urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://anmeldung-ma.fun-zone.de/
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXR...
Submission: On August 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 5 domains to perform 35 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 4283.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on June 30th 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.40.76.132 24940 (HETZNER-AS)
3 2620:1ec:a92:... 8068 (MICROSOFT...)
24 2a02:26f0:f3:... 20940 (AKAMAI-ASN1)
2 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2603:1026:240... 8075 (MICROSOFT...)
4 20.50.80.210 8075 (MICROSOFT...)
35 6
1    188.40.76.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: alpha.zone-group.de
anmeldung-ma.fun-zone.de
3    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
24    2a02:26f0:f3::5043:52e2 (Zurich, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
2    2a02:26f0:7100::687e:241b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
res-1.cdn.office.net
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2603:1026:2405:1::66 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
4    20.50.80.210 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eu-mobile.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
26 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 20242
res-1.cdn.office.net — Cisco Umbrella Rank: 606
5 MB
6 office.com
forms.office.com — Cisco Umbrella Rank: 4283
c.office.com — Cisco Umbrella Rank: 45451
lists.office.com — Cisco Umbrella Rank: 34639
128 KB
4 microsoft.com
eu-mobile.events.data.microsoft.com — Cisco Umbrella Rank: 625
870 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
772 B
1 fun-zone.de
anmeldung-ma.fun-zone.de
643 B
35 5
Domain Requested by
24 cdn.forms.office.net forms.office.com
cdn.forms.office.net
4 eu-mobile.events.data.microsoft.com cdn.forms.office.net
3 forms.office.com forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects forms.office.com
2 res-1.cdn.office.net forms.office.com
1 lists.office.com forms.office.com
1 c.bing.com 1 redirects
1 anmeldung-ma.fun-zone.de 1 redirects
35 8

This site contains links to these domains. Also see Links.

Domain
laserfun.sharepoint.com
timebutler.de
go.microsoft.com
Subject Issuer Validity Valid
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 07		 2024-06-30 -
2025-06-25		 a year crt.sh
cdn.forms.office.net
Microsoft Azure ECC TLS Issuing CA 07		 2024-07-19 -
2025-07-14		 a year crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2024-02-20 -
2025-02-20		 a year crt.sh
lists.office.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-07-31 -
2025-07-26		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-03-30 -
2025-03-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Frame ID: 3679287A462BE4E9F808A4C11024D8D6
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Deine Anmeldung zur Tätigkeit in der FunZone (Seite 1 von 8)

Page URL History Show full URLs

  1. https://anmeldung-ma.fun-zone.de/ HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyN... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

35
Requests

97 %
HTTPS

63 %
IPv6

5
Domains

8
Subdomains

6
IPs

5
Countries

5600 kB
Transfer

6718 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://anmeldung-ma.fun-zone.de/ HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1671F491B2534D5E95195334AD50820C&RedC=c.office.com&MXFR=1FA372F1C9506FBA3F6D662BCD5064E8 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=1671F491B2534D5E95195334AD50820C&MUID=1FA372F1C9506FBA3F6D662BCD5064E8

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/
Redirect Chain
  • https://anmeldung-ma.fun-zone.de/
  • https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
63 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1a5262d6ee43dc82590286c9c6e1b2e418a7cac45e3930afd4988b42a5f5862
Security Headers
Name Value
Content-Security-Policy object-src 'none';script-src 'nonce-9f9f9a7e-2b56-491b-9692-dcd229c7a0de' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
object-src 'none';script-src 'nonce-9f9f9a7e-2b56-491b-9692-dcd229c7a0de' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 14:34:31 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
report-to
{ "group": "endpoint-1", "max_age": 108864000, "endpoints": [ { "url": "https://csp.microsoft.com/report/Forms-PROD" }] }
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
cb5feebb-fe09-4b53-9451-e9b96007cea6
x-msedge-ref
Ref A: 152A4BDBCCB84DFD8044AA84E3B88881 Ref B: AMS231032605025 Ref C: 2024-08-13T14:34:32Z
x-officecluster
weu-100.forms.office.com
x-officefe
FormsSingleBox_IN_10
x-officeversion
16.0.18008.42052
x-robots-tag
noindex, nofollow
x-routingcorrelationid
cb5feebb-fe09-4b53-9451-e9b96007cea6
x-routingofficecluster
weu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_7
x-routingofficeversion
16.0.18001.42053
x-routingsessionid
e7cdbd05-6161-4b5f-b394-fa8fc4626570
x-usersessionid
e7cdbd05-6161-4b5f-b394-fa8fc4626570

