urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aka.ms/flow-mail
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ...
Submission: On June 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 35 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 6544.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on March 23rd 2023. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.102.40.139 16625 (AKAMAI-AS)
4 2620:1ec:a92:... 8068 (MICROSOFT...)
22 2a02:26f0:f3:... 20940 (AKAMAI-ASN1)
1 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
7 20.42.73.25 8075 (MICROSOFT...)
35 5
1    104.102.40.139 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-40-139.deploy.static.akamaitechnologies.com
aka.ms
4    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
22    2a02:26f0:f3::5043:52d8 (Glattbrugg, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
1    2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
7    20.42.73.25 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
22 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 10128
564 KB
7 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 201
2 KB
6 office.com
forms.office.com — Cisco Umbrella Rank: 6544
c.office.com — Cisco Umbrella Rank: 25916
55 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 252
737 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1634
77 KB
1 aka.ms
aka.ms — Cisco Umbrella Rank: 5125
543 B
35 6
Domain Requested by
22 cdn.forms.office.net forms.office.com
cdn.forms.office.net
7 browser.events.data.microsoft.com js.monitor.azure.com
cdn.forms.office.net
4 forms.office.com forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects
1 c.bing.com 1 redirects
1 js.monitor.azure.com cdn.forms.office.net
1 aka.ms 1 redirects
35 7

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2023-03-23 -
2024-03-17		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2023-03-23 -
2024-03-17		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-03-08 -
2024-03-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Frame ID: E1A779AB098A26E01C09D3F11A658315
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Manage PowerApps and Flows Subscription List

Page URL History Show full URLs

  1. https://aka.ms/flow-mail HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5Q... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

35
Requests

97 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

5
IPs

4
Countries

698 kB
Transfer

1315 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aka.ms/flow-mail HTTP 301
    https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6E7E5CFD269942459A119C99BD7BD35B&RedC=c.office.com&MXFR=2E24A42D067369783562B70302736256 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=6E7E5CFD269942459A119C99BD7BD35B&MUID=2E24A42D067369783562B70302736256

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/
Redirect Chain
  • https://aka.ms/flow-mail
  • https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
62 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
675c196046e4f15e5b81ca7e3cfbfc8828a97b6a648e25980332fbdc703ae643
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 12 Jun 2023 19:41:01 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
35a00e9c-0062-43e3-bb2b-f386e2459ab3
x-msedge-ref
Ref A: 7CE29DC9C80946748AB2C316669D0F17 Ref B: AMS231032605045 Ref C: 2023-06-12T19:41:01Z
x-officecluster
wcus-100.forms.office.com
x-officefe
FormsSingleBox_IN_1
x-officeversion
16.0.16610.42051
x-robots-tag
noindex, nofollow
x-routingcorrelationid
35a00e9c-0062-43e3-bb2b-f386e2459ab3
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_5
x-routingofficeversion
16.0.16610.42501
x-routingsessionid
ca070cdb-8e6c-45f3-9f83-664a3bf35418
x-usersessionid
ca070cdb-8e6c-45f3-9f83-664a3bf35418

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 12 Jun 2023 19:41:01 GMT
Expires
Mon, 12 Jun 2023 19:41:01 GMT
Location
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Pragma
no-cache
Request-Context
appId=cid-v1:26ef1154-5995-4d24-ad78-ef0b04f11587
Server
Kestrel
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Response-Cache-Status
True
ls-response.de.795ab148f.js
cdn.forms.office.net/forms/scripts/dists/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.795ab148f.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
67a859c11005d9408c40e86d4f758628e19583e256f3291a949e5f20a39877aa

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
BtWLRPAvBg5kga3NvtWalA==
content-length
12373
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F504F1E1F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4f729524-b01e-005b-7201-9dae85000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
dll-dompurify.min.3c32c70.js
cdn.forms.office.net/forms/scripts/dists/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.3c32c70.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
oxUBT686mhsG6wWk22Bvig==
content-length
6037
x-ms-lease-status
unlocked
last-modified
Fri, 19 May 2023 05:10:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB582757D8EE93
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4bacbaad-301e-0068-4e16-8af7a8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.min.cd8dc7e.js
cdn.forms.office.net/forms/scripts/dists/ 		403 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ed8f61c9301e964c8bb382ec98bb7813bbae087bf810859b444ad1435945c087

