVkBPaCeMQLAwAAAKJ_KNsOAAAAYkED4QEAAABEgijbDgAAAA; expires=Wed, 11-Jan-2023 02:00:36 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=AQABAAAAAAD--DLA3VO7QrddgJg7Wevr7MJeuSARqu2i15CkT27UwoRsJ-GZVIqQN0L_j-pukorgLLwsI0xrA7LHzqu5FAHldVq8tBfYNgnFAASYN9Wbn7a6ysZSWdb1XN0X6ZqSjeeYwrlaTCcrgeF9aauqOma1PW5NSGS9yvHkZBlSXMWC0cbFovbWHoeuntNcIA2gOIkUCtJTq7W6vrwCvQO2EJhEXDpdkVtZ-XwSZobFjatiPVbBJQyPDKh-49QSdK7ZVTMgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Mon, 12 Dec 2022 02:00:36 GMT
Content-Length: 962
forms.office.com/landing
13.107.6.194302 Found 0 B IP 13.107.6.194:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /landing HTTP/1.1
Host: forms.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 1064
Origin: https://login.microsoftonline.com
Connection: keep-alive
Cookie: FormsWebSessionId=92285a80-614d-41ba-9276-0ed698aaaf77; usenewauthrollout=True; RpsAuthNonce=7461dd5d-c86a-4999-9e56-2bef9fee81a9; MicrosoftApplicationsTelemetryDeviceId=01b17d47-7201-40fd-9314-89187b11ee3d; ai_session=XiInGb+jEzb0gBEziTLVRY|1670810434393|1670810434393; OpenIdConnect.nonce.YcmSNW8RCzfKczYFTGx7NhxDNtLHwLflv662FfvWYLo%3D=ZXlKMlpYSnphVzl1SWpveExDSmtZWFJoSWpwN0lrNGlPaUpCWTNsbmNHWmllalpLUlRGeGRFeHNRMDQxWWsxQ2QwOUZZVkJWWVRoUU5YSkthVzVZYTJ0M2VGaEhVMk5ET1dKdFdGUlpaWEF4ZWxwQmVGSndaREo0V1hvemFXWkdhMmxFY0hveVowSTVhSE0yUVRrd00xOXBTblZyTkhwWk5GbHVNVkUyVlRaMFpXWjJPRmRVVFVWR05qWTRkek5SUjFCSVJtZGlkbUZqVjBGWmN6RkJZVzk1ZEdSTGJGbHhUVW93Um10UlpEZGtjSFZ4WDI5V1VrMXplbEo0TWs5NWVYVmZXRzlVWWxoRFVHWjFNV0pKWm1kMlJreHhPVzFpYkRkUVJGaGFRVEpEVFhsWWQzQjJiMkZNTld0VVFuaG9NVWxtTm1SVU5EQnBlVEZLYkZwMVlqVnBaM2htWnlKOWZR; MUID=111C77A3923C6B6B086A65DB963C6078
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: pages/silentsignincomplete.aspx
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security: max-age=2592000; includeSubDomains
x-routingofficecluster: frc-101.forms.office.com
x-routingofficefe: FormsSingleBox_IN_10
x-routingofficeversion: 16.0.16004.42050
x-routingsessionid: e8c93ec8-db95-400e-bac0-c742563e0e40
x-routingcorrelationid: 3051e45c-ab73-4e6a-86c6-8b433429d67f
x-correlationid: 3051e45c-ab73-4e6a-86c6-8b433429d67f
x-usersessionid: e8c93ec8-db95-400e-bac0-c742563e0e40
x-officefe: FormsSingleBox_IN_10
x-officeversion: 16.0.16004.42050
x-officecluster: frc-101.forms.office.com
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D9378FD803DB4C4BA6FFCADD0199E43D Ref B: SVG20EDGE0216 Ref C: 2022-12-12T02:00:37Z
date: Mon, 12 Dec 2022 02:00:36 GMT
content-length: 0
X-Firefox-Spdy: h2
forms.office.com/pages/silentsignincomplete.aspx
13.107.6.194200 OK 3.5 kB URL HTTP/2 forms.office.com/pages/silentsignincomplete.aspx
IP 13.107.6.194:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6584), with CRLF line terminators
Hash e427a6de093c2b298848d337a15cbae1
754e68d4d9be40c12d08f3763a13743027ebfad1
50d872cb5312b0ca74937c057066581ac6f020283ad3aefabe3005f2f4c7f3d9
GET /pages/silentsignincomplete.aspx HTTP/1.1
Host: forms.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Connection: keep-alive
Cookie: FormsWebSessionId=92285a80-614d-41ba-9276-0ed698aaaf77; usenewauthrollout=True; RpsAuthNonce=7461dd5d-c86a-4999-9e56-2bef9fee81a9; ai_session=XiInGb+jEzb0gBEziTLVRY|1670810434393|1670810434393; OpenIdConnect.nonce.YcmSNW8RCzfKczYFTGx7NhxDNtLHwLflv662FfvWYLo%3D=ZXlKMlpYSnphVzl1SWpveExDSmtZWFJoSWpwN0lrNGlPaUpCWTNsbmNHWmllalpLUlRGeGRFeHNRMDQxWWsxQ2QwOUZZVkJWWVRoUU5YSkthVzVZYTJ0M2VGaEhVMk5ET1dKdFdGUlpaWEF4ZWxwQmVGSndaREo0V1hvemFXWkdhMmxFY0hveVowSTVhSE0yUVRrd00xOXBTblZyTkhwWk5GbHVNVkUyVlRaMFpXWjJPRmRVVFVWR05qWTRkek5SUjFCSVJtZGlkbUZqVjBGWmN6RkJZVzk1ZEdSTGJGbHhUVW93Um10UlpEZGtjSFZ4WDI5V1VrMXplbEo0TWs5NWVYVmZXRzlVWWxoRFVHWjFNV0pKWm1kMlJreHhPVzFpYkRkUVJGaGFRVEpEVFhsWWQzQjJiMkZNTld0VVFuaG9NVWxtTm1SVU5EQnBlVEZLYkZwMVlqVnBaM2htWnlKOWZR; MUID=111C77A3923C6B6B086A65DB963C6078
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 3474
content-type: text/html; charset=utf-8
content-encoding: br
expires: 0
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security: max-age=2592000; includeSubDomains
x-routingofficecluster: weu-100.forms.office.com
x-routingofficefe: FormsSingleBox_IN_5
x-routingofficeversion: 16.0.16006.42053
x-routingsessionid: 81d023f4-0c04-4327-9bb6-ede71732611d
x-routingcorrelationid: 039e155e-572f-41ed-b31e-ee8b0b3868ed
x-correlationid: 039e155e-572f-41ed-b31e-ee8b0b3868ed
x-usersessionid: 81d023f4-0c04-4327-9bb6-ede71732611d
x-officefe: FormsSingleBox_IN_5
x-officeversion: 16.0.16006.42053
x-officecluster: weu-100.forms.office.com
x-failurereason: Unknown
x-robots-tag: noindex, nofollow
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 1BFACC65BA674FAE8078597AD0FF239D Ref B: SVG20EDGE0216 Ref C: 2022-12-12T02:00:37Z
date: Mon, 12 Dec 2022 02:00:36 GMT
X-Firefox-Spdy: h2
login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1670810435&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.office.com%2FrpsLanding%3FRpsAuthState%3Dt1b9Ls5O7X7z8ktQojfMdNYx0mFP792RduNmtk2Ui-HSEutCQ-eo4VYTXfeQxUJjKUVF5PNeiVgIK7bdgWWRRZI2Xj5ahTDuk2oSj4mMylYyxAVTg5FwoZRY0de52OpGsPLlteHdn997WccCB9t-ulvIkpbx5ofLc_rP48ymS0zE_WTkrsmJfyEHPw3CrsCwjwyDjsnZb_rzDERncbut4M-ybBbCzBPyhCpYlaIdV1WWoPgcmKmuvTp-LllPEmCDPbkh3qXKNuwuwTH_dY6BM92WI4Xd-he04v5B4PqzZC_oLlhH_SeEc_keGCZHusrZ7_s2Wp1oKNkSpuWshlRlzas13zVXtztUEdV6sWO7my4&id=295313&checkda=1
40.126.31.64302 Found 0 B URL HTTP/1.1 login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1670810435&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.office.com%2FrpsLanding%3FRpsAuthState%3Dt1b9Ls5O7X7z8ktQojfMdNYx0mFP792RduNmtk2Ui-HSEutCQ-eo4VYTXfeQxUJjKUVF5PNeiVgIK7bdgWWRRZI2Xj5ahTDuk2oSj4mMylYyxAVTg5FwoZRY0de52OpGsPLlteHdn997WccCB9t-ulvIkpbx5ofLc_rP48ymS0zE_WTkrsmJfyEHPw3CrsCwjwyDjsnZb_rzDERncbut4M-ybBbCzBPyhCpYlaIdV1WWoPgcmKmuvTp-LllPEmCDPbkh3qXKNuwuwTH_dY6BM92WI4Xd-he04v5B4PqzZC_oLlhH_SeEc_keGCZHusrZ7_s2Wp1oKNkSpuWshlRlzas13zVXtztUEdV6sWO7my4&id=295313&checkda=1