Redirect headers

content-length
423
content-type
text/html; charset=iso-8859-1
date
Tue, 13 Aug 2024 14:34:32 GMT
location
https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
server
nginx
x-powered-by
PleskLin
ls-response.de.a6896f307.js
cdn.forms.office.net/forms/scripts/dists/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.a6896f307.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
17f6004d54c7fb514c01a0b6b46feff94430e22aa8daae6e27ed3d8b382c9d57

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
MpgwuKBbiL7BYs8G31t8cQ==
content-length
13185
x-ms-lease-status
unlocked
last-modified
Fri, 02 Aug 2024 05:42:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCB2B5EAAD6063
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9e501ad6-501e-0073-4fa6-e4d93a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
dll-dompurify.min.bcf1a85.js
cdn.forms.office.net/forms/scripts/dists/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.bcf1a85.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
3nKtWQ895+qkc91KKpgmGw==
content-length
11487
x-ms-lease-status
unlocked
last-modified
Sun, 18 Feb 2024 04:45:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC303C76BCD96B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f57797fb-801e-0058-332d-62ad82000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
light-response-page.min.fdf8ba5.js
cdn.forms.office.net/forms/scripts/dists/ 		482 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0633fd70c99631e8aab982fda65e160c805f8e14a5e74128d806eafe3356c261

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
gNlaoSRzV9vFKO4GwIKCvQ==
content-length
130296
x-ms-lease-status
unlocked
last-modified
Wed, 07 Aug 2024 05:16:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCB6A00C2F7CCA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9428900c-401e-0023-3f92-e8c632000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
runtimeFormsWithResponses('ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu')
forms.office.com/formapi/api/ec93c69d-f19d-4285-a843-153b63331541/groups/750b1703-8dd8-4b81-8019-fc1df194e5d7/light/ 		52 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/ec93c69d-f19d-4285-a843-153b63331541/groups/750b1703-8dd8-4b81-8019-fc1df194e5d7/light/runtimeFormsWithResponses('ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c650502e43d07feb0b22a8bf381590d7e10569ecfe2536f1011c9a3ea56a8775
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
X-UserSessionId
e7cdbd05-6161-4b5f-b394-fa8fc4626570
__RequestVerificationToken
zGGfIvmomRO8U0KpaNgEwrjyE_zxjqrM8h2kz1rKgbA9vf9GP1IahdauXqRgDPzrQrVT3hvjctGUkLUI6FWAnwFrpTCHOBHXB2GwsyMv7eQ1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Tue, 13 Aug 2024 14:34:32 GMT
x-officeversion
16.0.18001.42053
x-officefe
FormsSingleBox_IN_12
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_3
x-routingofficeversion
16.0.18001.42053
x-correlationid
a3e54b27-2366-478f-ad41-53e77acee0d6
x-officecluster
neu-100.forms.office.com
x-usersessionid
e7cdbd05-6161-4b5f-b394-fa8fc4626570
x-msedge-ref
Ref A: 97B239672A324283905EC8BCF924B597 Ref B: AMS231032605025 Ref C: 2024-08-13T14:34:32Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
a3e54b27-2366-478f-ad41-53e77acee0d6
x-routingsessionid
e7cdbd05-6161-4b5f-b394-fa8fc4626570
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com
light-response-page.chunk.lrp_ext.e38356c.js
cdn.forms.office.net/forms/scripts/dists/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.e38356c.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
GgL24TJiGP163wigSpwi+A==
content-length
107436
x-ms-lease-status
unlocked
last-modified
Tue, 06 Aug 2024 05:08:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCB5D5E04C065A
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8220415d-a01e-0066-27c3-e71ba3000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
light-response-page.chunk.lrp_saveresponse.2dfb698.js
cdn.forms.office.net/forms/scripts/dists/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.2dfb698.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
HOtsupVY/tY9k8ZrESpZpg==
content-length
9278
x-ms-lease-status
unlocked
last-modified
Tue, 06 Aug 2024 05:08:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCB5D5E05246F6
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9bd6815f-101e-0074-35c3-e72fbf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
light-response-page.chunk.lrp_groupnote.253a182.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_groupnote.253a182.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
ndZU+CRzeJr++T3qaukPzA==
content-length
1610
x-ms-lease-status
unlocked
last-modified
Mon, 05 Aug 2024 12:02:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCB5466EBB0ED2
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
60004d4d-c01e-0039-0397-e7e95d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
light-response-page.chunk.lrp_cover.f95a723.js
cdn.forms.office.net/forms/scripts/dists/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.f95a723.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
Pt958FqH4y+fmE+5TIzDcg==
content-length
18085
x-ms-lease-status
unlocked
last-modified
Mon, 05 Aug 2024 12:02:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCB5466EB9D684
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1a542798-101e-0012-5897-e79de5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
light-response-page.chunk.lrp_post.boot.157d98e.js
cdn.forms.office.net/forms/scripts/dists/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.157d98e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
HApUHsfj3tigI7akOEbUrw==
content-length
5105
x-ms-lease-status
unlocked
last-modified
Fri, 02 Aug 2024 05:42:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCB2B5E8273A35
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
be8e1871-e01e-006a-17a4-e4f552000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
light-response-page.chunk.lrp_ext.e38356c.js
cdn.forms.office.net/forms/scripts/dists/ 		377 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.e38356c.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b2fe6a2352ff05bfe998d3a073fc7f2f885e3b9e7966e24cdd77e2b781d15180