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
L1IN3Zt4mhQ4B+GBwRo+8w==
content-length
113384
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F4CB51AC8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
58cebb8c-701e-0009-0900-9db377000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
runtimeFormsWithResponses('v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u')
forms.office.com/formapi/api/72f988bf-86f1-41af-91ab-2d7cd011db47/users/385ebd70-5187-4b5c-8436-382616e1e15d/light/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/72f988bf-86f1-41af-91ab-2d7cd011db47/users/385ebd70-5187-4b5c-8436-382616e1e15d/light/runtimeFormsWithResponses('v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
215753b353f07756e23342a4a6497f7ea0db4b1817bd77f25662a008ce765d24
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
X-UserSessionId
ca070cdb-8e6c-45f3-9f83-664a3bf35418
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
_RcnaPoDe7fwP3vtSK261Prk1svcq35tM98cgXHMO4wdqp30EbakWI08qFA3LBVAIVizSCCQX4zWK37jZYVAPRZbNAQZhkTUidHbWpmxYr81
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Mon, 12 Jun 2023 19:41:02 GMT
x-officeversion
16.0.16610.42051
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_7, FormsSingleBox_IN_1
x-routingofficeversion
16.0.16610.42500, 16.0.16610.42051
x-correlationid
969afd9a-f6d0-4450-ab78-ebf1c76b4172
x-officecluster
wcus-100.forms.office.com
x-usersessionid
ca070cdb-8e6c-45f3-9f83-664a3bf35418
x-msedge-ref
Ref A: 3A8BC9C501B94F159E52E753BC481402 Ref B: AMS231032605045 Ref C: 2023-06-12T19:41:02Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
969afd9a-f6d0-4450-ab78-ebf1c76b4172
x-routingsessionid
ca070cdb-8e6c-45f3-9f83-664a3bf35418
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com, wcus-100.forms.office.com
light-response-page.chunk.lrp_ext.0ade59d.js
cdn.forms.office.net/forms/scripts/dists/ 		0
91 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.0ade59d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
PAuiCkM9io9kisCm2P65mw==
content-length
92654
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F4C3D165D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0dc25466-e01e-0048-1a00-9d9b64000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.lrp_phishing.c26d299.js
cdn.forms.office.net/forms/scripts/dists/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.c26d299.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
R1Mp0hS6PWWY0/doUcn92g==
content-length
2488
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F4C3E00A6
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
94b5b125-401e-0001-3600-9da804000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.lrp_saveresponse.88ddddf.js
cdn.forms.office.net/forms/scripts/dists/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.88ddddf.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
CNeqAm1UVSOilrE4QCh54Q==
content-length
15056
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F4C3F6009
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b09311c9-201e-0077-6200-9d2cb8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.lrp_cover.13fa900.js
cdn.forms.office.net/forms/scripts/dists/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.13fa900.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
Zmqr7k7+hjlAB9ylnGK4Nw==
content-length
17144
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F4C3B41F1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0a4240f2-201e-005e-1000-9d5afa000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.lrp_post.boot.125a99f.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.125a99f.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
d7TXhx9WqT/80lbv1/BwiQ==
content-length
4846
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F4C3E4EB4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7cce8419-f01e-0013-0700-9d9c18000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.lrp_ext.0ade59d.js
cdn.forms.office.net/forms/scripts/dists/ 		309 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.0ade59d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4322edbce31928b80e0646fbccf4c4437818cf00a04e26016bf2c695e4f627e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
PAuiCkM9io9kisCm2P65mw==
content-length
92654
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F4C3D165D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0dc25466-e01e-0048-1a00-9d9b64000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.lrp_phishing.c26d299.js
cdn.forms.office.net/forms/scripts/dists/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.c26d299.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f40a3516d238e60aa3686d6cef1f25c57cb1dfc627619d44896da85b284ba610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
R1Mp0hS6PWWY0/doUcn92g==
content-length
2488
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F4C3E00A6
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
94b5b125-401e-0001-3600-9da804000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.lrp_saveresponse.88ddddf.js
cdn.forms.office.net/forms/scripts/dists/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.88ddddf.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0ecef93f2fe41eafce09f588ad8f48b2cdd4839f81f59cc7ee262708a86a92e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
CNeqAm1UVSOilrE4QCh54Q==
content-length
15056
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F4C3F6009
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b09311c9-201e-0077-6200-9d2cb8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.lrp_post.boot.125a99f.js
cdn.forms.office.net/forms/scripts/dists/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.125a99f.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1482ecfed1cbce646d3a2f120144f3f413e009ea72583ca43af6c49b417db377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
d7TXhx9WqT/80lbv1/BwiQ==
content-length
4846
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F4C3E4EB4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7cce8419-f01e-0013-0700-9d9c18000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.lrp_poll.f8103cd.js
cdn.forms.office.net/forms/scripts/dists/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_poll.f8103cd.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9bbaf5532390ab6e93328d6c173fb0299b6074c2cbf28715a43e5d03c48428fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
