urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
13.107.6.194  Public Scan

Go To Rescan Add Verdict Report
URL: https://forms.office.com/pages/responsepage.aspx?id=7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WO...
Submission: On September 05 via manual from MG — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 13.107.6.194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 4283.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on June 30th 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 13.107.6.194 8068 (MICROSOFT...)
18 104.109.143.12 20940 (AKAMAI-ASN1)
1 52.111.243.107 8075 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 204.79.197.237 8068 (MICROSOFT...)
4 20.50.201.204 8075 (MICROSOFT...)
27 5
3    13.107.6.194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
18    104.109.143.12 (Haarlem, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-143-12.deploy.static.akamaitechnologies.com
cdn.forms.office.net
1    52.111.243.107 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    20.50.201.204 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eu-mobile.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
18 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 20242
434 KB
6 office.com
forms.office.com — Cisco Umbrella Rank: 4283
lists.office.com — Cisco Umbrella Rank: 34639
c.office.com — Cisco Umbrella Rank: 45451
988 KB
4 microsoft.com
eu-mobile.events.data.microsoft.com — Cisco Umbrella Rank: 625
871 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
772 B
27 4
Domain Requested by
18 cdn.forms.office.net forms.office.com
cdn.forms.office.net
4 eu-mobile.events.data.microsoft.com cdn.forms.office.net
3 forms.office.com forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects forms.office.com
1 c.bing.com 1 redirects
1 lists.office.com forms.office.com
27 6

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 07		 2024-06-30 -
2025-06-25		 a year crt.sh
cdn.forms.office.net
Microsoft Azure ECC TLS Issuing CA 07		 2024-07-19 -
2025-07-14		 a year crt.sh
lists.office.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-07-31 -
2025-07-26		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-16 -
2025-06-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u&route=shorturl
Frame ID: 7F6B2A3EA3392DC9D14638F499FD4554
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SONDAGE MANAGERS DES OPCOS AXIAN TELECOM AXIAN TELECOM OPCOS MANAGEMENT SURVEY

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

27
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

1422 kB
Transfer

2492 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F60C57C96F824587A6396A4BA2C7EC29&RedC=c.office.com&MXFR=362E4C1F3B906517059F58EE3F906E19 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F60C57C96F824587A6396A4BA2C7EC29&MUID=362E4C1F3B906517059F58EE3F906E19

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/ 		64 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c9e32b357838cbaa7520deb80a94c02f6e8a256747061301af4d7f7d9737faf8
Security Headers
Name Value
Content-Security-Policy object-src 'none';script-src 'nonce-d15c59aa-e9ce-4b21-a656-ae9f4183f9c1' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
object-src 'none';script-src 'nonce-d15c59aa-e9ce-4b21-a656-ae9f4183f9c1' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
content-type
text/html; charset=utf-8
date
Thu, 05 Sep 2024 06:44:18 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
report-to
{ "group": "endpoint-1", "max_age": 108864000, "endpoints": [ { "url": "https://csp.microsoft.com/report/Forms-PROD" }] }
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
a3367109-f36e-49d9-9a2d-8a38fcba2012
x-msedge-ref
Ref A: 8050FE36BC114414B681CA25EB805CFC Ref B: AMS231032604033 Ref C: 2024-09-05T06:44:18Z
x-officecluster
weu-101.forms.office.com
x-officefe
FormsSingleBox_IN_5
x-officeversion
16.0.18101.42051
x-robots-tag
noindex, nofollow
x-routingcorrelationid
a3367109-f36e-49d9-9a2d-8a38fcba2012
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_0
x-routingofficeversion
16.0.18101.42051
x-routingsessionid
d5e72749-733e-4fdb-8aad-a98cce7afe10
x-usersessionid
d5e72749-733e-4fdb-8aad-a98cce7afe10
ls-response.it.db398ef18.js
cdn.forms.office.net/forms/scripts/dists/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.it.db398ef18.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b30afaff8214686ed7101debd984ab3fbcf20a94e872bc2ddfefd319cd44cde2

