urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=d7ACa9p9HU2XedzRdHxIPOq5nRpkuJlMpPLpFC8d3WZUMkxLUTBFWUwxQVVaMzBaRUJKQ...
Submission: On October 17 via manual from LK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 24 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 2081.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on September 29th 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2620:1ec:a92:... 8068 (MICROSOFT...)
15 2a02:26f0:470... 20940 (AKAMAI-ASN1)
1 2603:1036:240... 8075 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
4 20.44.10.123 8075 (MICROSOFT...)
24 5
3    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
15    2a02:26f0:4700::210:2c0 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
1    2603:1036:2400::93 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wus-107.lists.office.com
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    20.44.10.123 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
15 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 7539
387 KB
6 office.com
forms.office.com — Cisco Umbrella Rank: 2081
wus-107.lists.office.com — Cisco Umbrella Rank: 277901
c.office.com — Cisco Umbrella Rank: 18286
1 MB
4 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 76
869 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 190
771 B
24 4
Domain Requested by
15 cdn.forms.office.net forms.office.com
cdn.forms.office.net
4 browser.events.data.microsoft.com cdn.forms.office.net
3 forms.office.com forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects
1 c.bing.com 1 redirects
1 wus-107.lists.office.com
24 6

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 07		 2024-09-29 -
2025-09-24		 a year crt.sh
cdn.forms.office.net
Microsoft Azure ECC TLS Issuing CA 07		 2024-07-19 -
2025-07-14		 a year crt.sh
lists.office.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-07-31 -
2025-07-26		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-09-27 -
2025-09-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=d7ACa9p9HU2XedzRdHxIPOq5nRpkuJlMpPLpFC8d3WZUMkxLUTBFWUwxQVVaMzBaRUJKQkdGUU9MSC4u
Frame ID: 5C982E360231CD01DB864FF7016B7B9E
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2024 Annual S.i. Systems Holiday Celebrations

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

24
Requests

96 %
HTTPS

67 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

1590 kB
Transfer

2586 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=54DA492666984B85B80CD4C174343A33&RedC=c.office.com&MXFR=09C04D17F37A6D5F166D580CF77A662E HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=54DA492666984B85B80CD4C174343A33&MUID=09C04D17F37A6D5F166D580CF77A662E

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/ 		63 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=d7ACa9p9HU2XedzRdHxIPOq5nRpkuJlMpPLpFC8d3WZUMkxLUTBFWUwxQVVaMzBaRUJKQkdGUU9MSC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2db4feafa0531f1511d13dd5af03afcd0d8acb7cd1166545b4ab16e3002021b4
Security Headers
Name Value
Content-Security-Policy object-src 'none';script-src 'nonce-793bbc4b-17d9-4e45-b427-601374c4431a' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
object-src 'none';script-src 'nonce-793bbc4b-17d9-4e45-b427-601374c4431a' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
content-type
text/html; charset=utf-8
date
Thu, 17 Oct 2024 01:00:45 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
report-to
{ "group": "endpoint-1", "max_age": 108864000, "endpoints": [ { "url": "https://csp.microsoft.com/report/Forms-PROD" }] }
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
c5c6adb1-2683-4fb3-88d9-eca00e897291
x-msedge-ref
Ref A: ED239C8F5BE7458583173711B63C7E07 Ref B: AMS231032601027 Ref C: 2024-10-17T01:00:44Z
x-officecluster
frc-101.forms.office.com
x-officefe
FormsSingleBox_IN_14
x-officeversion
16.0.18208.42500
x-robots-tag
noindex, nofollow
x-routingcorrelationid
c5c6adb1-2683-4fb3-88d9-eca00e897291
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_14
x-routingofficeversion
16.0.18208.42500
x-routingsessionid
09a6c71c-927e-4911-99cc-c2fc9a0a408d
x-usersessionid
09a6c71c-927e-4911-99cc-c2fc9a0a408d
ls-response.de.db13558e2.js
cdn.forms.office.net/forms/scripts/dists/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.db13558e2.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=d7ACa9p9HU2XedzRdHxIPOq5nRpkuJlMpPLpFC8d3WZUMkxLUTBFWUwxQVVaMzBaRUJKQkdGUU9MSC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
985dafdaf1f37a6ce2c573d631d0def73c36d5d8737e50ee2085a1e51c4e843f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://forms.office.com
Referer
https://forms.office.com/