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
GgL24TJiGP163wigSpwi+A==
content-length
107436
x-ms-lease-status
unlocked
last-modified
Tue, 06 Aug 2024 05:08:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCB5D5E04C065A
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8220415d-a01e-0066-27c3-e71ba3000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
light-response-page.chunk.lrp_saveresponse.2dfb698.js
cdn.forms.office.net/forms/scripts/dists/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.2dfb698.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bc06474306a2ee072d2f08b9e52626b807afeede1da86ebb3744afc309cbd195

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
HOtsupVY/tY9k8ZrESpZpg==
content-length
9278
x-ms-lease-status
unlocked
last-modified
Tue, 06 Aug 2024 05:08:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCB5D5E05246F6
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9bd6815f-101e-0074-35c3-e72fbf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
light-response-page.chunk.lrp_copilot.13e0f06.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_copilot.13e0f06.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
58a39f75154427c07eb9b88adc2d5a70b09389e930efa9f4c1f39647a3c7de27

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
PGC/Nfg0irp0rbA65dgKAA==
content-length
520
x-ms-lease-status
unlocked
last-modified
Fri, 02 Aug 2024 05:42:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCB2B5E81F732D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b4570d20-101e-0019-01a4-e48591000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
light-response-page.chunk.fluent.845fbdb.js
cdn.forms.office.net/forms/scripts/dists/ 		172 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.fluent.845fbdb.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
828c30a0106ae073272fd97c74ae9317c1a84c65a2e4221a61889f8199ceb075

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
JxtnvdhAp1bLmnOZZBB1UQ==
content-length
46012
x-ms-lease-status
unlocked
last-modified
Tue, 09 Jul 2024 05:52:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC9FDB606E5193
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5f539286-401e-006c-5dcf-d1022a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
light-response-page.chunk.lrp_post.boot.157d98e.js
cdn.forms.office.net/forms/scripts/dists/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.157d98e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0f744526820029ffa391b02c4c544a616ca02112522824276d7b03b8523dc1da