IP 40.126.31.64:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /login.srf?wa=wsignin1.0&rpsnv=13&ct=1670810435&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.office.com%2FrpsLanding%3FRpsAuthState%3Dt1b9Ls5O7X7z8ktQojfMdNYx0mFP792RduNmtk2Ui-HSEutCQ-eo4VYTXfeQxUJjKUVF5PNeiVgIK7bdgWWRRZI2Xj5ahTDuk2oSj4mMylYyxAVTg5FwoZRY0de52OpGsPLlteHdn997WccCB9t-ulvIkpbx5ofLc_rP48ymS0zE_WTkrsmJfyEHPw3CrsCwjwyDjsnZb_rzDERncbut4M-ybBbCzBPyhCpYlaIdV1WWoPgcmKmuvTp-LllPEmCDPbkh3qXKNuwuwTH_dY6BM92WI4Xd-he04v5B4PqzZC_oLlhH_SeEc_keGCZHusrZ7_s2Wp1oKNkSpuWshlRlzas13zVXtztUEdV6sWO7my4&id=295313&checkda=1 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forms.office.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Mon, 12 Dec 2022 01:59:37 GMT
Location: https://forms.office.com/rpsLanding?RpsAuthState=t1b9Ls5O7X7z8ktQojfMdNYx0mFP792RduNmtk2Ui-HSEutCQ-eo4VYTXfeQxUJjKUVF5PNeiVgIK7bdgWWRRZI2Xj5ahTDuk2oSj4mMylYyxAVTg5FwoZRY0de52OpGsPLlteHdn997WccCB9t-ulvIkpbx5ofLc_rP48ymS0zE_WTkrsmJfyEHPw3CrsCwjwyDjsnZb_rzDERncbut4M-ybBbCzBPyhCpYlaIdV1WWoPgcmKmuvTp-LllPEmCDPbkh3qXKNuwuwTH_dY6BM92WI4Xd-he04v5B4PqzZC_oLlhH_SeEc_keGCZHusrZ7_s2Wp1oKNkSpuWshlRlzas13zVXtztUEdV6sWO7my4
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: 53eebd03-c3c7-4a21-ad68-1c5bb9a8214d
PPServer: PPV: 30 H: BL6PPF0A6D71ABE V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=8936d0e1e1d7462ea6d416146093b51c; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=295313<=1670810437&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
OParams=11O.DbuS2FxJJJheT40CMzVnT*fLTtXmdkgbpq92qIqmibiKri04UjfoaGeu8kXTfLZUbUSdVYhTDiP!xcACSWL6cbGYI2s0Gq4qtOSrXxBRcKHtu5VL9ktyLDThS1wJGrIsOogQdBmbjAqKdsB3ElVaMXUgzXE8*aNUVNOXt6qSjDBf8A*Z5gYRxKiGkz7aL0eNZ2QMo0LrAIqkwNaanAlv0XyxzspvTqwFJlF5V9c1k80XuuloWhXemyZLq9mWkED6hu9FhwGpPFmYGTbWq30ZriPBCrw9Mseys*!PMkBWuxFWVX1MtjUa5GYObe5Fco!BXO372LJczun8p3ymOoWfQJedtrldKcqxJiGiFGtKqPajaFNkWVw3jypW9IKLAP8CHgHbV0uRO1CU21sa8VChyGNNjJlDSf5j5Fa37rOFnYeYiKVZA5aVFxEiKXXKPCdYqT78PCoRZChlnSTitR46nA!WVo94Cig019g!Pce2F94ZMcm66TJtZLSD*Mdws59vQx13erfRnSm3c*KTFkK8POnELtDHmf1YEsqGengpkIq4bdLxLe8vtZQCXvQtIsVXF4MWkDV!vGEHiYQQrO!J8ysIwxJPU6x*axRM0Vv4V9E2*R263QvkiDkwGSMvBKDjyuRC8jWhrjiIKweaGFGu2uaNPxVSndGLF20mVaKAnu5oGoqy9pODkTbJ2lz!SjCVHQ$$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Mon, 12 Dec 2022 02:00:36 GMT
Content-Length: 0
forms.office.com/rpsLanding?RpsAuthState=t1b9Ls5O7X7z8ktQojfMdNYx0mFP792RduNmtk2Ui-HSEutCQ-eo4VYTXfeQxUJjKUVF5PNeiVgIK7bdgWWRRZI2Xj5ahTDuk2oSj4mMylYyxAVTg5FwoZRY0de52OpGsPLlteHdn997WccCB9t-ulvIkpbx5ofLc_rP48ymS0zE_WTkrsmJfyEHPw3CrsCwjwyDjsnZb_rzDERncbut4M-ybBbCzBPyhCpYlaIdV1WWoPgcmKmuvTp-LllPEmCDPbkh3qXKNuwuwTH_dY6BM92WI4Xd-he04v5B4PqzZC_oLlhH_SeEc_keGCZHusrZ7_s2Wp1oKNkSpuWshlRlzas13zVXtztUEdV6sWO7my4
13.107.6.194302 Found 0 B URL HTTP/2 forms.office.com/rpsLanding?RpsAuthState=t1b9Ls5O7X7z8ktQojfMdNYx0mFP792RduNmtk2Ui-HSEutCQ-eo4VYTXfeQxUJjKUVF5PNeiVgIK7bdgWWRRZI2Xj5ahTDuk2oSj4mMylYyxAVTg5FwoZRY0de52OpGsPLlteHdn997WccCB9t-ulvIkpbx5ofLc_rP48ymS0zE_WTkrsmJfyEHPw3CrsCwjwyDjsnZb_rzDERncbut4M-ybBbCzBPyhCpYlaIdV1WWoPgcmKmuvTp-LllPEmCDPbkh3qXKNuwuwTH_dY6BM92WI4Xd-he04v5B4PqzZC_oLlhH_SeEc_keGCZHusrZ7_s2Wp1oKNkSpuWshlRlzas13zVXtztUEdV6sWO7my4
IP 13.107.6.194:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rpsLanding?RpsAuthState=t1b9Ls5O7X7z8ktQojfMdNYx0mFP792RduNmtk2Ui-HSEutCQ-eo4VYTXfeQxUJjKUVF5PNeiVgIK7bdgWWRRZI2Xj5ahTDuk2oSj4mMylYyxAVTg5FwoZRY0de52OpGsPLlteHdn997WccCB9t-ulvIkpbx5ofLc_rP48ymS0zE_WTkrsmJfyEHPw3CrsCwjwyDjsnZb_rzDERncbut4M-ybBbCzBPyhCpYlaIdV1WWoPgcmKmuvTp-LllPEmCDPbkh3qXKNuwuwTH_dY6BM92WI4Xd-he04v5B4PqzZC_oLlhH_SeEc_keGCZHusrZ7_s2Wp1oKNkSpuWshlRlzas13zVXtztUEdV6sWO7my4 HTTP/1.1
Host: forms.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://forms.office.com/
Connection: keep-alive
Cookie: FormsWebSessionId=92285a80-614d-41ba-9276-0ed698aaaf77; usenewauthrollout=True; RpsAuthNonce=7461dd5d-c86a-4999-9e56-2bef9fee81a9; ai_session=XiInGb+jEzb0gBEziTLVRY|1670810434393|1670810434393; OpenIdConnect.nonce.YcmSNW8RCzfKczYFTGx7NhxDNtLHwLflv662FfvWYLo%3D=ZXlKMlpYSnphVzl1SWpveExDSmtZWFJoSWpwN0lrNGlPaUpCWTNsbmNHWmllalpLUlRGeGRFeHNRMDQxWWsxQ2QwOUZZVkJWWVRoUU5YSkthVzVZYTJ0M2VGaEhVMk5ET1dKdFdGUlpaWEF4ZWxwQmVGSndaREo0V1hvemFXWkdhMmxFY0hveVowSTVhSE0yUVRrd00xOXBTblZyTkhwWk5GbHVNVkUyVlRaMFpXWjJPRmRVVFVWR05qWTRkek5SUjFCSVJtZGlkbUZqVjBGWmN6RkJZVzk1ZEdSTGJGbHhUVW93Um10UlpEZGtjSFZ4WDI5V1VrMXplbEo0TWs5NWVYVmZXRzlVWWxoRFVHWjFNV0pKWm1kMlJreHhPVzFpYkRkUVJGaGFRVEpEVFhsWWQzQjJiMkZNTld0VVFuaG9NVWxtTm1SVU5EQnBlVEZLYkZwMVlqVnBaM2htWnlKOWZR; MUID=111C77A3923C6B6B086A65DB963C6078
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /Pages/SilentSignInComplete.aspx?fromAR=1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security: max-age=2592000; includeSubDomains
x-routingofficecluster: weu-100.forms.office.com
x-routingofficefe: FormsSingleBox_IN_5
x-routingofficeversion: 16.0.16006.42053
x-routingsessionid: fdcce7c3-7b27-4133-bbf9-2afd4a982c6b
x-routingcorrelationid: d4c2a26b-24eb-477f-88d8-1775803b5f55
x-correlationid: d4c2a26b-24eb-477f-88d8-1775803b5f55
x-usersessionid: fdcce7c3-7b27-4133-bbf9-2afd4a982c6b
x-officefe: FormsSingleBox_IN_5
x-officeversion: 16.0.16006.42053
x-officecluster: weu-100.forms.office.com
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D7868444B0F842BAA8F922B4D1089929 Ref B: SVG20EDGE0216 Ref C: 2022-12-12T02:00:37Z