Response headers

content-md5
o2JiDm7b0/+08QDW/yEnuA==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE8E60EEBA8B3
content-encoding
br
expires
Fri, 17 Oct 2025 01:00:46 GMT
date
Thu, 17 Oct 2024 01:00:46 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 04:43:17 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
7f3c2325-301e-004a-61d6-1a999e000000
access-control-allow-origin
*
content-length
13112
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
dll-dompurify.min.11aa374.js
cdn.forms.office.net/forms/scripts/dists/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.11aa374.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=d7ACa9p9HU2XedzRdHxIPOq5nRpkuJlMpPLpFC8d3WZUMkxLUTBFWUwxQVVaMzBaRUJKQkdGUU9MSC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
37d099733e4901725976e46366372584c0bb88ea5b32d288bab5f996736725c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://forms.office.com
Referer
https://forms.office.com/

Response headers

content-md5
E2B0bUKHuiPVjrEwSQyb/w==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE8E60A5854E7
content-encoding
br
expires
Fri, 17 Oct 2025 01:00:46 GMT
date
Thu, 17 Oct 2024 01:00:46 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 04:43:09 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
261c4b84-a01e-0029-7bd6-1adfbb000000
access-control-allow-origin
*
content-length
13382
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
light-response-page.min.06eec3f.js
cdn.forms.office.net/forms/scripts/dists/ 		480 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.06eec3f.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=d7ACa9p9HU2XedzRdHxIPOq5nRpkuJlMpPLpFC8d3WZUMkxLUTBFWUwxQVVaMzBaRUJKQkdGUU9MSC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d2030540b8570e7719c0a937c4ebd0a892591b038dc3f0ddeeb7f9365de19e9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://forms.office.com
Referer
https://forms.office.com/

Response headers

content-md5
vVvhbSIDh8jnpZ2GyQtP5g==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE8E60C45F6B4
content-encoding
br
expires
Fri, 17 Oct 2025 01:00:46 GMT
date
Thu, 17 Oct 2024 01:00:46 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 04:43:12 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
0b74b352-801e-0071-0ad6-1adbc0000000
access-control-allow-origin
*
content-length
129876
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
runtimeFormsWithResponses('d7ACa9p9HU2XedzRdHxIPOq5nRpkuJlMpPLpFC8d3WZUMkxLUTBFWUwxQVVaMzBaRUJKQkdGUU9MSC4u')
forms.office.com/formapi/api/6b02b077-7dda-4d1d-9779-dcd1747c483c/users/1a9db9ea-b864-4c99-a4f2-e9142f1ddd66/light/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/6b02b077-7dda-4d1d-9779-dcd1747c483c/users/1a9db9ea-b864-4c99-a4f2-e9142f1ddd66/light/runtimeFormsWithResponses('d7ACa9p9HU2XedzRdHxIPOq5nRpkuJlMpPLpFC8d3WZUMkxLUTBFWUwxQVVaMzBaRUJKQkdGUU9MSC4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=d7ACa9p9HU2XedzRdHxIPOq5nRpkuJlMpPLpFC8d3WZUMkxLUTBFWUwxQVVaMzBaRUJKQkdGUU9MSC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9724fabb1a69ecb8fd88eda431d63665a379549699d1157ba396e1b94ac542d4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

X-UserSessionId
09a6c71c-927e-4911-99cc-c2fc9a0a408d
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=d7ACa9p9HU2XedzRdHxIPOq5nRpkuJlMpPLpFC8d3WZUMkxLUTBFWUwxQVVaMzBaRUJKQkdGUU9MSC4u
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
__RequestVerificationToken
ZlTegIb4RZiqrggjiXMARztHqQA1nKGch_CX5FfpajWrJoF3lEYv0Y59u7fKMxlDqE4JJdVARCp2A2uLFrR_AX5sQLmtojC4Nq37tLIB6dY1