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:19 GMT
content-encoding
br
content-md5
tBHa46dAV+8K+g5nXoyulQ==
content-length
12040
x-ms-lease-status
unlocked
last-modified
Wed, 28 Aug 2024 04:49:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCC71CCF4CC37A
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f051b6ce-d01e-0004-401f-f95c7b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:19 GMT
dll-dompurify.min.df1eebc.js
cdn.forms.office.net/forms/scripts/dists/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.df1eebc.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7440c1475be1a61688c1af01710779c6a6c6bc630f7539525091989001c00626

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:19 GMT
content-encoding
br
content-md5
+sjzAFoG72dpqaUbe00p9g==
content-length
11450
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD989233D91
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
66b4a1c3-501e-0051-4ac6-fdb70c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:19 GMT
light-response-page.min.9024649.js
cdn.forms.office.net/forms/scripts/dists/ 		484 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f654292c6b3f03c8bf521f8de38cf7a3558bfa3a147547625956b5bdd9e27d1d

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:19 GMT
content-encoding
br
content-md5
gs7/9qVxz5/q/fzwbhev0w==
content-length
130441
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98AEE43F6
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1c2f3c8c-d01e-0040-0cc6-fd8017000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:19 GMT
runtimeFormsWithResponses('7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u')
forms.office.com/formapi/api/462b20ee-8bb0-4c05-b1fa-6fdf72dca1e3/users/0a8f60f4-0cda-4deb-80d4-cdcc33f90d35/light/ 		30 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/462b20ee-8bb0-4c05-b1fa-6fdf72dca1e3/users/0a8f60f4-0cda-4deb-80d4-cdcc33f90d35/light/runtimeFormsWithResponses('7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30414a89e1afa8d6273b8b6043c12a97d45feddbaf5b4a90a09aeff719da60ee
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u&route=shorturl
X-UserSessionId
d5e72749-733e-4fdb-8aad-a98cce7afe10
__RequestVerificationToken
Z74RGN2ZD-jbelg8PgJdUcofyX7iIc0ztJ44N2uRMXsfazzKCJtH-mf5m5PSinAkaGBlSwPw9ZyG3qZyRCqdANmIaSRSfyNJ2ZMKhk2dE401
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Thu, 05 Sep 2024 06:44:18 GMT
x-officeversion
16.0.18101.42051
x-officefe
FormsSingleBox_IN_14
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_14
x-routingofficeversion
16.0.18101.42051
x-correlationid
fcf1d585-5a8f-47dc-a9f1-88cb728df8fa
x-officecluster
neu-101.forms.office.com
x-usersessionid
d5e72749-733e-4fdb-8aad-a98cce7afe10
x-msedge-ref
Ref A: 3275DD7394A548619F3FCA493EC55DA7 Ref B: AMS231032604033 Ref C: 2024-09-05T06:44:18Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
fcf1d585-5a8f-47dc-a9f1-88cb728df8fa
x-routingsessionid
d5e72749-733e-4fdb-8aad-a98cce7afe10
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-101.forms.office.com
light-response-page.chunk.lrp_ext.6b109ef.js
cdn.forms.office.net/forms/scripts/dists/ 		0
105 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.6b109ef.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-encoding
br
content-md5
ebeRuBYH7phRn5N84HMm+w==
content-length
107339
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98AC787C8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
188ffad6-e01e-006a-38c6-fdf552000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
light-response-page.chunk.lrp_saveresponse.7a35754.js
cdn.forms.office.net/forms/scripts/dists/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.7a35754.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-encoding
br
content-md5
y+ED7bB33V4jXSYuMpkOJQ==
content-length
9163
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98ADD5677
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
faa44c3f-601e-001d-6fc6-fd7013000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
light-response-page.chunk.lrp_cover.65edc4c.js
cdn.forms.office.net/forms/scripts/dists/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.65edc4c.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-encoding
br
content-md5
mF6CdaAR5d2l0Fd+64X2/g==
content-length
18177
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98AC7FCE3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e665f574-c01e-0032-0dc6-fdf129000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
light-response-page.chunk.lrp_groupnote.6af4c46.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_groupnote.6af4c46.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-encoding
br
content-md5
7hb83/RMeckLP9hl1i595w==
content-length
1608
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98AD0AE22
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
abff0c79-101e-005d-01c6-fd59fd000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
light-response-page.chunk.lrp_post.boot.34440f3.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.34440f3.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-encoding
br
content-md5
BbRnPa5n/dWyVSnlfoU+0w==
content-length
5159
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98AD91160
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0908d0a2-301e-0005-60c6-fd5d86000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
light-response-page.chunk.lrp_ext.6b109ef.js
cdn.forms.office.net/forms/scripts/dists/ 		377 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.6b109ef.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
14d6b66dede2b37f5bcb655ceb49a456a7585609665f16bd670624b721ebe435