date: Mon, 12 Dec 2022 02:00:37 GMT
content-length: 0
X-Firefox-Spdy: h2
forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
13.107.6.194200 OK 3.5 kB URL HTTP/2 forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
IP 13.107.6.194:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6584), with CRLF line terminators
Hash 62210ade15c9856f91c3fa632985b19f
e0e7ad2b8ea0a5d09ab59775106fc7681260b8e8
dcdbe12607eacdefc8c5125bed5f641d6228d033740d29c796a439056b1b8853
GET /Pages/SilentSignInComplete.aspx?fromAR=1 HTTP/1.1
Host: forms.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://forms.office.com/
Connection: keep-alive
Cookie: FormsWebSessionId=92285a80-614d-41ba-9276-0ed698aaaf77; usenewauthrollout=True; RpsAuthNonce=7461dd5d-c86a-4999-9e56-2bef9fee81a9; ai_session=XiInGb+jEzb0gBEziTLVRY|1670810434393|1670810434393; OpenIdConnect.nonce.YcmSNW8RCzfKczYFTGx7NhxDNtLHwLflv662FfvWYLo%3D=ZXlKMlpYSnphVzl1SWpveExDSmtZWFJoSWpwN0lrNGlPaUpCWTNsbmNHWmllalpLUlRGeGRFeHNRMDQxWWsxQ2QwOUZZVkJWWVRoUU5YSkthVzVZYTJ0M2VGaEhVMk5ET1dKdFdGUlpaWEF4ZWxwQmVGSndaREo0V1hvemFXWkdhMmxFY0hveVowSTVhSE0yUVRrd00xOXBTblZyTkhwWk5GbHVNVkUyVlRaMFpXWjJPRmRVVFVWR05qWTRkek5SUjFCSVJtZGlkbUZqVjBGWmN6RkJZVzk1ZEdSTGJGbHhUVW93Um10UlpEZGtjSFZ4WDI5V1VrMXplbEo0TWs5NWVYVmZXRzlVWWxoRFVHWjFNV0pKWm1kMlJreHhPVzFpYkRkUVJGaGFRVEpEVFhsWWQzQjJiMkZNTld0VVFuaG9NVWxtTm1SVU5EQnBlVEZLYkZwMVlqVnBaM2htWnlKOWZR; MUID=111C77A3923C6B6B086A65DB963C6078
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 3486
content-type: text/html; charset=utf-8
content-encoding: br
expires: 0
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security: max-age=2592000; includeSubDomains
x-routingofficecluster: weu-100.forms.office.com
x-routingofficefe: FormsSingleBox_IN_5
x-routingofficeversion: 16.0.16006.42053
x-routingsessionid: 1cc387b8-1aab-4fa3-b2a5-4e7620bc9275
x-routingcorrelationid: 774bde40-cfbc-4450-a10e-62cdca6dc6a2
x-correlationid: 774bde40-cfbc-4450-a10e-62cdca6dc6a2
x-usersessionid: 1cc387b8-1aab-4fa3-b2a5-4e7620bc9275
x-officefe: FormsSingleBox_IN_5
x-officeversion: 16.0.16006.42053
x-officecluster: weu-100.forms.office.com
x-failurereason: Unknown
x-robots-tag: noindex, nofollow
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4B609587F6F241C9888FE462545B2825 Ref B: SVG20EDGE0216 Ref C: 2022-12-12T02:00:37Z
date: Mon, 12 Dec 2022 02:00:37 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3643
Expires: Mon, 12 Dec 2022 03:01:20 GMT
Date: Mon, 12 Dec 2022 02:00:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3643
Expires: Mon, 12 Dec 2022 03:01:20 GMT
Date: Mon, 12 Dec 2022 02:00:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F665ae3f9-217a-4a26-a3ba-2af041aeaf35.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F665ae3f9-217a-4a26-a3ba-2af041aeaf35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a37f35b8baf163928afa96129d83305
23ec6d9f18c44680415659b987399014c20b6954
13eb6db6765e1a69ba386cdb12d1451596ddebfcef20f1dbdf34f132c7f6c8f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F665ae3f9-217a-4a26-a3ba-2af041aeaf35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7408
x-amzn-requestid: 97306647-44c0-4d73-9625-f0af54acb577
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD4MFTkoAMFX_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d01-46d74b3f283ba5895aef6d3e;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XIdLQlkXcJ5PdAXw1Fb7i6CAaKnLuagCbzkMPBmcYeuSQJh_AwoMVw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:45:17 GMT
age: 15320
etag: "23ec6d9f18c44680415659b987399014c20b6954"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17bc2582-04b6-4598-bc15-05805bd0bd28.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17bc2582-04b6-4598-bc15-05805bd0bd28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9691c13b0d6f60245050231624943d7e
80c2621dd75541a8a926cad768ba53332a41f3a4
6ed3a7dfcbadad7d7fb622ec99799dfefeba5680f4cf8fe5d9118f57f7dfd9aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17bc2582-04b6-4598-bc15-05805bd0bd28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8325
x-amzn-requestid: 803a27b1-a0a6-43e0-bf2b-067c39c9af9d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz6HnKoAMFWRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-60d20c7a349095d61f068492;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fn66d83biAGn67adJKjhrU9q1BmADSSuZhV14FWCCTtzBLDF-Z8TVQ==
via: 1.1 8fd16721c32269f6a38b6515e2acebe8.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:58:39 GMT
age: 14518
etag: "80c2621dd75541a8a926cad768ba53332a41f3a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75dd1ecae61b991cd21929deb9244aac
4f14c9f7b36dfa356877251f1e6a0f5936286c4b
3435eda8961bb9954fcf5fd7c957ce58fd7aa4bb9e00525b8f42756adcf341e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6438
x-amzn-requestid: 517b1627-9789-48e8-b5df-106fee878820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENaGN6IAMFoUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d88-28cbd126745e8ab15d937936;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: amWbF9zOStURk7mvKoCOs0babDMecP7hOWzf4Hrn8RGThFiqv-_elg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:59:55 GMT
age: 14442
etag: "4f14c9f7b36dfa356877251f1e6a0f5936286c4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A--8wjYJWCj_JD6eaj3FoD0dLarj6gvH2uQrmsEDLgPwZdQgtUmaoA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:57:39 GMT
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
age: 14578
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b226bd8dfeafe00183109d4f824e2be
3c2b64c94cc098a416b1d4865e31298fcd5d05c1