Response headers

x-officefe
FormsSingleBox_IN_11
x-robots-tag
noindex, nofollow
content-encoding
gzip
x-routingsessionid
09a6c71c-927e-4911-99cc-c2fc9a0a408d
x-routingcorrelationid
cf94bdf1-b32c-4cd2-934b-bda254da6a1c
x-usersessionid
09a6c71c-927e-4911-99cc-c2fc9a0a408d
x-cache
CONFIG_NOCACHE
date
Thu, 17 Oct 2024 01:00:46 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
x-msedge-ref
Ref A: 8505C0B86B424940B6354E1DC330E062 Ref B: AMS231032601027 Ref C: 2024-10-17T01:00:46Z
x-routingofficefe
FormsSingleBox_IN_12
x-routingofficeversion
16.0.18208.42500
x-officecluster
weu-101.forms.office.com
x-routingofficecluster
weu-101.forms.office.com
x-officeversion
16.0.18208.42500
x-correlationid
cf94bdf1-b32c-4cd2-934b-bda254da6a1c
light-response-page.chunk.lrp_ext.7f348fd.js
cdn.forms.office.net/forms/scripts/dists/ 		0
114 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.7f348fd.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.06eec3f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

content-md5
d5wTuoHGku2A4ShGbUnC0A==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE30B9E510999
content-encoding
br
expires
Fri, 17 Oct 2025 01:00:46 GMT
date
Thu, 17 Oct 2024 01:00:46 GMT
content-type
application/javascript
last-modified
Wed, 02 Oct 2024 17:57:02 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
0264d857-b01e-0050-58fd-14b6f1000000
access-control-allow-origin
*
content-length
116350
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
light-response-page.chunk.lrp_saveresponse.b869609.js
cdn.forms.office.net/forms/scripts/dists/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.b869609.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.06eec3f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

content-md5
pkvU+KIBpwQeaStrP1WLjA==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE10C1AA4E836
content-encoding
br
expires
Fri, 17 Oct 2025 01:00:46 GMT
date
Thu, 17 Oct 2024 01:00:46 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 04:55:28 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
cc53f408-301e-0068-3afd-12f7a8000000
access-control-allow-origin
*
content-length
9146
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
light-response-page.chunk.lrp_cover.b19a000.js
cdn.forms.office.net/forms/scripts/dists/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.b19a000.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.06eec3f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

content-md5
R3qyYUUy5U/knzsFcVh/nw==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE10C1A9A8980
content-encoding
br
expires
Fri, 17 Oct 2025 01:00:46 GMT
date
Thu, 17 Oct 2024 01:00:46 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 04:55:28 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
9c78c697-701e-004d-4ffd-126f1b000000
access-control-allow-origin
*
content-length
18171
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
light-response-page.chunk.lrp_post.boot.2fa3b45.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.2fa3b45.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.06eec3f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

content-md5
cFXSa3DIN9QhO6KEA8TCkQ==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE10C1AA1B463
content-encoding
br
expires
Fri, 17 Oct 2025 01:00:46 GMT
date
Thu, 17 Oct 2024 01:00:46 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 04:55:28 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
101a9806-601e-003f-50fd-121e25000000
access-control-allow-origin
*
content-length
5095
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
favicon.ico
cdn.forms.office.net/forms/images/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

content-md5
lCXY6TE6aSuz8CLoBV+rgg==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DBCA155B5C5CE5
expires
Fri, 17 Oct 2025 01:00:46 GMT
date
Thu, 17 Oct 2024 01:00:46 GMT
content-type
image/x-icon
last-modified
Wed, 11 Oct 2023 04:48:47 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
671cad38-d01e-0069-3692-fcf655000000
access-control-allow-origin
*
content-length
7886
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
light-response-page.chunk.lrp_ext.7f348fd.js
cdn.forms.office.net/forms/scripts/dists/ 		419 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.7f348fd.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.06eec3f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aaab8186a7773193bace162a5af45f7b1bd471d387e514f781f1fff5a9a8e7e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

content-md5
d5wTuoHGku2A4ShGbUnC0A==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE30B9E510999
content-encoding
br
expires
Fri, 17 Oct 2025 01:00:46 GMT
date
Thu, 17 Oct 2024 01:00:46 GMT
content-type
application/javascript
last-modified
Wed, 02 Oct 2024 17:57:02 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
0264d857-b01e-0050-58fd-14b6f1000000
access-control-allow-origin
*
content-length
116350
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
light-response-page.chunk.lrp_cover.b19a000.js
cdn.forms.office.net/forms/scripts/dists/ 		71 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.b19a000.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.06eec3f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
da468988273c8635a284d3ef8b044d688b2f0a36ad7dd9f24694a7e27ad7bfd2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