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
HApUHsfj3tigI7akOEbUrw==
content-length
5105
x-ms-lease-status
unlocked
last-modified
Fri, 02 Aug 2024 05:42:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCB2B5E8273A35
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
be8e1871-e01e-006a-17a4-e4f552000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
blue-light.png
cdn.forms.office.net/forms/images/theme/livetheme/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/theme/livetheme/blue-light.png
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
53ce6ca728a349a226f48063b6c8ab00e2562d0bb39814115287594ebc6a8ac5

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-md5
YcoH36fATucGTNTO81jy9Q==
content-length
87744
x-ms-lease-status
unlocked
last-modified
Thu, 10 Nov 2022 05:07:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC2D97C90968E
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
1f1ba2e4-601e-0052-6bc4-f4b40b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
light-response-page.chunk.sw.a6ac500.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.a6ac500.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
nY8PCaNNXKMbNv65yICtKg==
content-length
585
x-ms-lease-status
unlocked
last-modified
Wed, 06 Mar 2024 05:29:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC3D9E71C8E737
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5805a98f-f01e-0075-1c8b-6f2e42000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
microsoft365logo_v1.png
cdn.forms.office.net/forms/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/microsoft365logo_v1.png
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-md5
MRJ0yMnGbolPWvpR+s1yzQ==
content-length
5895
x-ms-lease-status
unlocked
last-modified
Thu, 17 Aug 2023 05:32:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB9EE3626888F3
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a222bac8-a01e-0044-38dc-d07595000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
fluent-hybrid-icons-d54cb751.woff
cdn.forms.office.net/forms/fonts/light/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/fonts/light/fluent-hybrid-icons-d54cb751.woff
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7f77c691d669fc94853c14f76de8c2665411c899c168e4655a4215d296de8c3b

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-md5
/Gpiei0dQQsFHAGSgYDTDw==
content-length
1964
x-ms-lease-status
unlocked
last-modified
Fri, 30 Dec 2022 04:47:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAEA20EE049B8A
content-type
application/x-font-woff
access-control-allow-origin
*
x-ms-request-id
37e60bc3-c01e-0032-7b12-1ff129000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
segoeui-regular.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:241b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:34:33 GMT
akamai-cache-status
Hit from child
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing
clientrtt; dur=20, clienttt; dur=, origin; dur=0 , cdntime; dur=0
alt-svc
h3=":443"; ma=93600
content-length
36344
last-modified
Tue, 15 Aug 2023 21:20:37 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.17247e68.1723559673.1dd08d48&TotalRTCDNTime=20&CompressionType=&FileSize=36344"}],"include_subdomains ":true}
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
40dd8cf8-501e-0099-1155-4dbdbf000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
akamai-request-bc
[a=104.126.36.23,b=500206920,c=g,n=DE_HE_FRANKFURT,o=20940]
timing-allow-origin
*
light-response-page.chunk.1ds.a8079b3.js
cdn.forms.office.net/forms/scripts/dists/ 		108 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
K1wotL4HRbGauz+Vu/VA/w==
content-length
34470
x-ms-lease-status
unlocked
last-modified
Wed, 21 Feb 2024 05:49:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC32A0EE652AE0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c0abf1bb-f01e-0031-228c-64f22e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
light-response-page.chunk.utel.6db0eea.js
cdn.forms.office.net/forms/scripts/dists/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.6db0eea.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.fdf8ba5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b5ff6008dc8e16bc507a7a99504bf21c446b46480c16c6ce4f80f5b246582e7b