ccce0f89771d141076cbf3a1830eaa5d81b9c0376c3637e100bdb21b98ecd3b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9265
x-amzn-requestid: 96d5cd55-1beb-4f13-aecd-251f84558356
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEJyGgUoAMFULw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d71-420b5c907c3546e96583ecd7;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -PiWGp486neaYPqBj92OHm22wsFaQres0BkEFO2Ysd0mc4FuTrVNfA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:48:53 GMT
age: 15104
etag: "3c2b64c94cc098a416b1d4865e31298fcd5d05c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38876d760ef06c8471468c474c1e28a7
d43cd03d5eb3e7618b6fb70c935010c2ac92ad32
a0747f29eb6084eef42d3c247594973b02c619c7ec56b6137e24b6d0362557a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4720
x-amzn-requestid: dd990fe1-8447-403e-b276-40889af5baa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENuF6SoAMF7oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d8a-59b5a8f92ef6111e64e16079;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SBYH2ZqOyZx6tB8u3g3dkimaCUGSWAMQhULpYs4gWrmZ6i3_1Br_zQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:57:39 GMT
etag: "d43cd03d5eb3e7618b6fb70c935010c2ac92ad32"
content-type: image/jpeg
age: 14578
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
20.189.173.1200 OK 0 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
IP 20.189.173.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Referer: https://forms.office.com/
Origin: https://forms.office.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, 3600
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://forms.office.com
Date: Mon, 12 Dec 2022 02:00:37 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
20.189.173.1200 OK 153 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
IP 20.189.173.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 0b4e09711cc6a58f5dea634fcaa742f7
e871a83cc60fef2366cb65a3928a549949964784
c7287a1f3a07d5e6ee9f062b0f2ff30e53bd9d15662803987b1b7fc505b71f29
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.8
apikey: a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
upload-time: 1670810435415
time-delta-to-apply-millis: use-collector-delta
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 2075
Origin: https://forms.office.com
Connection: keep-alive
Referer: https://forms.office.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 153
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: MC1=GUID=d684aeb29af8476b818a855359841e79&HASH=d684&LV=202212&V=4&LU=1670810438083; Domain=.microsoft.com; Expires=Tue, 12 Dec 2023 02:00:38 GMT; Path=/;Secure; SameSite=None
MS0=cb484689dceb47699ab8a365728432fb; Domain=.microsoft.com; Expires=Mon, 12 Dec 2022 02:30:38 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 2668
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Expose-Headers: time-delta-millis
Date: Mon, 12 Dec 2022 02:00:37 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
20.189.173.1200 OK 0 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
IP 20.189.173.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Referer: https://forms.office.com/
Origin: https://forms.office.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, 3600
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://forms.office.com
Date: Mon, 12 Dec 2022 02:00:37 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
20.189.173.1200 OK 153 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
IP 20.189.173.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 959b5589f79aa638b5db6c02a30d26c5
5661f93fb1d70d35abe51cd61f1dcf04a42f339b
bbe4fcf11293c35849c3ee9888263a580d6e7e7249fbd11823194307897033c9
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.8
apikey: a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
upload-time: 1670810436504
time-delta-to-apply-millis: 2668
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 1085
Origin: https://forms.office.com
Connection: keep-alive
Referer: https://forms.office.com/
Cookie: MC1=GUID=d684aeb29af8476b818a855359841e79&HASH=d684&LV=202212&V=4&LU=1670810438083; MS0=cb484689dceb47699ab8a365728432fb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 153
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 1766
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Expose-Headers: time-delta-millis
Date: Mon, 12 Dec 2022 02:00:37 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
20.189.173.1200 OK 153 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
IP 20.189.173.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash e198bdfbde729a2a1921cf2ede16f7e1
b94a8c56ce77610db373e6cfacd59e78a7abf208
7918c1fd7194af738812524abffdca79c9b3f1b30f2381f5ca60d16c46632eee
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.7
apikey: 2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
upload-time: 1670810435894
time-delta-to-apply-millis: use-collector-delta
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 8674
Origin: https://forms.office.com
Connection: keep-alive
Referer: https://forms.office.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 153
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: MC1=GUID=9937fc3219f845698854c34b1cfdab86&HASH=9937&LV=202212&V=4&LU=1670810438386; Domain=.microsoft.com; Expires=Tue, 12 Dec 2023 02:00:38 GMT; Path=/;Secure; SameSite=None
MS0=5b776b24e4ab4f78847a4c86d7d9d959; Domain=.microsoft.com; Expires=Mon, 12 Dec 2022 02:30:38 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 2492
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Expose-Headers: time-delta-millis
Date: Mon, 12 Dec 2022 02:00:37 GMT