content-md5
R3qyYUUy5U/knzsFcVh/nw==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE10C1A9A8980
content-encoding
br
expires
Fri, 17 Oct 2025 01:00:46 GMT
date
Thu, 17 Oct 2024 01:00:46 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 04:55:28 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
9c78c697-701e-004d-4ffd-126f1b000000
access-control-allow-origin
*
content-length
18171
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
light-response-page.chunk.lrp_post.boot.2fa3b45.js
cdn.forms.office.net/forms/scripts/dists/ 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.2fa3b45.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.06eec3f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f0785e9f3222a870cdf1dc6361634de263c8718d9bd5b708763e40a1ad60770

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

content-md5
cFXSa3DIN9QhO6KEA8TCkQ==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE10C1AA1B463
content-encoding
br
expires
Fri, 17 Oct 2025 01:00:46 GMT
date
Thu, 17 Oct 2024 01:00:46 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 04:55:28 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
101a9806-601e-003f-50fd-121e25000000
access-control-allow-origin
*
content-length
5095
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
24527336-2c32-481c-9b41-6f6e84d5d3eb
wus-107.lists.office.com/Images/6b02b077-7dda-4d1d-9779-dcd1747c483c/1a9db9ea-b864-4c99-a4f2-e9142f1ddd66/T2LKQ0EYL1AUZ30ZEBJBGFQOLH/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wus-107.lists.office.com/Images/6b02b077-7dda-4d1d-9779-dcd1747c483c/1a9db9ea-b864-4c99-a4f2-e9142f1ddd66/T2LKQ0EYL1AUZ30ZEBJBGFQOLH/24527336-2c32-481c-9b41-6f6e84d5d3eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1036:2400::93 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3854455cc25fc5a038673475030095eb0eea4911e07b252ad33c7a4931fd8341
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_2
x-routingsessionid
cc3f3fa9-4ec6-40df-bddc-744b47a542c5
x-routingofficeversion
16.0.18211.42525
x-routingcorrelationid
ccf7803d-4838-4fe8-a717-717c4837d38d
x-officecluster
wus-107.lists.office.com
x-routingofficecluster
wus-107.lists.office.com
date
Thu, 17 Oct 2024 01:00:47 GMT
content-type
image/png
x-usersessionid
cc3f3fa9-4ec6-40df-bddc-744b47a542c5
x-officeversion
16.0.18211.42525
x-officefe
CollabDBReverseProxyWithMappingService_IN_2
light-response-page.chunk.1ds.4815435.js
cdn.forms.office.net/forms/scripts/dists/ 		108 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.4815435.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.06eec3f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
32859a35e0c0f3bc47ccaf2a01830bf7a8c41702c026d0b74ff7e50bc7e6cd51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

content-md5
+ueruW0Yc80uaqZIDb8URg==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCCBD98AC5171D
content-encoding
br
expires
Fri, 17 Oct 2025 01:00:47 GMT
date
Thu, 17 Oct 2024 01:00:47 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
09156488-301e-0005-17c9-fd5d86000000
access-control-allow-origin
*
content-length
34419
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
light-response-page.chunk.utel.8311c4a.js
cdn.forms.office.net/forms/scripts/dists/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.8311c4a.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.06eec3f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2c3106b53f6591dcf6b1d876a75861b0b3c74cd7d85e3ffacc59466354e9256f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