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-encoding
br
content-md5
kyXguJjKNWw2JKQZz0n6Nw==
content-length
37277
x-ms-lease-status
unlocked
last-modified
Wed, 07 Aug 2024 05:16:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCB6A00C2BFAE3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8ee564e4-401e-0001-1592-e8a804000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1671F491B2534D5E95195334AD50820C&RedC=c.office.com&MXFR=1FA372F1C9506FBA3F6D662BCD5064E8
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=1671F491B2534D5E95195334AD50820C&MUID=1FA372F1C9506FBA3F6D662BCD5064E8
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=1671F491B2534D5E95195334AD50820C&MUID=1FA372F1C9506FBA3F6D662BCD5064E8
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 14:34:34 GMT
last-modified
Thu, 01 Aug 2024 17:45:27 GMT
server
Microsoft-IIS/10.0
etag
"43fd8f983ae4da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 14:34:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9B8F164D15E244E9AA2E72C9356E19C3 Ref B: FRAEDGE1115 Ref C: 2024-08-13T14:34:34Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=1671F491B2534D5E95195334AD50820C&MUID=1FA372F1C9506FBA3F6D662BCD5064E8
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
162e80fa-95e6-41f7-925c-ca99e69e1321
lists.office.com/Images/ec93c69d-f19d-4285-a843-153b63331541/750b1703-8dd8-4b81-8019-fc1df194e5d7/T8A26AOM0GW9VE81IYWFK32H1V/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/ec93c69d-f19d-4285-a843-153b63331541/750b1703-8dd8-4b81-8019-fc1df194e5d7/T8A26AOM0GW9VE81IYWFK32H1V/162e80fa-95e6-41f7-925c-ca99e69e1321
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:2405:1::66 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
be9271b1d017f35b1a9992306494915a980f7ea2225f66adc33df2be7b6d751c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:34:33 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.18006.42102
x-officecluster
weu-106.lists.office.com
x-usersessionid
5d5f6d9f-7eae-4563-8696-6a58ad47114e
x-officeversion
16.0.18008.42102
x-officefe
CollabDBReverseProxyWithMappingService_IN_0
content-type
image/png
x-routingcorrelationid
85972888-486a-4c08-8c14-91454147c1b3
x-routingsessionid
5d5f6d9f-7eae-4563-8696-6a58ad47114e
x-routingofficecluster
weu-101.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_0
'de'
forms.office.com/formapi/api/ec93c69d-f19d-4285-a843-153b63331541/groups/750b1703-8dd8-4b81-8019-fc1df194e5d7/forms('ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQl... 		2 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/ec93c69d-f19d-4285-a843-153b63331541/groups/750b1703-8dd8-4b81-8019-fc1df194e5d7/forms('ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu')/localeResource/'de'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.e38356c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
15d8ce71-41ba-4c5d-bd21-650498a6c3ac
x-usersessionid
e7cdbd05-6161-4b5f-b394-fa8fc4626570
x-ms-form-request-ring
business
authorization
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
x-ms-form-request-source
ms-formweb
__requestverificationtoken
zGGfIvmomRO8U0KpaNgEwrjyE_zxjqrM8h2kz1rKgbA9vf9GP1IahdauXqRgDPzrQrVT3hvjctGUkLUI6FWAnwFrpTCHOBHXB2GwsyMv7eQ1

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Tue, 13 Aug 2024 14:34:33 GMT
x-officeversion
16.0.18001.42053
x-officefe
FormsSingleBox_IN_12
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_2
x-routingofficeversion
16.0.18001.42053
x-correlationid
15d8ce71-41ba-4c5d-bd21-650498a6c3ac
x-officecluster
neu-100.forms.office.com
x-usersessionid
e7cdbd05-6161-4b5f-b394-fa8fc4626570
x-msedge-ref
Ref A: D6DDDB0762D648EC950D2410477D6587 Ref B: AMS231032605025 Ref C: 2024-08-13T14:34:33Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
15d8ce71-41ba-4c5d-bd21-650498a6c3ac
x-routingsessionid
e7cdbd05-6161-4b5f-b394-fa8fc4626570
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com
segoeui-semibold.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:241b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:34:33 GMT
akamai-cache-status
Hit from child
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing
clientrtt; dur=21, clienttt; dur=, origin; dur=0 , cdntime; dur=0
content-length
31824
last-modified
Tue, 15 Aug 2023 21:20:28 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.17247e68.1723559673.1dd08d8c&TotalRTCDNTime=21&CompressionType=&FileSize=31824"}],"include_subdomains ":true}
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
4d0b3570-f01e-0055-6316-d0ef1c000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
akamai-request-bc
[a=104.126.36.23,b=500206988,c=g,n=DE_HE_FRANKFURT,o=20940]
timing-allow-origin
*
blue-light.mp4
cdn.forms.office.net/forms/images/theme/livetheme/ 		44 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/images/theme/livetheme/blue-light.mp4
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://forms.office.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-md5
IcWuJFGACELXGk5dXUYWPw==
Content-Range
bytes 0-869520/869521
Content-Length
869521
x-ms-lease-status
unlocked
last-modified
Wed, 09 Nov 2022 04:43:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC20D02D9EF0F
content-type
video/mp4
access-control-allow-origin
*
x-ms-request-id
d7f25b41-401e-006c-211a-f4022a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
chill_campusrefresh.mp3
cdn.forms.office.net/forms/formsresources/eventcard/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/formsresources/eventcard/chill_campusrefresh.mp3
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0fb75f6535f5b6a0e901e885a9eaad8062e3c6e708af68f364e0d1850e4bb86f