forms.office.com/?redirecturl=https%3A%2F%2Fforms.office.com%2FPages%2FDesignPage.aspx%23FormId%3D5vpWzl0Fn0y2yZ00FQakkW7cdS8Dy5VPiwhHUOeIiZVUMTRGVkUzNDhFVVdHUEhaVzVYN0wwODNYUy4u%26Analysis%3Dtrue
13.107.6.194200 OK 12 kB URL HTTP/2 forms.office.com/?redirecturl=https%3A%2F%2Fforms.office.com%2FPages%2FDesignPage.aspx%23FormId%3D5vpWzl0Fn0y2yZ00FQakkW7cdS8Dy5VPiwhHUOeIiZVUMTRGVkUzNDhFVVdHUEhaVzVYN0wwODNYUy4u%26Analysis%3Dtrue
IP 13.107.6.194:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14504), with CRLF line terminators
Hash 6ec51090cdf88fa980628584b2521b92
228d12018676b58c3b90d97d27ee67a321578a55
f90e11e5dcf13bd5abf13113043b44459fbec923d0fe2ac0e4852c7eb2c5b1f4
GET /?redirecturl=https%3A%2F%2Fforms.office.com%2FPages%2FDesignPage.aspx%23FormId%3D5vpWzl0Fn0y2yZ00FQakkW7cdS8Dy5VPiwhHUOeIiZVUMTRGVkUzNDhFVVdHUEhaVzVYN0wwODNYUy4u%26Analysis%3Dtrue HTTP/1.1
Host: forms.office.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fPages%2fDesignPage.aspx
Cookie: FormsWebSessionId=92285a80-614d-41ba-9276-0ed698aaaf77; usenewauthrollout=True; RpsAuthNonce=7461dd5d-c86a-4999-9e56-2bef9fee81a9; ai_session=XiInGb+jEzb0gBEziTLVRY|1670810434393|1670810434393; OpenIdConnect.nonce.YcmSNW8RCzfKczYFTGx7NhxDNtLHwLflv662FfvWYLo%3D=ZXlKMlpYSnphVzl1SWpveExDSmtZWFJoSWpwN0lrNGlPaUpCWTNsbmNHWmllalpLUlRGeGRFeHNRMDQxWWsxQ2QwOUZZVkJWWVRoUU5YSkthVzVZYTJ0M2VGaEhVMk5ET1dKdFdGUlpaWEF4ZWxwQmVGSndaREo0V1hvemFXWkdhMmxFY0hveVowSTVhSE0yUVRrd00xOXBTblZyTkhwWk5GbHVNVkUyVlRaMFpXWjJPRmRVVFVWR05qWTRkek5SUjFCSVJtZGlkbUZqVjBGWmN6RkJZVzk1ZEdSTGJGbHhUVW93Um10UlpEZGtjSFZ4WDI5V1VrMXplbEo0TWs5NWVYVmZXRzlVWWxoRFVHWjFNV0pKWm1kMlJreHhPVzFpYkRkUVJGaGFRVEpEVFhsWWQzQjJiMkZNTld0VVFuaG9NVWxtTm1SVU5EQnBlVEZLYkZwMVlqVnBaM2htWnlKOWZR; MUID=111C77A3923C6B6B086A65DB963C6078; MSFPC=GUID=d684aeb29af8476b818a855359841e79&HASH=d684&LV=202212&V=4&LU=1670810438083
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 11515
content-type: text/html; charset=utf-8
content-encoding: br
expires: 0
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security: max-age=2592000; includeSubDomains
x-routingofficecluster: neu-101.forms.office.com
x-routingofficefe: FormsSingleBox_IN_0
x-routingofficeversion: 16.0.16004.42050
x-routingsessionid: 1a0fe8d6-25b7-4fee-af72-06fb5a728b09
x-routingcorrelationid: 77b5b062-a560-4581-bb05-da48b3a0cb6c
x-correlationid: 77b5b062-a560-4581-bb05-da48b3a0cb6c
x-usersessionid: 1a0fe8d6-25b7-4fee-af72-06fb5a728b09
x-officefe: FormsSingleBox_IN_0
x-officeversion: 16.0.16004.42050
x-officecluster: neu-101.forms.office.com
x-failurereason: Unknown
link: <https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-content-type-options: nosniff
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 6ABD34114F9E4D448596D2820BF8BD77 Ref B: SVG20EDGE0216 Ref C: 2022-12-12T02:00:38Z
date: Mon, 12 Dec 2022 02:00:38 GMT
X-Firefox-Spdy: h2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1670810436898&ext.intweb.msfpc=GUID%3Dd684aeb29af8476b818a855359841e79%26HASH%3Dd684%26LV%3D202212%26V%3D4%26LU%3D1670810438083&time-delta-to-apply-millis=2668&w=0&NoResponseBody=true
20.189.173.1204 No Content 0 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1670810436898&ext.intweb.msfpc=GUID%3Dd684aeb29af8476b818a855359841e79%26HASH%3Dd684%26LV%3D202212%26V%3D4%26LU%3D1670810438083&time-delta-to-apply-millis=2668&w=0&NoResponseBody=true
IP 20.189.173.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1670810436898&ext.intweb.msfpc=GUID%3Dd684aeb29af8476b818a855359841e79%26HASH%3Dd684%26LV%3D202212%26V%3D4%26LU%3D1670810438083&time-delta-to-apply-millis=2668&w=0&NoResponseBody=true HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1095
Origin: https://forms.office.com
Connection: keep-alive
Referer: https://forms.office.com/
Cookie: MC1=GUID=9937fc3219f845698854c34b1cfdab86&HASH=9937&LV=202212&V=4&LU=1670810438386; MS0=5b776b24e4ab4f78847a4c86d7d9d959
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 1856
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Expose-Headers: time-delta-millis
Date: Mon, 12 Dec 2022 02:00:38 GMT
odc.officeapps.live.com/odc/v2.1/hrd?rs=en-US&Ver=16&app=111&p=6&hm=0&fpEnabled=1
52.109.68.59200 OK 8.1 kB URL HTTP/2 odc.officeapps.live.com/odc/v2.1/hrd?rs=en-US&Ver=16&app=111&p=6&hm=0&fpEnabled=1
IP 52.109.68.59:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (656), with CRLF line terminators
Hash ac3d646adace198aef9beaec24a26d50
31220fef3e9e176ce86f52ceef1c0d9d288cdf5c
94b24986bc360a6efe69073b6d118cecd36d158339c7be40420b77f2faa44595
GET /odc/v2.1/hrd?rs=en-US&Ver=16&app=111&p=6&hm=0&fpEnabled=1 HTTP/1.1
Host: odc.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forms.office.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=1200
content-type: text/html; charset=utf-8
expires: Mon, 12 Dec 2022 02:20:39 GMT
last-modified: Mon, 12 Dec 2022 02:00:39 GMT
vary: *
server: Microsoft-IIS/10.0
x-correlationid: b2a44dbe-82b8-4b76-8fa4-34312c325ba0
x-usersessionid: b2a44dbe-82b8-4b76-8fa4-34312c325ba0
x-officefe: OdcFE_IN_6
x-officeversion: 16.0.16001.30550
x-officecluster: frc-000.odc.officeapps.live.com
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-ua-compatible: IE=11
x-powered-by: ASP.NET
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 02:00:39 GMT
content-length: 8128
X-Firefox-Spdy: h2
odc.officeapps.live.com/odc/stat/hrd.css?b=16001.30550
52.109.68.59200 OK 5.1 kB URL HTTP/2 odc.officeapps.live.com/odc/stat/hrd.css?b=16001.30550
IP 52.109.68.59:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (22991)
Hash e039bac4e0786ac8a47706fe80208be3
84a3947d6fc9b72e777f0acce9c241fdc063649b