content-md5
9yXcpefKCKWA2FsLt/8HDA==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE8E60C42C2E7
content-encoding
br
expires
Fri, 17 Oct 2025 01:00:47 GMT
date
Thu, 17 Oct 2024 01:00:47 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 04:43:12 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
d0616b2e-401e-0067-4ed6-1a1a5e000000
access-control-allow-origin
*
content-length
37357
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=54DA492666984B85B80CD4C174343A33&RedC=c.office.com&MXFR=09C04D17F37A6D5F166D580CF77A662E
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=54DA492666984B85B80CD4C174343A33&MUID=09C04D17F37A6D5F166D580CF77A662E
42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=54DA492666984B85B80CD4C174343A33&MUID=09C04D17F37A6D5F166D580CF77A662E
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"b116c54f951fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Thu, 17 Oct 2024 01:00:47 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 06:33:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=54DA492666984B85B80CD4C174343A33&MUID=09C04D17F37A6D5F166D580CF77A662E
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4BAD651583CE4DD4A46A85749112F4F6 Ref B: DUS30EDGE0915 Ref C: 2024-10-17T01:00:47Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Thu, 17 Oct 2024 01:00:47 GMT
x-powered-by
ASP.NET
'de'
forms.office.com/formapi/api/6b02b077-7dda-4d1d-9779-dcd1747c483c/users/1a9db9ea-b864-4c99-a4f2-e9142f1ddd66/forms('d7ACa9p9HU2XedzRdHxIPOq5nRpkuJlMpPLpFC8d3WZUMkxLUTBFWUwxQVVaMzBaRUJKQkdGUU9MSC4u'... 		2 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/6b02b077-7dda-4d1d-9779-dcd1747c483c/users/1a9db9ea-b864-4c99-a4f2-e9142f1ddd66/forms('d7ACa9p9HU2XedzRdHxIPOq5nRpkuJlMpPLpFC8d3WZUMkxLUTBFWUwxQVVaMzBaRUJKQkdGUU9MSC4u')/localeResource/'de'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.7f348fd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

authorization
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=d7ACa9p9HU2XedzRdHxIPOq5nRpkuJlMpPLpFC8d3WZUMkxLUTBFWUwxQVVaMzBaRUJKQkdGUU9MSC4u
x-ms-form-request-ring
business
__requestverificationtoken
ZlTegIb4RZiqrggjiXMARztHqQA1nKGch_CX5FfpajWrJoF3lEYv0Y59u7fKMxlDqE4JJdVARCp2A2uLFrR_AX5sQLmtojC4Nq37tLIB6dY1
x-ms-form-request-source
ms-formweb
x-usersessionid
09a6c71c-927e-4911-99cc-c2fc9a0a408d
odata-maxverion
4.0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
content-type
application/json
odata-version
4.0
x-correlationid
8285d1e1-5275-4f21-9a5b-7431df44c11d

Response headers

x-officefe
FormsSingleBox_IN_11
x-robots-tag
noindex, nofollow
content-encoding
gzip
x-routingsessionid
09a6c71c-927e-4911-99cc-c2fc9a0a408d
x-routingcorrelationid
8285d1e1-5275-4f21-9a5b-7431df44c11d
x-usersessionid
09a6c71c-927e-4911-99cc-c2fc9a0a408d
x-cache
CONFIG_NOCACHE
date
Thu, 17 Oct 2024 01:00:47 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
x-msedge-ref
Ref A: 1535F28F1E20411E80F70B16B699BE31 Ref B: AMS231032601027 Ref C: 2024-10-17T01:00:47Z
x-routingofficefe
FormsSingleBox_IN_4
x-routingofficeversion
16.0.18208.42500
x-officecluster
weu-101.forms.office.com
x-routingofficecluster
weu-101.forms.office.com
x-officeversion
16.0.18208.42500
x-correlationid
8285d1e1-5275-4f21-9a5b-7431df44c11d
light-response-page.chunk.sw.9c1bfed.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.9c1bfed.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.06eec3f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
600c36c9e419e1410a833b42d3257cfc535395253a8dd9f63d6a6ab1adeb366c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

content-md5
bIixx/w/Oru7kk1yyiFASw==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCCBD98AD6A0B7
content-encoding
br
expires
Fri, 17 Oct 2025 01:00:47 GMT
date
Thu, 17 Oct 2024 01:00:47 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 05:30:37 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
5a89eb36-a01e-0066-54c6-fd1ba3000000
access-control-allow-origin
*
content-length
572
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
microsoft365logo_v1.png
cdn.forms.office.net/forms/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/microsoft365logo_v1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://forms.office.com/

Response headers

content-md5
MRJ0yMnGbolPWvpR+s1yzQ==
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCA0191092DB07
expires
Fri, 17 Oct 2025 01:00:47 GMT
date
Thu, 17 Oct 2024 01:00:47 GMT
content-type
image/png
last-modified
Tue, 09 Jul 2024 13:14:29 GMT
cache-control
max-age=31536000
timing-allow-origin
*
x-ms-request-id
28d5b342-f01e-0018-8077-d2846c000000
access-control-allow-origin
*
content-length
5895
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		25 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.4815435.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.44.10.123 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

cache-control
no-cache, no-store
Referer
https://forms.office.com/
Client-Id
NO_AUTH
upload-time
1729126848256
time-delta-to-apply-millis
use-collector-delta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/x-json-stream
client-version
1DS-Web-JS-3.2.15
apikey
4e990506778b4d9cbf05300e98315eed-682648e1-a406-45c4-9d5b-709b9899d662-7161