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-encoding
br
content-md5
ebeRuBYH7phRn5N84HMm+w==
content-length
107339
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98AC787C8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
188ffad6-e01e-006a-38c6-fdf552000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
light-response-page.chunk.vendors.201d46b.js
cdn.forms.office.net/forms/scripts/dists/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.vendors.201d46b.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2989f5e4c60fc8c4f192321376ee85d09f5b35685816031c61420d1a6d50dda

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-encoding
br
content-md5
qvx6E0ZpIQ5gVHZH77POAQ==
content-length
28420
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98AEDA7BC
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
476b0ef8-301e-002c-78d5-fd2bc4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
light-response-page.chunk.lrp_saveresponse.7a35754.js
cdn.forms.office.net/forms/scripts/dists/ 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.7a35754.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cd7ae69eb4528cc0612c3ca2edd629d3603db6637cdbb1788adeded86425abc5

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-encoding
br
content-md5
y+ED7bB33V4jXSYuMpkOJQ==
content-length
9163
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98ADD5677
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
faa44c3f-601e-001d-6fc6-fd7013000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
light-response-page.chunk.lrp_post.boot.34440f3.js
cdn.forms.office.net/forms/scripts/dists/ 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.34440f3.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
283e984e4e26ce55e268000327bbdf0e7dc9da881b9f3f26eb6590ffcd23f6f8

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-encoding
br
content-md5
BbRnPa5n/dWyVSnlfoU+0w==
content-length
5159
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98AD91160
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0908d0a2-301e-0005-60c6-fd5d86000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
d0466a5a-ea9a-4a7e-abdb-7c1744d2d946
lists.office.com/Images/462b20ee-8bb0-4c05-b1fa-6fdf72dca1e3/0a8f60f4-0cda-4deb-80d4-cdcc33f90d35/T6WKTHQBGAWPXUK56NV93N1123/ 		959 KB
962 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/462b20ee-8bb0-4c05-b1fa-6fdf72dca1e3/0a8f60f4-0cda-4deb-80d4-cdcc33f90d35/T6WKTHQBGAWPXUK56NV93N1123/d0466a5a-ea9a-4a7e-abdb-7c1744d2d946
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u&route=shorturl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.111.243.107 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
953878e6067c3dc68b21ad978a720d9346b4526c1620d752bf3ffbabd5206eb8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 06:44:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.18028.42101
x-officecluster
wus-107.lists.office.com
x-usersessionid
1c905ded-dc92-40b3-bd62-de4a9018903e
x-officeversion
16.0.18103.42101
x-officefe
CollabDBReverseProxyWithMappingService_IN_2
content-type
image/jpeg
x-routingcorrelationid
c2219554-add5-401d-96ca-4c8bcc30335d
x-routingsessionid
1c905ded-dc92-40b3-bd62-de4a9018903e
x-routingofficecluster
weu-100.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_2
light-response-page.chunk.sw.9c1bfed.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.9c1bfed.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
600c36c9e419e1410a833b42d3257cfc535395253a8dd9f63d6a6ab1adeb366c

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-encoding
br
content-md5
bIixx/w/Oru7kk1yyiFASw==
content-length
572
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98AD6A0B7
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
54ab6ad1-601e-003f-3dc6-fd1e25000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
light-response-page.chunk.lrp_math.22de4af.js
cdn.forms.office.net/forms/scripts/dists/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_math.22de4af.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
089453215b2f8d7758326e07d94954e8817dbe3a9c61f3c9be893b547fa927c0