ada7ede06846cac6f1bc2990bc3aa9e377732f7dd73321e7f758e0f07f923b15
GET /odc/stat/hrd.css?b=16001.30550 HTTP/1.1
Host: odc.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=en-US&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=2678400
content-type: text/css
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 08:10:10 GMT
accept-ranges: bytes
etag: "09dae545c5d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-correlationid: bf26e23a-8b98-4e68-917a-865c8c505e3f
x-usersessionid: bf26e23a-8b98-4e68-917a-865c8c505e3f
x-officefe: OdcFE_IN_6
x-officeversion: 16.0.16001.30550
x-officecluster: frc-000.odc.officeapps.live.com
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by: ASP.NET
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 02:00:39 GMT
content-length: 5050
X-Firefox-Spdy: h2
odc.officeapps.live.com/odc/stat/hrd.min.js?b=16001.30550
52.109.68.59200 OK 4.9 kB URL HTTP/2 odc.officeapps.live.com/odc/stat/hrd.min.js?b=16001.30550
IP 52.109.68.59:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (15737), with no line terminators
Hash 5783e1d4ae5c00cd8ab05cd773beefd7
a5fc608026e65e1059aeced5da8020e346d6a35c
b23763ba448a8c9096f878721d4bfb3cdb92d274c33e9d2cb39998678598204b
GET /odc/stat/hrd.min.js?b=16001.30550 HTTP/1.1
Host: odc.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=en-US&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=2678400
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 08:10:10 GMT
accept-ranges: bytes
etag: "09dae545c5d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-correlationid: 98e13109-7680-408e-9c3d-aa88779b9347
x-usersessionid: 98e13109-7680-408e-9c3d-aa88779b9347
x-officefe: OdcFE_IN_6
x-officeversion: 16.0.16001.30550
x-officecluster: frc-000.odc.officeapps.live.com
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by: ASP.NET
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 02:00:39 GMT
content-length: 4909
X-Firefox-Spdy: h2
odc.officeapps.live.com/odc/jsonstrings?g=EmailHrdv2&mkt=1033&hm=0
52.109.68.59200 OK 3.0 kB URL HTTP/2 odc.officeapps.live.com/odc/jsonstrings?g=EmailHrdv2&mkt=1033&hm=0
IP 52.109.68.59:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (2825), with CRLF line terminators
Hash 54be3c02ec238edc7957f3adfd0c98f2
01f3137d97ecdeaa8a2d9ef4969d15dd9587f0c8
23ea95ba91021ff8b19acacbd72790701dbaa1c8ccd6e3ec5aab866b2204a051
GET /odc/jsonstrings?g=EmailHrdv2&mkt=1033&hm=0 HTTP/1.1
Host: odc.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=en-US&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/javascript; charset=utf-8
server: Microsoft-IIS/10.0
x-correlationid: df9b6368-2626-42d8-8f2e-958ddb520320
x-usersessionid: df9b6368-2626-42d8-8f2e-958ddb520320
x-officefe: OdcFE_IN_6
x-officeversion: 16.0.16001.30550
x-officecluster: frc-000.odc.officeapps.live.com
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by: ASP.NET
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 02:00:39 GMT
content-length: 2992
X-Firefox-Spdy: h2
cdn.odc.officeapps.live.com/odc/stat/jquery-1.12.4.1.min.js?b=16001.30550
104.88.19.190200 OK 34 kB URL HTTP/2 cdn.odc.officeapps.live.com/odc/stat/jquery-1.12.4.1.min.js?b=16001.30550
IP 104.88.19.190:0
File type ASCII text, with very long lines (61099), with CRLF line terminators
Hash 44072e840e713205188ce7c271f2824d
4bba1a6fe99257212ca81004361034fb21a54b50
ab607343c744ffe16c871a41b8ceb0faeb3f57c3c449eee089bccbfff68d2c02
GET /odc/stat/jquery-1.12.4.1.min.js?b=16001.30550 HTTP/1.1
Host: cdn.odc.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odc.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sat, 26 Nov 2022 16:48:02 GMT
accept-ranges: bytes
etag: "0cdf8d8b61d91:0"
server: Microsoft-IIS/10.0
x-correlationid: 9e611871-d5f2-45af-847a-e81cd7e90955
x-usersessionid: 9e611871-d5f2-45af-847a-e81cd7e90955
x-officefe: OdcFE_IN_41
x-officeversion: 16.0.15926.30550
x-officecluster: frc-000.odc.officeapps.live.com
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by: ASP.NET
x-content-type-options: nosniff
content-length: 33842
cache-control: private, max-age=1794040
date: Mon, 12 Dec 2022 02:00:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.odc.officeapps.live.com/odc/stat/CommonDiagnostics.js?b=16001.30550
104.88.19.190200 OK 12 kB URL HTTP/2 cdn.odc.officeapps.live.com/odc/stat/CommonDiagnostics.js?b=16001.30550
IP 104.88.19.190:0
File type ASCII text, with very long lines (41116)
Hash 86eae2951abd25d7f8de735b34b4505d
390ea8ead75400b1846f399de122437feb13f16e
d0d49bcb1a6ad51803066555fc97838d2ab42256e88dfebefc005130a85de82a
GET /odc/stat/CommonDiagnostics.js?b=16001.30550 HTTP/1.1
Host: cdn.odc.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odc.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sat, 26 Nov 2022 16:48:02 GMT
accept-ranges: bytes
etag: "0cdf8d8b61d91:0"
server: Microsoft-IIS/10.0
x-correlationid: 7535e76f-932a-4109-a39a-90e24b2be0a5
x-usersessionid: 7535e76f-932a-4109-a39a-90e24b2be0a5
x-officefe: OdcFE_IN_46
x-officeversion: 16.0.15926.30550
x-officecluster: weu-000.odc.officeapps.live.com
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by: ASP.NET
x-content-type-options: nosniff
content-length: 12330
cache-control: private, max-age=1794021
date: Mon, 12 Dec 2022 02:00:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.odc.officeapps.live.com/odc/stat/knockout-3.4.2.js?b=16001.30550
104.88.19.190200 OK 22 kB URL HTTP/2 cdn.odc.officeapps.live.com/odc/stat/knockout-3.4.2.js?b=16001.30550
IP 104.88.19.190:0
File type ASCII text, with very long lines (644)
Hash 2cde0b7a4656b1c6ac5ae2db96f1f237
4c2cb3e7fb047b90969b30429fc34e7e6cd23322