Response headers

strict-transport-security
max-age=31536000
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-origin
https://forms.office.com
content-length
25
date
Thu, 17 Oct 2024 01:00:49 GMT
content-type
application/json
server
Microsoft-HTTPAPI/2.0
time-delta-millis
1307
access-control-allow-headers
time-delta-millis
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.44.10.123 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Thu, 17 Oct 2024 01:00:48 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		154 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.4815435.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.44.10.123 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
cfe5fadb85e42edbef913fa2ec6a4a7d4946a554691de406369443559347612e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

cache-control
no-cache, no-store
Referer
https://forms.office.com/
Client-Id
NO_AUTH
upload-time
1729126849746
time-delta-to-apply-millis
use-collector-delta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/x-json-stream
client-version
1DS-Web-JS-3.2.15
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092

Response headers

strict-transport-security
max-age=31536000
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-origin
https://forms.office.com
content-length
154
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
date
Thu, 17 Oct 2024 01:00:49 GMT
content-type
application/json
server
Microsoft-HTTPAPI/2.0
time-delta-millis
411
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.44.10.123 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Thu, 17 Oct 2024 01:00:49 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_c3d1d8ca9cfb419112b9 object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl

11 Cookies

Domain/Path Name / Value
forms.office.com/ Name: FormsWebSessionId
Value: 2a74ed31-05bb-46e9-9f18-e809823c4c9b
forms.office.com/ Name: __RequestVerificationToken
Value: FkIApD9G_eEcvMw-A_cZwd0pbYLFsFz5IczKvO6fFN224GwwHha0IvHehONQYwab7v7_rqkPfrUzWjogzyHQlwxFjQ4wsKJYacFrmVGSBe01
.office.com/ Name: MUID
Value: 09C04D17F37A6D5F166D580CF77A662E
.bing.com/ Name: MUID
Value: 09C04D17F37A6D5F166D580CF77A662E
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 09C04D17F37A6D5F166D580CF77A662E
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=98453661c83342498a6e1862ee2a640c&HASH=9845&LV=202410&V=4&LU=1729126850157
.microsoft.com/ Name: MS0
Value: 74d9e2caacaf43648615296bb194c5a0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none';script-src 'nonce-793bbc4b-17d9-4e45-b427-601374c4431a' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
wus-107.lists.office.com
13.74.129.1
20.44.10.123
2603:1036:2400::93
2620:1ec:a92::194
2620:1ec:c11::237
2a02:26f0:4700::210:2c0
2c3106b53f6591dcf6b1d876a75861b0b3c74cd7d85e3ffacc59466354e9256f
2db4feafa0531f1511d13dd5af03afcd0d8acb7cd1166545b4ab16e3002021b4
32859a35e0c0f3bc47ccaf2a01830bf7a8c41702c026d0b74ff7e50bc7e6cd51
37d099733e4901725976e46366372584c0bb88ea5b32d288bab5f996736725c4
3854455cc25fc5a038673475030095eb0eea4911e07b252ad33c7a4931fd8341
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5f0785e9f3222a870cdf1dc6361634de263c8718d9bd5b708763e40a1ad60770
600c36c9e419e1410a833b42d3257cfc535395253a8dd9f63d6a6ab1adeb366c
9724fabb1a69ecb8fd88eda431d63665a379549699d1157ba396e1b94ac542d4
985dafdaf1f37a6ce2c573d631d0def73c36d5d8737e50ee2085a1e51c4e843f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aaab8186a7773193bace162a5af45f7b1bd471d387e514f781f1fff5a9a8e7e8
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
cfe5fadb85e42edbef913fa2ec6a4a7d4946a554691de406369443559347612e
d2030540b8570e7719c0a937c4ebd0a892591b038dc3f0ddeeb7f9365de19e9d
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
da468988273c8635a284d3ef8b044d688b2f0a36ad7dd9f24694a7e27ad7bfd2
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1