urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
13.107.6.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://newyear.phsd.se/
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaO...
Submission Tags: phishingrod
Submission: On June 23 via api from DE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 30 HTTP transactions. The main IP is 13.107.6.194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 2034.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 04 on April 1st 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 91.201.60.108 44136 (ASODERLAND)
3 13.107.6.194 8068 (MICROSOFT...)
20 104.91.166.98 20940 (AKAMAI-ASN1)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 13.107.21.237 8068 (MICROSOFT...)
4 20.50.73.13 8075 (MICROSOFT...)
30 6
3    91.201.60.108 (Sweden)

ASN44136 (ASODERLAND, SE)
PTR: server11.serverdrift.com
newyear.phsd.se
3    13.107.6.194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
20    104.91.166.98 (Chicago, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-91-166-98.deploy.static.akamaitechnologies.com
cdn.forms.office.net
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    13.107.21.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    20.50.73.13 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eu-mobile.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
20 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 9296
480 KB
5 office.com
forms.office.com — Cisco Umbrella Rank: 2034
c.office.com — Cisco Umbrella Rank: 22789
23 KB
4 microsoft.com
eu-mobile.events.data.microsoft.com — Cisco Umbrella Rank: 569
868 B
3 phsd.se
newyear.phsd.se
2 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 224
765 B
30 5
Domain Requested by
20 cdn.forms.office.net forms.office.com
cdn.forms.office.net
4 eu-mobile.events.data.microsoft.com cdn.forms.office.net
3 forms.office.com forms.office.com
cdn.forms.office.net
3 newyear.phsd.se 2 redirects
2 c.office.com 1 redirects
1 c.bing.com 1 redirects
30 6

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
newyear.phsd.se
cPanel, Inc. Certification Authority		 2024-04-08 -
2024-07-07		 3 months crt.sh
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 04		 2024-04-01 -
2025-03-27		 a year crt.sh
cdn.forms.office.net
Microsoft Azure ECC TLS Issuing CA 03		 2024-04-16 -
2025-04-11		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-03-30 -
2025-03-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u
Frame ID: E27C48544A4B0C46EA4A0F19762A8ED2
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nyårsfirande!

Page URL History Show full URLs

  1. https://newyear.phsd.se/ Page URL
  2. https://newyear.phsd.se/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=17574638 HTTP 302
    https://newyear.phsd.se/ HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVV... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

30
Requests

93 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

505 kB
Transfer

1364 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://newyear.phsd.se/ Page URL
  2. https://newyear.phsd.se/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=17574638 HTTP 302
    https://newyear.phsd.se/ HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E47CAC5D1FC1400FB0FE08FB2F9D99B3&RedC=c.office.com&MXFR=398A46F5A7ED6CB31D2A5252A3ED678C HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=E47CAC5D1FC1400FB0FE08FB2F9D99B3&MUID=398A46F5A7ED6CB31D2A5252A3ED678C

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
newyear.phsd.se/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newyear.phsd.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.108 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
server11.serverdrift.com
Software
imunify360-webshield/1.21 /
Resource Hash
d5978dd42d71b946558d056182d0d49bc881ca3360d192a64347febd319e1544

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0 no-store, max-age=0
content-length
1519
content-type
text/html
date
Sun, 23 Jun 2024 01:46:15 GMT
server
imunify360-webshield/1.21
Primary Request ResponsePage.aspx
forms.office.com/Pages/
Redirect Chain
  • https://newyear.phsd.se/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=17574638
  • https://newyear.phsd.se/
  • https://forms.office.com/Pages/ResponsePage.aspx?id=dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u
65 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
55e39b5cbb48f5220148c380b93eb5d6e728d096290ac3679e995803a65047a7
Security Headers
Name Value
Content-Security-Policy object-src 'none';script-src 'nonce-889250a6-0682-4a2b-8f5d-ccba010c90dd' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Referer
https://newyear.phsd.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
object-src 'none';script-src 'nonce-889250a6-0682-4a2b-8f5d-ccba010c90dd' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
content-type
text/html; charset=utf-8
date
Sun, 23 Jun 2024 01:46:15 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
report-to
{ "group": "endpoint-1", "max_age": 108864000, "endpoints": [ { "url": "https://csp.microsoft.com/report/Forms-PROD" }] }
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
c3580023-f3af-4067-bc58-1e27733c3afa
x-msedge-ref
Ref A: 69E6B54142084995BBF6E000F0820FB5 Ref B: HEL01EDGE1815 Ref C: 2024-06-23T01:46:15Z
x-officecluster
frc-101.forms.office.com
x-officefe
FormsSingleBox_IN_6
x-officeversion
16.0.17817.42053
x-robots-tag
noindex, nofollow
x-routingcorrelationid
c3580023-f3af-4067-bc58-1e27733c3afa
x-routingofficecluster
frc-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_0
x-routingofficeversion
16.0.17817.42053
x-routingsessionid
e5a4c772-0c7e-41f6-b7bf-1e1865922717
x-usersessionid
e5a4c772-0c7e-41f6-b7bf-1e1865922717