FZkrPAe6dgV1v7WOGJymvg==
content-length
4263
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F4C3E27B1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0dc320ca-e01e-0048-8000-9d9b64000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.sw.b51c01e.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.b51c01e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3cc4ab68d26de4335059e71536265bec6d6b3c97cc62d5a10aee44baaaacd75a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
MGQnoR35q31ZWoIJCqP+Gg==
content-length
565
x-ms-lease-status
unlocked
last-modified
Thu, 13 Apr 2023 04:05:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3BD463DBBEF9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6b987075-401e-004e-78c6-6d6c1c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
wave-pattern-v1.svg
cdn.forms.office.net/forms/images/aio/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/aio/wave-pattern-v1.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-md5
3xzT8tqu5fYpwQ+8YJysNQ==
content-length
1795
x-ms-lease-status
unlocked
last-modified
Fri, 23 Dec 2022 04:36:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE49F429D278D
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e7038f12-901e-004c-4de5-186ee6000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.lrp_trial.2bcb468.js
cdn.forms.office.net/forms/scripts/dists/ 		0
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_trial.2bcb468.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
y+wKxjTxqF/gNGDCtuAzEg==
content-length
15994
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F4C3FAE15
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e7a6e94f-f01e-0031-1c00-9df22e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		180 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.125a99f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f72ca8cd472879ddf75739fc9968f52e9a774e3c4fcaecab89552fdf2289415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.12
last-modified
Thu, 01 Jun 2023 18:03:06 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.12.min.js
vary
Accept-Encoding
x-azure-ref
20230612T194102Z-b6ave88akt74tduu5t77z8rf4s00000001c00000000251k3
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
161292fb-a01e-0090-2eb3-947ffc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
light-response-page.chunk.lrp_ty2svg.2ac265e.js
cdn.forms.office.net/forms/scripts/dists/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ty2svg.2ac265e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
j434Z+kIHtJwXLYAb4kw6Q==
content-length
15309
x-ms-lease-status
unlocked
last-modified
Wed, 26 Apr 2023 05:39:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB461894451108
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1bc48d1d-101e-0056-070e-784189000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.officebrowserfeedback.39bdf71.js
cdn.forms.office.net/forms/scripts/dists/ 		0
105 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.officebrowserfeedback.39bdf71.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
g077WZtojOm9a9CkyPtrow==
content-length
107103
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 04:56:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB55C9E92A04E9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1504d0f4-a01e-006d-1dbe-8703d7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.try_dv.d33b8a6.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.try_dv.d33b8a6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
inakQNjDFIYjDVPGieJ6aw==
content-length
1754
x-ms-lease-status
unlocked
last-modified
Thu, 13 Apr 2023 04:05:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3BD463DAFBC7
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
023ee56a-901e-0021-31c4-6dc4c8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
light-response-page.chunk.utel.a0ab32b.js
cdn.forms.office.net/forms/scripts/dists/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.a0ab32b.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
75641e4a7d724a61c638bf1a1f54638aa0db2d003f3194ad87e67e531489320c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
content-md5
Nx5KRrdZugbWhq+dVzqXPw==
content-length
7134
x-ms-lease-status
unlocked
last-modified
Mon, 12 Jun 2023 06:36:05 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6B0F4C4C565D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
03ff264b-701e-004d-4100-9d6f1b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:02 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6E7E5CFD269942459A119C99BD7BD35B&RedC=c.office.com&MXFR=2E24A42D067369783562B70302736256
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=6E7E5CFD269942459A119C99BD7BD35B&MUID=2E24A42D067369783562B70302736256
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=6E7E5CFD269942459A119C99BD7BD35B&MUID=2E24A42D067369783562B70302736256
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 19:41:02 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
server
Microsoft-IIS/10.0
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 19:41:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FC060F5B936046E9BAD99F5E889C22E4 Ref B: FRAEDGE2012 Ref C: 2023-06-12T19:41:03Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=6E7E5CFD269942459A119C99BD7BD35B&MUID=2E24A42D067369783562B70302736256
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
'de'
forms.office.com/formapi/api/72f988bf-86f1-41af-91ab-2d7cd011db47/users/385ebd70-5187-4b5c-8436-382616e1e15d/forms('v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u'... 		2 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/72f988bf-86f1-41af-91ab-2d7cd011db47/users/385ebd70-5187-4b5c-8436-382616e1e15d/forms('v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u')/localeResource/'de'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.0ade59d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
e6d1a624-a2f4-4129-b3ea-a56619d82151
x-usersessionid
ca070cdb-8e6c-45f3-9f83-664a3bf35418
x-ms-form-request-ring
msft
accept-language
de-DE,de;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
x-ms-form-request-source
ms-formweb
__requestverificationtoken
_RcnaPoDe7fwP3vtSK261Prk1svcq35tM98cgXHMO4wdqp30EbakWI08qFA3LBVAIVizSCCQX4zWK37jZYVAPRZbNAQZhkTUidHbWpmxYr81