Request headers

Referer
https://forms.office.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:33 GMT
content-md5
On7AHnco59+HJpWjGIZXiQ==
Content-Range
bytes 0-3296767/3296768
Content-Length
3296768
x-ms-lease-status
unlocked
last-modified
Mon, 05 Dec 2022 07:36:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAD693670A0EF4
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
19cf540c-601e-0059-5c76-14ac7f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:33 GMT
blue-light.mp4
cdn.forms.office.net/forms/images/theme/livetheme/ 		849 KB
850 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/images/theme/livetheme/blue-light.mp4
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f1ebe490272c41060428755f57259fec89b61497b93b641d0837a37c157f55e5

Request headers

Referer
https://forms.office.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range
bytes=851968-

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:34 GMT
content-md5
IcWuJFGACELXGk5dXUYWPw==
content-length
869521
x-ms-lease-status
unlocked
last-modified
Wed, 09 Nov 2022 04:43:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC20D02D9EF0F
content-type
video/mp4
access-control-allow-origin
*
x-ms-request-id
d7f25b41-401e-006c-211a-f4022a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:34 GMT
blue-light.mp4
cdn.forms.office.net/forms/images/theme/livetheme/ 		817 KB
818 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/images/theme/livetheme/blue-light.mp4
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=ncaT7J3xhUKoQxU7YzMVQQMXC3XYjYFLgBn8HfGU5ddUOEEyNkFPTTBHVzlWRTgxSVlXRkszMkgxViQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7eca6800e6d09fd0dbdb7be85a994312976849c06de089ef06d39c03b93f0ce9

Request headers

Referer
https://forms.office.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range
bytes=32768-

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:34 GMT
content-md5
IcWuJFGACELXGk5dXUYWPw==
Content-Range
bytes 32768-869520/869521
Content-Length
836753
x-ms-lease-status
unlocked
last-modified
Wed, 09 Nov 2022 04:43:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC20D02D9EF0F
content-type
video/mp4
access-control-allow-origin
*
x-ms-request-id
d7f25b41-401e-006c-211a-f4022a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:34 GMT
favicon.ico
cdn.forms.office.net/forms/images/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52e2 Zurich, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 14:34:35 GMT
content-md5
lCXY6TE6aSuz8CLoBV+rgg==
content-length
7886
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 13:40:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DADD0F94420BCF
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
0ba354bc-001e-0006-540b-0f5e81000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:34:35 GMT
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		25 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.80.210 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
97ddcd65a8b30aa09572d50de9fc5bda15ea887401679ebbdf3031288fc09350
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1723559675621
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
4e990506778b4d9cbf05300e98315eed-682648e1-a406-45c4-9d5b-709b9899d662-7161,91531c5d891c486da00dddb1049c30a2-e90b69b1-4f29-40bb-8d25-66d7d26ede43-7437
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Aug 2024 14:34:35 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
471
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
25
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.80.210 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 13 Aug 2024 14:34:35 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		154 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.80.210 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
b5624f141bb6e66652662a3281268a249b824d51f6cc0eebdee58a4a14bc65ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1723559677087
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Aug 2024 14:34:36 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
52
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
154
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.80.210 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 13 Aug 2024 14:34:36 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_e7d452d73246f470bc6d object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap boolean| __COMPAT_PREACT_FOCUSZONE__ object| __globalSettings__ object| __themeState__ object| __packages__ number| __currentId__ object| __dynProto$Gbl