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
795
content-type
text/html
date
Sun, 23 Jun 2024 01:46:15 GMT
location
https://forms.office.com/Pages/ResponsePage.aspx?id=dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u
server
imunify360-webshield/1.21
x-turbo-charged-by
LiteSpeed
ls-response.en-us.5398b21a4.js
cdn.forms.office.net/forms/scripts/dists/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.en-us.5398b21a4.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
339ef62ad68ccedd92d290015c34734529282069195aaccf556499fd771290fb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:16 GMT
content-encoding
br
content-md5
bgCH3N+L/UUtw1RU00z99Q==
content-length
10952
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DCD657C0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ec5f95f9-701e-0046-330f-c2776f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:16 GMT
dll-dompurify.min.bcf1a85.js
cdn.forms.office.net/forms/scripts/dists/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.bcf1a85.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:16 GMT
content-encoding
br
content-md5
3nKtWQ895+qkc91KKpgmGw==
content-length
11487
x-ms-lease-status
unlocked
last-modified
Sun, 18 Feb 2024 04:45:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC303C76BCD96B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
20e9ed4a-601e-001d-7a2a-627013000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:16 GMT
light-response-page.min.473fd26.js
cdn.forms.office.net/forms/scripts/dists/ 		480 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bcd4583432ee83d5ab84cad185abe7b8de924928602698c5c78909bd01ad0321

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:16 GMT
content-encoding
br
content-md5
z4ma10EG7HbqZYMnAiMRAw==
content-length
129593
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DA2BC3DF
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9505e303-e01e-0025-660f-c2314a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:16 GMT
runtimeFormsWithResponses('dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u')
forms.office.com/formapi/api/e32e9176-bbd0-4b4f-9a1f-9ad203a5d0c9/users/55ced685-9afb-4ff7-a02d-502f49dc4875/light/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/e32e9176-bbd0-4b4f-9a1f-9ad203a5d0c9/users/55ced685-9afb-4ff7-a02d-502f49dc4875/light/runtimeFormsWithResponses('dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5609eae2d3428729926cb76c0d8d050c7400c165705baf10d04a4d04e4175c48
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-UserSessionId
e5a4c772-0c7e-41f6-b7bf-1e1865922717
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u
__RequestVerificationToken
5rbIoCcM6AD0l19azVm_eIiVGE1KNv49KLeYDei8LuQTFkiQk70ReAUyog6VSMmyxEmkbDcZKFZ7TNTQ8mk7cjxstUW-h0tI2yG-37g_CEo1
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Sun, 23 Jun 2024 01:46:17 GMT
x-officeversion
16.0.17817.42053
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_7
x-routingofficeversion
16.0.17817.42053
x-correlationid
158282d2-de4d-4d66-adf4-a1a03b7b33bf
x-officecluster
neu-101.forms.office.com
x-usersessionid
e5a4c772-0c7e-41f6-b7bf-1e1865922717
x-msedge-ref
Ref A: DEC1C28C750E4D2CAEBFE2C96308DE2C Ref B: HEL01EDGE1815 Ref C: 2024-06-23T01:46:15Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
158282d2-de4d-4d66-adf4-a1a03b7b33bf
x-routingsessionid
e5a4c772-0c7e-41f6-b7bf-1e1865922717
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-101.forms.office.com
ls-response.default.5398b21a4.js
cdn.forms.office.net/forms/scripts/dists/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.default.5398b21a4.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dd61ec5347b64a85d600582e0ff5ad66ef5562fb50c1371a69d5b9093145f47a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:16 GMT
content-encoding
br
content-md5
PFRpCYXmPXH6iGmp4BaVsQ==
content-length
10964
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DCD371F7
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2f41b0dd-d01e-0062-2711-c2ee21000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:16 GMT
light-response-page.chunk.lrp_ext.bbc6b1e.js
cdn.forms.office.net/forms/scripts/dists/ 		0
109 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.bbc6b1e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:16 GMT
content-encoding
br
content-md5
dXKQCP7q9sZK3tGJZglc1Q==
content-length
111026
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DA155923
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ae71ebb1-201e-0033-4e0f-c2f0d4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:16 GMT
light-response-page.chunk.lrp_saveresponse.170f32d.js
cdn.forms.office.net/forms/scripts/dists/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.170f32d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:16 GMT
content-encoding
br
content-md5
85KBVFJ6IcUxB732h+Q44Q==
content-length
9313
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DA1DBC45
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8599cb4d-801e-0035-6c0f-c207ac000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:16 GMT
light-response-page.chunk.lrp_groupnote.16442e6.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_groupnote.16442e6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:16 GMT
content-encoding
br
content-md5
DnxuXOVkPBwKgNdnXo06Gg==
content-length
1628
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DA166A5E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5f4cc4ef-601e-0034-100f-c20651000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:16 GMT
light-response-page.chunk.lrp_cover.62ed4fc.js
cdn.forms.office.net/forms/scripts/dists/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.62ed4fc.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:16 GMT
content-encoding
br
content-md5
HLimvJ60sDwnZgyXs8X7mQ==
content-length
17935
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DA11D730
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ac3098af-201e-005e-770f-c25afa000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:16 GMT
light-response-page.chunk.lrp_post.boot.7518025.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.7518025.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:16 GMT
content-encoding
br
content-md5
u8kC2/itEPDCCG2X8lDuBw==
content-length
5076
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DA1D4722
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e32b5993-001e-0024-560f-c230b7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:16 GMT
favicon.ico
cdn.forms.office.net/forms/images/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:17 GMT
content-md5
lCXY6TE6aSuz8CLoBV+rgg==
content-length
7886
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jun 2022 13:29:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA4F9C346AF865
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
854f75cb-f01e-005c-5bef-815800000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:17 GMT
light-response-page.chunk.lrp_ext.bbc6b1e.js
cdn.forms.office.net/forms/scripts/dists/ 		393 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.bbc6b1e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a9bd836275d04c005507aa10d9ddc720e79a4e90005e376fbeb87aa2e4e49f42