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-encoding
br
content-md5
ioif8JhXAg4b/jmY7rAc/g==
content-length
27817
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98AD06007
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
660cb565-201e-0038-19d5-fde8a0000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
microsoft365logo_v1.png
cdn.forms.office.net/forms/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/microsoft365logo_v1.png
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u&route=shorturl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-md5
MRJ0yMnGbolPWvpR+s1yzQ==
content-length
5895
x-ms-lease-status
unlocked
last-modified
Thu, 17 Aug 2023 05:32:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB9EE3626888F3
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
53a518ed-501e-001e-23dc-d07314000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
light-response-page.chunk.1ds.4815435.js
cdn.forms.office.net/forms/scripts/dists/ 		108 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.4815435.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
32859a35e0c0f3bc47ccaf2a01830bf7a8c41702c026d0b74ff7e50bc7e6cd51

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-encoding
br
content-md5
+ueruW0Yc80uaqZIDb8URg==
content-length
34419
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98AC5171D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
47ac04c3-801e-0053-62c6-fdb5f6000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
light-response-page.chunk.utel.89af358.js
cdn.forms.office.net/forms/scripts/dists/ 		141 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.89af358.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9024649.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8e5640bcd6729c2f441e5886fa73aa662eadfa23a1a9cd56fad153d40fd222dd

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 Sep 2024 06:44:20 GMT
content-encoding
br
content-md5
XIh5mf/AFEMfkBCv09e+VA==
content-length
37307
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCCBD98AEDA7BC
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
daf5862b-a01e-000b-53c6-fdb18d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:20 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F60C57C96F824587A6396A4BA2C7EC29&RedC=c.office.com&MXFR=362E4C1F3B906517059F58EE3F906E19
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F60C57C96F824587A6396A4BA2C7EC29&MUID=362E4C1F3B906517059F58EE3F906E19
42 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F60C57C96F824587A6396A4BA2C7EC29&MUID=362E4C1F3B906517059F58EE3F906E19
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u&route=shorturl
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 06:44:21 GMT
last-modified
Wed, 14 Aug 2024 17:35:32 GMT
server
Microsoft-IIS/10.0
etag
"bb391b5d70eeda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 05 Sep 2024 06:44:20 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FC56B77CA9094AE19E4397F0B8EDC8AA Ref B: BCN30EDGE0716 Ref C: 2024-09-05T06:44:21Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F60C57C96F824587A6396A4BA2C7EC29&MUID=362E4C1F3B906517059F58EE3F906E19
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
'it'
forms.office.com/formapi/api/462b20ee-8bb0-4c05-b1fa-6fdf72dca1e3/users/0a8f60f4-0cda-4deb-80d4-cdcc33f90d35/forms('7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u'... 		2 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/462b20ee-8bb0-4c05-b1fa-6fdf72dca1e3/users/0a8f60f4-0cda-4deb-80d4-cdcc33f90d35/forms('7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u')/localeResource/'it'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.6b109ef.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
f90a577b-aac4-47b0-9e92-bd6d6814be9a
x-usersessionid
d5e72749-733e-4fdb-8aad-a98cce7afe10
x-ms-form-request-ring
business
authorization
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=7iArRrCLBUyx-m_fctyh4_RgjwraDOtNgNTNzDP5DTVUNldLVEhRQkdBV1BYVUs1Nk5WOTNOMTEyMy4u&route=shorturl
x-ms-form-request-source
ms-formweb
__requestverificationtoken
Z74RGN2ZD-jbelg8PgJdUcofyX7iIc0ztJ44N2uRMXsfazzKCJtH-mf5m5PSinAkaGBlSwPw9ZyG3qZyRCqdANmIaSRSfyNJ2ZMKhk2dE401