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Mon, 12 Jun 2023 19:41:03 GMT
x-officeversion
16.0.16610.42051
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_3, FormsSingleBox_IN_1
x-routingofficeversion
16.0.16610.42500, 16.0.16610.42051
x-correlationid
e6d1a624-a2f4-4129-b3ea-a56619d82151
x-officecluster
wcus-100.forms.office.com
x-usersessionid
ca070cdb-8e6c-45f3-9f83-664a3bf35418
x-msedge-ref
Ref A: 60823220DDFB44CDA599F0B219452B67 Ref B: AMS231032605045 Ref C: 2023-06-12T19:41:02Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
e6d1a624-a2f4-4129-b3ea-a56619d82151
x-routingsessionid
ca070cdb-8e6c-45f3-9f83-664a3bf35418
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-101.forms.office.com, wcus-100.forms.office.com
light-response-page.chunk.1ds.37175a1.js
cdn.forms.office.net/forms/scripts/dists/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.37175a1.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d6854738593eece90b6925c2999576b9f6ab82ebf546235755bf60f7c3c1387b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:03 GMT
content-encoding
br
content-md5
PqnFnxXbSt+XKL+eCr6cgw==
content-length
33797
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 04:31:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB68A25C1B3429
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e951ee2f-d01e-0069-1194-9af655000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:03 GMT
light-response-page.chunk.criticalinfo.bfa2317.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.criticalinfo.bfa2317.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cd8dc7e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1dbda04afb3497f769a8b036ff27ad45588294b0c00a4b14ced3b1ed5f6460ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:03 GMT
content-encoding
br
content-md5
hk/I8u+vqC+tGkCsiUApGA==
content-length
651
x-ms-lease-status
unlocked
last-modified
Fri, 09 Jun 2023 04:31:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB68A25C180053
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d4760e13-001e-0006-6794-9a5e81000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 11 Jun 2024 19:41:03 GMT
telemetry-worker.js
forms.office.com/cdn/scripts/dists/ 		94 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/telemetry-worker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
56368693895da14a049efa6eccd4738cba968116d825ae65f6078fe9ae05ed50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR3C9XjiHUVxLhDY4Jhbh4V1UM0I5QTNBV0ZIQzg4VFhVWFpVQ1RBTlVWUS4u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 12 Jun 2023 19:41:02 GMT
content-encoding
br
last-modified
Fri, 09 Jun 2023 04:34:33 GMT
x-msedge-ref
Ref A: 98F923DE3FD74339911DFABEDE7D557F Ref B: AMS231032605045 Ref C: 2023-06-12T19:41:03Z
etag
0x8DB68A2D2B5038F
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
61df694b-001e-0041-4ee9-9ccb50000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.25 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Mon, 12 Jun 2023 19:41:03 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.25 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c43990b0a12b74b4564636440a3a56b35e28a4becfc13ecb3931cd3f9c5e1d5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1686598864014
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 12 Jun 2023 19:41:04 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
370
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.25 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Mon, 12 Jun 2023 19:41:03 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.25 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2072f3498fec39c0e36ef81610fab7b8b96dc10edd15e05d97c57cd0732eabd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1686598865015
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
time-delta-to-apply-millis
370
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 12 Jun 2023 19:41:04 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
166
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.25 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Mon, 12 Jun 2023 19:41:04 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.25 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Mon, 12 Jun 2023 19:41:05 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.37175a1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.25 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
bd3b00d51e2082788f4c36a6262b0df1a4d81807f4c00dcb58e153585cfe4ec8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1686598865319
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 12 Jun 2023 19:41:05 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
159
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| _dll_dompurify_940d9dad7c575ffb9e50 object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| e function| t object| oneDS object| __dynProto$Gbl object| awa