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:16 GMT
content-encoding
br
content-md5
dXKQCP7q9sZK3tGJZglc1Q==
content-length
111026
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DA155923
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ae71ebb1-201e-0033-4e0f-c2f0d4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:16 GMT
light-response-page.chunk.lrp_saveresponse.170f32d.js
cdn.forms.office.net/forms/scripts/dists/ 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.170f32d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
53025f540e3a642fe4b1b5c522950fbbe9f03d7edb26195f6fb4c2591b268791

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:16 GMT
content-encoding
br
content-md5
85KBVFJ6IcUxB732h+Q44Q==
content-length
9313
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DA1DBC45
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8599cb4d-801e-0035-6c0f-c207ac000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:16 GMT
light-response-page.chunk.lrp_copilot.572d778.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_copilot.572d778.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1b8941021aa91e6d4b1bef8e25f25beee66fe610c100f453b0226636b49e3a1c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:17 GMT
content-encoding
br
content-md5
XzWhdyYzDJSf/Pig6yd0jA==
content-length
528
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DA11B027
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
62ddb4bd-101e-0019-5f0f-c28591000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:17 GMT
light-response-page.chunk.lrp_post.boot.7518025.js
cdn.forms.office.net/forms/scripts/dists/ 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.7518025.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
686dce58ea7011eea35bf4ed95a6232f05f7e1dce0b1a28b5f6f1057a2411a86