11 Cookies

Domain/Path Name / Value
forms.office.com/ Name: FormsWebSessionId
Value: fb43773f-a0e8-4783-8663-7ba0657418ad
forms.office.com/ Name: __RequestVerificationToken
Value: Z6mDPFgqoN-glsa0hZFcLz2YuARkj-pp5ldif4YIc-QiOv0HiMnQbx9GXPMOpwW-18dH-M0O4rOFfNmmsETviaK7Iy6H_0Qbh39vr9PNTw81
.office.com/ Name: MUID
Value: 1FA372F1C9506FBA3F6D662BCD5064E8
.bing.com/ Name: MUID
Value: 1FA372F1C9506FBA3F6D662BCD5064E8
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1FA372F1C9506FBA3F6D662BCD5064E8
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=7fa91edbbc79405188c90eed4fcf5ac9&HASH=7fa9&LV=202408&V=4&LU=1723559677139
.microsoft.com/ Name: MS0
Value: 521edb101c08415299e7426728d822b6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none';script-src 'nonce-9f9f9a7e-2b56-491b-9692-dcd229c7a0de' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anmeldung-ma.fun-zone.de
c.bing.com
c.office.com
cdn.forms.office.net
eu-mobile.events.data.microsoft.com
forms.office.com
lists.office.com
res-1.cdn.office.net
13.74.129.1
188.40.76.132
20.50.80.210
2603:1026:2405:1::66
2620:1ec:a92::194
2620:1ec:c11::237
2a02:26f0:7100::687e:241b
2a02:26f0:f3::5043:52e2
0633fd70c99631e8aab982fda65e160c805f8e14a5e74128d806eafe3356c261
0f744526820029ffa391b02c4c544a616ca02112522824276d7b03b8523dc1da
0fb75f6535f5b6a0e901e885a9eaad8062e3c6e708af68f364e0d1850e4bb86f
17f6004d54c7fb514c01a0b6b46feff94430e22aa8daae6e27ed3d8b382c9d57
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53ce6ca728a349a226f48063b6c8ab00e2562d0bb39814115287594ebc6a8ac5
58a39f75154427c07eb9b88adc2d5a70b09389e930efa9f4c1f39647a3c7de27
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca
7eca6800e6d09fd0dbdb7be85a994312976849c06de089ef06d39c03b93f0ce9
7f77c691d669fc94853c14f76de8c2665411c899c168e4655a4215d296de8c3b
828c30a0106ae073272fd97c74ae9317c1a84c65a2e4221a61889f8199ceb075
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
97ddcd65a8b30aa09572d50de9fc5bda15ea887401679ebbdf3031288fc09350
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b2fe6a2352ff05bfe998d3a073fc7f2f885e3b9e7966e24cdd77e2b781d15180
b5624f141bb6e66652662a3281268a249b824d51f6cc0eebdee58a4a14bc65ad
b5ff6008dc8e16bc507a7a99504bf21c446b46480c16c6ce4f80f5b246582e7b
bc06474306a2ee072d2f08b9e52626b807afeede1da86ebb3744afc309cbd195
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
be9271b1d017f35b1a9992306494915a980f7ea2225f66adc33df2be7b6d751c
c1a5262d6ee43dc82590286c9c6e1b2e418a7cac45e3930afd4988b42a5f5862
c650502e43d07feb0b22a8bf381590d7e10569ecfe2536f1011c9a3ea56a8775
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7
f1ebe490272c41060428755f57259fec89b61497b93b641d0837a37c157f55e5
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1