ce19f46f109e23e6ada47605853844a8f52cbc45c8c0bb88fffb60b11b7f97e4
GET /odc/stat/knockout-3.4.2.js?b=16001.30550 HTTP/1.1
Host: cdn.odc.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odc.officeapps.live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Sat, 26 Nov 2022 16:48:02 GMT
accept-ranges: bytes
etag: "0cdf8d8b61d91:0"
server: Microsoft-IIS/10.0
x-correlationid: 0a3c2302-3370-4b90-a4e8-b71078d99198
x-usersessionid: 0a3c2302-3370-4b90-a4e8-b71078d99198
x-officefe: OdcFE_IN_0
x-officeversion: 16.0.15926.30550
x-officecluster: frc-000.odc.officeapps.live.com
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by: ASP.NET
x-content-type-options: nosniff
content-length: 22381
cache-control: private, max-age=1794124
date: Mon, 12 Dec 2022 02:00:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.png?b=16001.30550
104.88.19.190200 OK 578 B URL HTTP/2 cdn.odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.png?b=16001.30550
IP 104.88.19.190:0
File type PNG image data, 108 x 24, 8-bit colormap, non-interlaced\012- data
Hash 6e7e38a943913db90becffceeb696f61
47515c982df78a38943a72210cdf2372ae68679a
4641e44637fdb1c74c42eaa42ecc85c9a4b3b63eab24a2106df3364086af38ae
GET /odc/stat/images/hrd/microsoft_logo.png?b=16001.30550 HTTP/1.1
Host: cdn.odc.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odc.officeapps.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 26 Nov 2022 16:48:02 GMT
accept-ranges: bytes
etag: "0cdf8d8b61d91:0"
server: Microsoft-IIS/10.0
x-correlationid: 991b5af5-c1a6-4e6f-923b-03845c772005
x-usersessionid: 991b5af5-c1a6-4e6f-923b-03845c772005
x-officefe: OdcFE_IN_34
x-officeversion: 16.0.15926.30550
x-officecluster: neu-000.odc.officeapps.live.com
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by: ASP.NET
x-content-type-options: nosniff
content-length: 578
cache-control: private, max-age=1794053
date: Mon, 12 Dec 2022 02:00:39 GMT
X-Firefox-Spdy: h2
cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-msa.png?b=16001.30550
104.88.19.190200 OK 528 B URL HTTP/2 cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-msa.png?b=16001.30550
IP 104.88.19.190:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash bc583e59de22e614cca007d13ccc2b23
b71dbc41a65977f6237fe732edc97312d78cf083
7645996af783922e800f88a5eeafe306dc4742a10434afa5a062b6bd5e3293cf
GET /odc/stat/images/hrd/picker-account-msa.png?b=16001.30550 HTTP/1.1
Host: cdn.odc.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odc.officeapps.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 26 Nov 2022 16:48:02 GMT
accept-ranges: bytes
etag: "0cdf8d8b61d91:0"
server: Microsoft-IIS/10.0
x-correlationid: a53ac342-1524-4dcf-b9d8-efe90d3194b6
x-usersessionid: a53ac342-1524-4dcf-b9d8-efe90d3194b6
x-officefe: OdcFE_IN_33
x-officeversion: 16.0.15926.30550
x-officecluster: neu-000.odc.officeapps.live.com
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by: ASP.NET
x-content-type-options: nosniff
content-length: 528
cache-control: private, max-age=1793981
date: Mon, 12 Dec 2022 02:00:39 GMT
X-Firefox-Spdy: h2
cdn.odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.svg?b=16001.30550
104.88.19.190200 OK 1.5 kB URL HTTP/2 cdn.odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.svg?b=16001.30550
IP 104.88.19.190:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Hash 2c05cb84c542ce586596cea0a0bbe3b2
36720227700ccca6841f5fc6ba071fb496462209
306c9b1e2e9ebf107c2496c998950578d2492f22bab0b1c3008d92a6d9d9387c
GET /odc/stat/images/hrd/microsoft_logo.svg?b=16001.30550 HTTP/1.1
Host: cdn.odc.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odc.officeapps.live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-encoding: gzip
last-modified: Sat, 26 Nov 2022 16:48:02 GMT
accept-ranges: bytes
etag: "0cdf8d8b61d91:0"
server: Microsoft-IIS/10.0
x-correlationid: ee9eade1-7bcc-44c1-9b3f-a3e941032443
x-usersessionid: ee9eade1-7bcc-44c1-9b3f-a3e941032443
x-officefe: OdcFE_IN_31
x-officeversion: 16.0.15926.30550
x-officecluster: weu-000.odc.officeapps.live.com
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by: ASP.NET
x-content-type-options: nosniff
content-length: 1464
cache-control: private, max-age=1797072
date: Mon, 12 Dec 2022 02:00:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
odc.officeapps.live.com/odc/stat/images/hrd/Background-blurryGradient.svg
52.109.68.59200 OK 2.3 kB URL HTTP/2 odc.officeapps.live.com/odc/stat/images/hrd/Background-blurryGradient.svg
IP 52.109.68.59:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 84701a40a64052fe16c5139f83b2ce5a
bf8cd08f0bf66f5c5934b6c1c1f47803e2891d46
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
GET /odc/stat/images/hrd/Background-blurryGradient.svg HTTP/1.1
Host: odc.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odc.officeapps.live.com/odc/stat/hrd.css?b=16001.30550
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private, max-age=2678400
content-type: image/svg+xml
last-modified: Thu, 01 Dec 2022 08:10:10 GMT
accept-ranges: bytes
etag: "09dae545c5d91:0"
server: Microsoft-IIS/10.0
x-correlationid: e6942469-f000-476e-b6b0-6b1ed5888b8f
x-usersessionid: e6942469-f000-476e-b6b0-6b1ed5888b8f
x-officefe: OdcFE_IN_6
x-officeversion: 16.0.16001.30550
x-officecluster: frc-000.odc.officeapps.live.com
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-powered-by: ASP.NET
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 02:00:39 GMT
content-length: 2267
X-Firefox-Spdy: h2
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dd684aeb29af8476b818a855359841e79%26HASH%3Dd684%26LV%3D202212%26V%3D4%26LU%3D1670810438083&w=0