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:16 GMT
content-encoding
br
content-md5
u8kC2/itEPDCCG2X8lDuBw==
content-length
5076
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DA1D4722
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e32b5993-001e-0024-560f-c230b7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:16 GMT
wave-pattern-v1.svg
cdn.forms.office.net/forms/images/aio/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/aio/wave-pattern-v1.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:17 GMT
content-md5
3xzT8tqu5fYpwQ+8YJysNQ==
content-length
1795
x-ms-lease-status
unlocked
last-modified
Fri, 23 Dec 2022 04:36:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE49F429D278D
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
4b472dea-301e-002c-44e3-182bc4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:17 GMT
light-response-page.chunk.sw.a6ac500.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.a6ac500.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:17 GMT
content-encoding
br
content-md5
nY8PCaNNXKMbNv65yICtKg==
content-length
585
x-ms-lease-status
unlocked
last-modified
Wed, 06 Mar 2024 05:29:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC3D9E71C8E737
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
73f5f843-701e-004d-678b-6f6f1b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:17 GMT
microsoft365logo_v1.png
cdn.forms.office.net/forms/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/microsoft365logo_v1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:17 GMT
content-md5
MRJ0yMnGbolPWvpR+s1yzQ==
content-length
5895
x-ms-lease-status
unlocked
last-modified
Thu, 17 Aug 2023 05:32:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB9EE3626888F3
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
678491da-801e-003e-29e3-d01fd8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:17 GMT
light-response-page.chunk.officebrowserfeedback.13610cf.js
cdn.forms.office.net/forms/scripts/dists/ 		0
117 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.officebrowserfeedback.13610cf.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:17 GMT
content-encoding
br
content-md5
LCUtKygaCWgl/XSyIGXimA==
content-length
119808
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DA22C48F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2f392de3-d01e-0062-2c0f-c2ee21000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:17 GMT
light-response-page.chunk.1ds.a8079b3.js
cdn.forms.office.net/forms/scripts/dists/ 		108 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:17 GMT
content-encoding
br
content-md5
K1wotL4HRbGauz+Vu/VA/w==
content-length
34470
x-ms-lease-status
unlocked
last-modified
Wed, 21 Feb 2024 05:49:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC32A0EE652AE0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
aa398a5c-101e-0030-5f8c-64f3d3000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:17 GMT
light-response-page.chunk.utel.ff9eaa5.js
cdn.forms.office.net/forms/scripts/dists/ 		35 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.ff9eaa5.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.166.98 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-91-166-98.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2034c639a38f3180ef0c6ed04db7a9c21b8e377dd25c0910c7c53eaf7dfcbc22

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:17 GMT
content-encoding
br
content-md5
Xmtkt1GYABEJdehZSInxMg==
content-length
5762
x-ms-lease-status
unlocked
last-modified
Wed, 19 Jun 2024 05:44:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9022DA255C53
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e9f5819a-301e-0063-500f-c2efdc000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:17 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E47CAC5D1FC1400FB0FE08FB2F9D99B3&RedC=c.office.com&MXFR=398A46F5A7ED6CB31D2A5252A3ED678C
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=E47CAC5D1FC1400FB0FE08FB2F9D99B3&MUID=398A46F5A7ED6CB31D2A5252A3ED678C
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=E47CAC5D1FC1400FB0FE08FB2F9D99B3&MUID=398A46F5A7ED6CB31D2A5252A3ED678C
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jun 2024 01:46:17 GMT
last-modified
Wed, 19 Jun 2024 18:40:50 GMT
server
Microsoft-IIS/10.0
etag
"2c9f213578c2da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 23 Jun 2024 01:46:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 824EEDCEAA724F2F82A64B239C6B4691 Ref B: STOEDGE1021 Ref C: 2024-06-23T01:46:17Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=E47CAC5D1FC1400FB0FE08FB2F9D99B3&MUID=398A46F5A7ED6CB31D2A5252A3ED678C
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
'se-se'
forms.office.com/formapi/api/e32e9176-bbd0-4b4f-9a1f-9ad203a5d0c9/users/55ced685-9afb-4ff7-a02d-502f49dc4875/forms('dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u'... 		2 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/e32e9176-bbd0-4b4f-9a1f-9ad203a5d0c9/users/55ced685-9afb-4ff7-a02d-502f49dc4875/forms('dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u')/localeResource/'se-se'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.bbc6b1e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-ms-form-request-ring
business
Accept-Language
se-SE,se;q=0.9;q=0.9
authorization
odata-maxverion
4.0
sec-ch-ua-platform
"Win32"
odata-version
4.0
x-correlationid
a314c73c-d307-46f2-89ad-17c3da971eb3
x-usersessionid
e5a4c772-0c7e-41f6-b7bf-1e1865922717
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=dpEu49C7T0uaH5rSA6XQyYXWzlX7mvdPoC1QL0ncSHVUNVVVVllFRERWWDgxV0EzQ0VaOURUTkdVNC4u
x-ms-form-request-source
ms-formweb
__requestverificationtoken
5rbIoCcM6AD0l19azVm_eIiVGE1KNv49KLeYDei8LuQTFkiQk70ReAUyog6VSMmyxEmkbDcZKFZ7TNTQ8mk7cjxstUW-h0tI2yG-37g_CEo1