14 Cookies

Domain/Path Name / Value
forms.office.com/ Name: RpsAuthNonce
Value: f1744556-976f-4699-94e9-020d3eb76dca
.forms.office.com/ Name: RpsAuthNonce
Value: f1744556-976f-4699-94e9-020d3eb76dca
forms.office.com/ Name: __RequestVerificationToken
Value: NL2x3PDxOfOcw2-9Jb_XgHU9fD5qvcj9RP0i0PySLF_CNZDdFGBw8hHPyss4Z88Fu0z93WtQ9fvvPv43mDdcyy7JmrpU6vqO8O2N7IlTQ9o1
.office.com/ Name: MUID
Value: 2E24A42D067369783562B70302736256
forms.office.com/ Name: ai_session
Value: KTozUwu4LWfVZizoGdYcYJ|1686598863011|1686598863011
.bing.com/ Name: MUID
Value: 2E24A42D067369783562B70302736256
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2E24A42D067369783562B70302736256
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=5457377d43fc46bea25fd5bd63b1a191&HASH=5457&LV=202306&V=4&LU=1686598864384
.microsoft.com/ Name: MS0
Value: f9174180c6cd4f22943c49457c45ac93
forms.office.com/ Name: MSFPC
Value: GUID=5457377d43fc46bea25fd5bd63b1a191&HASH=5457&LV=202306&V=4&LU=1686598864384

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aka.ms
browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
js.monitor.azure.com
104.102.40.139
20.42.73.25
2620:1ec:4e:1::44
2620:1ec:a92::194
2620:1ec:c11::200
2a02:26f0:f3::5043:52d8
68.219.88.97
0ecef93f2fe41eafce09f588ad8f48b2cdd4839f81f59cc7ee262708a86a92e7
1482ecfed1cbce646d3a2f120144f3f413e009ea72583ca43af6c49b417db377
1dbda04afb3497f769a8b036ff27ad45588294b0c00a4b14ced3b1ed5f6460ee
2072f3498fec39c0e36ef81610fab7b8b96dc10edd15e05d97c57cd0732eabd5
215753b353f07756e23342a4a6497f7ea0db4b1817bd77f25662a008ce765d24
3cc4ab68d26de4335059e71536265bec6d6b3c97cc62d5a10aee44baaaacd75a
4322edbce31928b80e0646fbccf4c4437818cf00a04e26016bf2c695e4f627e1
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
56368693895da14a049efa6eccd4738cba968116d825ae65f6078fe9ae05ed50
675c196046e4f15e5b81ca7e3cfbfc8828a97b6a648e25980332fbdc703ae643
67a859c11005d9408c40e86d4f758628e19583e256f3291a949e5f20a39877aa
75641e4a7d724a61c638bf1a1f54638aa0db2d003f3194ad87e67e531489320c
7f72ca8cd472879ddf75739fc9968f52e9a774e3c4fcaecab89552fdf2289415
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bbaf5532390ab6e93328d6c173fb0299b6074c2cbf28715a43e5d03c48428fd
bd3b00d51e2082788f4c36a6262b0df1a4d81807f4c00dcb58e153585cfe4ec8
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
c43990b0a12b74b4564636440a3a56b35e28a4becfc13ecb3931cd3f9c5e1d5d
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47
d6854738593eece90b6925c2999576b9f6ab82ebf546235755bf60f7c3c1387b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed8f61c9301e964c8bb382ec98bb7813bbae087bf810859b444ad1435945c087
f40a3516d238e60aa3686d6cef1f25c57cb1dfc627619d44896da85b284ba610