20.189.173.1200 OK 0 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dd684aeb29af8476b818a855359841e79%26HASH%3Dd684%26LV%3D202212%26V%3D4%26LU%3D1670810438083&w=0
IP 20.189.173.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dd684aeb29af8476b818a855359841e79%26HASH%3Dd684%26LV%3D202212%26V%3D4%26LU%3D1670810438083&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Referer: https://forms.office.com/
Origin: https://forms.office.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, 3600
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: https://forms.office.com
Date: Mon, 12 Dec 2022 02:00:39 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dd684aeb29af8476b818a855359841e79%26HASH%3Dd684%26LV%3D202212%26V%3D4%26LU%3D1670810438083&w=0
20.189.173.1200 OK 24 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dd684aeb29af8476b818a855359841e79%26HASH%3Dd684%26LV%3D202212%26V%3D4%26LU%3D1670810438083&w=0
IP 20.189.173.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 0c78dafbd058f298d4646959afe8cbe7
2aafc13612022c1dda5b77b927176a0b3abdf385
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dd684aeb29af8476b818a855359841e79%26HASH%3Dd684%26LV%3D202212%26V%3D4%26LU%3D1670810438083&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.8
apikey: a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
upload-time: 1670810438293
time-delta-to-apply-millis: use-collector-delta
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 2722
Origin: https://forms.office.com
Connection: keep-alive
Referer: https://forms.office.com/
Cookie: MC1=GUID=9937fc3219f845698854c34b1cfdab86&HASH=9937&LV=202212&V=4&LU=1670810438386; MS0=5b776b24e4ab4f78847a4c86d7d9d959
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 24
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 1935
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Expose-Headers: time-delta-millis
Date: Mon, 12 Dec 2022 02:00:39 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dd684aeb29af8476b818a855359841e79%26HASH%3Dd684%26LV%3D202212%26V%3D4%26LU%3D1670810438083&w=0
20.189.173.1200 OK 24 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dd684aeb29af8476b818a855359841e79%26HASH%3Dd684%26LV%3D202212%26V%3D4%26LU%3D1670810438083&w=0
IP 20.189.173.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 5562a90bba46ae4a7dba099d68f4a42a
ac7cf704563b3e32cc67770ea72a3873cc6fc146
afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3Dd684aeb29af8476b818a855359841e79%26HASH%3Dd684%26LV%3D202212%26V%3D4%26LU%3D1670810438083&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.8
apikey: a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
upload-time: 1670810439297
time-delta-to-apply-millis: 1935
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 1283
Origin: https://forms.office.com
Connection: keep-alive
Referer: https://forms.office.com/
Cookie: MC1=GUID=9937fc3219f845698854c34b1cfdab86&HASH=9937&LV=202212&V=4&LU=1670810438386; MS0=5b776b24e4ab4f78847a4c86d7d9d959
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 24
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 1801
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Expose-Headers: time-delta-millis
Date: Mon, 12 Dec 2022 02:00:40 GMT
browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
20.189.173.1200 OK 153 B URL HTTP/1.1 browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
IP 20.189.173.1:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash b40666558fafeb814cca875815a38f39
cf916493fb86618bed6657b81e8898d79da5b9f6
3300335b177a87edf65200f2482e30b4afae583d28ed7eb279d99cae010c0ceb
POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/1.1
Host: browser.events.data.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Client-Id: NO_AUTH
client-version: 1DS-Web-JS-3.2.7
apikey: 2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
upload-time: 1670810440168
time-delta-to-apply-millis: use-collector-delta
cache-control: no-cache, no-store
content-type: application/x-json-stream
Content-Length: 4833
Origin: https://forms.office.com
Connection: keep-alive
Referer: https://forms.office.com/
Cookie: MC1=GUID=9937fc3219f845698854c34b1cfdab86&HASH=9937&LV=202212&V=4&LU=1670810438386; MS0=5b776b24e4ab4f78847a4c86d7d9d959
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 153
Content-Type: application/json
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000
time-delta-millis: 1763
Access-Control-Allow-Headers: time-delta-millis
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://forms.office.com
Access-Control-Expose-Headers: time-delta-millis
Date: Mon, 12 Dec 2022 02:00:41 GMT
js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
13.107.213.53200 OK 0 B URL HTTP/2 js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /scripts/c/ms.jsll-3.min.js HTTP/1.1
Host: js.monitor.azure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forms.office.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=1800, immutable, no-transform
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: yrkf9GZ1Xvz6HYOCdF/nTw==
last-modified: Wed, 02 Nov 2022 19:31:15 GMT
etag: 0x8DABD08CF2EB3C0
x-cache: TCP_HIT
x-ms-request-id: 2249cc78-001e-009a-77c9-0d71e9000000
x-ms-version: 2009-09-19
x-ms-meta-jssdkver: 3.2.8
x-ms-meta-jssdksrc: [cdn]/scripts/c/ms.jsll-3.2.8.min.js
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0yImWYwAAAAC1a1RUFe/JQbPYEZnPZ7SAQU1TMDRFREdFMTkyMABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-azure-ref: 0Q4uWYwAAAACn94p7Q5hcR7QLTGNCrbZXU1ZHMjBFREdFMDUxMgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
date: Mon, 12 Dec 2022 02:00:35 GMT
X-Firefox-Spdy: h2