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Thu, 05 Sep 2024 06:44:20 GMT
x-officeversion
16.0.18101.42051
x-officefe
FormsSingleBox_IN_14
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_10
x-routingofficeversion
16.0.18101.42051
x-correlationid
f90a577b-aac4-47b0-9e92-bd6d6814be9a
x-officecluster
neu-101.forms.office.com
x-usersessionid
d5e72749-733e-4fdb-8aad-a98cce7afe10
x-msedge-ref
Ref A: 881E33C53F904B72BCB865B1B3CB1079 Ref B: AMS231032604033 Ref C: 2024-09-05T06:44:20Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
f90a577b-aac4-47b0-9e92-bd6d6814be9a
x-routingsessionid
d5e72749-733e-4fdb-8aad-a98cce7afe10
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-101.forms.office.com
favicon.ico
cdn.forms.office.net/forms/images/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.143.12 Haarlem, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-143-12.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
unused62
8096267
date
Thu, 05 Sep 2024 06:44:21 GMT
content-md5
lCXY6TE6aSuz8CLoBV+rgg==
content-length
7886
x-ms-lease-status
unlocked
last-modified
Fri, 29 Oct 2021 05:14:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D99A9AF254F8C1
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
0ca5e37c-201e-004d-0c5a-ce9236000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 05 Sep 2025 06:44:21 GMT
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		25 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.4815435.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.201.204 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1725518662046
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
4e990506778b4d9cbf05300e98315eed-682648e1-a406-45c4-9d5b-709b9899d662-7161
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Sep 2024 06:44:22 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
783
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
25
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.201.204 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Thu, 05 Sep 2024 06:44:22 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		154 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.4815435.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.201.204 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
b7bd3cd27d80e7bb5affb8c184aeec7111e3815a61b95f9c666ed773eaf1e1c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1725518663535
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Sep 2024 06:44:22 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
91
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
154
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.201.204 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Thu, 05 Sep 2024 06:44:23 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_4ce7410a16ea8d4708eb object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap function| jQuery function| $ object| __globalSettings__ object| __themeState__ object| __packages__ function| MathQuill object| __dynProto$Gbl

11 Cookies

Domain/Path Name / Value
forms.office.com/ Name: FormsWebSessionId
Value: 8d9d7817-50c3-4f82-acc3-a29587d47515
forms.office.com/ Name: __RequestVerificationToken
Value: 0wuv6d7spcYDOdUAbGtkyY2qBcxFpN8ASY-0bSXBaA-5l07pZupq56fIZwazUQoz64YmZoCx9WAz0Jcp3nPpR9AaXrIaCuYvqs1cbhEtal41
.office.com/ Name: MUID
Value: 362E4C1F3B906517059F58EE3F906E19
.bing.com/ Name: MUID
Value: 362E4C1F3B906517059F58EE3F906E19
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 362E4C1F3B906517059F58EE3F906E19
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=38dc096b0e704e3a8855573e4552b748&HASH=38dc&LV=202409&V=4&LU=1725518663626
.microsoft.com/ Name: MS0
Value: 94b510520d0c4de99fd4f764b3d4bc9d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none';script-src 'nonce-d15c59aa-e9ce-4b21-a656-ae9f4183f9c1' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.office.com
cdn.forms.office.net
eu-mobile.events.data.microsoft.com
forms.office.com
lists.office.com
104.109.143.12
13.107.6.194
13.74.129.1
20.50.201.204
204.79.197.237
52.111.243.107
089453215b2f8d7758326e07d94954e8817dbe3a9c61f3c9be893b547fa927c0
14d6b66dede2b37f5bcb655ceb49a456a7585609665f16bd670624b721ebe435
283e984e4e26ce55e268000327bbdf0e7dc9da881b9f3f26eb6590ffcd23f6f8
30414a89e1afa8d6273b8b6043c12a97d45feddbaf5b4a90a09aeff719da60ee
32859a35e0c0f3bc47ccaf2a01830bf7a8c41702c026d0b74ff7e50bc7e6cd51
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
600c36c9e419e1410a833b42d3257cfc535395253a8dd9f63d6a6ab1adeb366c
7440c1475be1a61688c1af01710779c6a6c6bc630f7539525091989001c00626
8e5640bcd6729c2f441e5886fa73aa662eadfa23a1a9cd56fad153d40fd222dd
953878e6067c3dc68b21ad978a720d9346b4526c1620d752bf3ffbabd5206eb8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b30afaff8214686ed7101debd984ab3fbcf20a94e872bc2ddfefd319cd44cde2
b7bd3cd27d80e7bb5affb8c184aeec7111e3815a61b95f9c666ed773eaf1e1c5
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
c9e32b357838cbaa7520deb80a94c02f6e8a256747061301af4d7f7d9737faf8
cd7ae69eb4528cc0612c3ca2edd629d3603db6637cdbb1788adeded86425abc5
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2989f5e4c60fc8c4f192321376ee85d09f5b35685816031c61420d1a6d50dda
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1
f654292c6b3f03c8bf521f8de38cf7a3558bfa3a147547625956b5bdd9e27d1d