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Sun, 23 Jun 2024 01:46:17 GMT
x-officeversion
16.0.17817.42053
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_8
x-routingofficeversion
16.0.17817.42053
x-correlationid
a314c73c-d307-46f2-89ad-17c3da971eb3
x-officecluster
neu-101.forms.office.com
x-usersessionid
e5a4c772-0c7e-41f6-b7bf-1e1865922717
x-msedge-ref
Ref A: CF3BAA3287454A1A8A5789EBFCC751ED Ref B: HEL01EDGE1815 Ref C: 2024-06-23T01:46:17Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
a314c73c-d307-46f2-89ad-17c3da971eb3
x-routingsessionid
e5a4c772-0c7e-41f6-b7bf-1e1865922717
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-101.forms.office.com
light-response-page.chunk.utel_1ds.6255456.js
cdn.forms.office.net/forms/scripts/dists/ 		99 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel_1ds.6255456.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.473fd26.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
78537cee7626c092bbb0abe5749c3d07fc0c03fddb3ecf770ebfda6eae395bd6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://forms.office.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 23 Jun 2024 01:46:18 GMT
content-encoding
br
content-md5
EO723CQ0MXpl1OFns7fc9w==
content-length
31766
x-ms-lease-status
unlocked
last-modified
Tue, 11 Jun 2024 04:59:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC89D354587D29
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b0b40919-001e-0049-75c0-bb9a99000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 23 Jun 2025 01:46:18 GMT
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		25 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.73.13 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
upload-time
1719107178792
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
4e990506778b4d9cbf05300e98315eed-682648e1-a406-45c4-9d5b-709b9899d662-7161
Client-Id
NO_AUTH
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Jun 2024 01:46:18 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
594
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
25
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.73.13 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Sun, 23 Jun 2024 01:46:18 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		154 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.73.13 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
f20a89cd2df92bad90d555335b6d0a2af5cb894ca8655a55f054d7b147cc87e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
upload-time
1719107180122
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Jun 2024 01:46:19 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
94
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
154
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.73.13 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Sun, 23 Jun 2024 01:46:19 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_e7d452d73246f470bc6d object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl

12 Cookies

Domain/Path Name / Value
.newyear.phsd.se/ Name: wssplashuid
Value: a069128f010daee5c64c8482db63c48663973b11.1719110775.1
forms.office.com/ Name: FormsWebSessionId
Value: dde06b13-8082-4c95-bef8-48ce356c382b
forms.office.com/ Name: __RequestVerificationToken
Value: a6PI_6AE7G3bWU6kGO3VcrwXvXfIlzr-Q5XC_2klQCf4e20IPccY1daphIEmzE8aJtAnNupvv-rS-e1d2bFoW52DAgI0B56Ma3Dq56c-VL41
.office.com/ Name: MUID
Value: 398A46F5A7ED6CB31D2A5252A3ED678C
.bing.com/ Name: MUID
Value: 398A46F5A7ED6CB31D2A5252A3ED678C
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 398A46F5A7ED6CB31D2A5252A3ED678C
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=2aa013b049fe43e28f337ca120f594f0&HASH=2aa0&LV=202406&V=4&LU=1719107180216
.microsoft.com/ Name: MS0
Value: 60a0ddcbe1734c46beae3e8c2c152430

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.office.com
cdn.forms.office.net
eu-mobile.events.data.microsoft.com
forms.office.com
newyear.phsd.se
104.91.166.98
13.107.21.237
13.107.6.194
20.50.73.13
68.219.88.97
91.201.60.108
1b8941021aa91e6d4b1bef8e25f25beee66fe610c100f453b0226636b49e3a1c
2034c639a38f3180ef0c6ed04db7a9c21b8e377dd25c0910c7c53eaf7dfcbc22
339ef62ad68ccedd92d290015c34734529282069195aaccf556499fd771290fb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53025f540e3a642fe4b1b5c522950fbbe9f03d7edb26195f6fb4c2591b268791
55e39b5cbb48f5220148c380b93eb5d6e728d096290ac3679e995803a65047a7
5609eae2d3428729926cb76c0d8d050c7400c165705baf10d04a4d04e4175c48
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca
686dce58ea7011eea35bf4ed95a6232f05f7e1dce0b1a28b5f6f1057a2411a86
78537cee7626c092bbb0abe5749c3d07fc0c03fddb3ecf770ebfda6eae395bd6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a9bd836275d04c005507aa10d9ddc720e79a4e90005e376fbeb87aa2e4e49f42
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
bcd4583432ee83d5ab84cad185abe7b8de924928602698c5c78909bd01ad0321
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
d2ba9a155caea1fdd384effe29553a83493620e6e5b0aa4bbdfdb325a4659f6e
d5978dd42d71b946558d056182d0d49bc881ca3360d192a64347febd319e1544
dd61ec5347b64a85d600582e0ff5ad66ef5562fb50c1371a69d5b9093145f47a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7
f20a89cd2df92bad90d555335b6d0a2af5cb894ca8655a55f054d7b147cc87e7
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1