urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qr.page/g/1O63LhJ7yKD
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXM...
Submission: On July 21 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 8 domains to perform 33 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 4283.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on June 30th 2024. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:1901:0:4... 15169 (GOOGLE)
1 18.244.140.113 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f08... 32934 (FACEBOOK)
3 2620:1ec:a92:... 8068 (MICROSOFT...)
21 2a02:26f0:300... 20940 (AKAMAI-ASN1)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2603:1026:240... 8075 (MICROSOFT...)
4 52.178.17.235 8075 (MICROSOFT...)
33 8
1    2600:1901:0:4320:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
qr.page
1    18.244.140.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-140-113.lhr50.r.cloudfront.net
qrcodes.pro
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
21    2a02:26f0:3000::215:1673 (Glattbrugg, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2603:1026:2405:1::67 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
4    52.178.17.235 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eu-mobile.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
21 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 20242
2 MB
6 office.com
forms.office.com — Cisco Umbrella Rank: 4283
c.office.com — Cisco Umbrella Rank: 45451
lists.office.com — Cisco Umbrella Rank: 34639
74 KB
4 microsoft.com
eu-mobile.events.data.microsoft.com — Cisco Umbrella Rank: 625
869 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
771 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
60 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
82 KB
1 qrcodes.pro
qrcodes.pro — Cisco Umbrella Rank: 375834
2 KB
1 qr.page
qr.page — Cisco Umbrella Rank: 997863
220 B
33 8
Domain Requested by
21 cdn.forms.office.net forms.office.com
cdn.forms.office.net
4 eu-mobile.events.data.microsoft.com cdn.forms.office.net
3 forms.office.com qrcodes.pro
forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects
1 lists.office.com
1 c.bing.com 1 redirects
1 connect.facebook.net qrcodes.pro
1 www.googletagmanager.com qrcodes.pro
1 qrcodes.pro
1 qr.page 1 redirects
33 10

This site contains links to these domains. Also see Links.

Domain
www.herts.police.uk
go.microsoft.com
Subject Issuer Validity Valid
qr.tapnscan.me
Amazon RSA 2048 M02		 2024-06-08 -
2025-07-06		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-30 -
2024-07-29		 3 months crt.sh
forms.cloud.microsoft
Microsoft Azure RSA TLS Issuing CA 07		 2024-06-30 -
2025-06-25		 a year crt.sh
cdn.forms.office.net
Microsoft Azure ECC TLS Issuing CA 03		 2024-04-16 -
2025-04-11		 a year crt.sh
lists.office.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-07-16 -
2025-07-11		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-16 -
2025-06-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Frame ID: 6FF07183C2DBCE7C430632DAA098533E
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Community Policing Survey

Page URL History Show full URLs

  1. https://qr.page/g/1O63LhJ7yKD HTTP 302
    https://qrcodes.pro/1O63LhJ7yKD Page URL
  2. https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1N... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

33
Requests

97 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

8
IPs

5
Countries

1906 kB
Transfer

3349 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qr.page/g/1O63LhJ7yKD HTTP 302
    https://qrcodes.pro/1O63LhJ7yKD Page URL
  2. https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://qr.page/g/1O63LhJ7yKD HTTP 302
  • https://qrcodes.pro/1O63LhJ7yKD
Request Chain 24
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=67F6CB1D302343B5AE9849DC8423CFA6&RedC=c.office.com&MXFR=174E54378D2866CF089840F489286D7A HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=67F6CB1D302343B5AE9849DC8423CFA6&MUID=174E54378D2866CF089840F489286D7A

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1O63LhJ7yKD
qrcodes.pro/
Redirect Chain
  • https://qr.page/g/1O63LhJ7yKD
  • https://qrcodes.pro/1O63LhJ7yKD
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qrcodes.pro/1O63LhJ7yKD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-113.lhr50.r.cloudfront.net
Software
nginx /
Resource Hash
f6cbc6ddaacf46bf8ac3d980a53d933773f2a5ed65af651ab454ae24a8bbe30a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, x-csrftoken
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin
https://qrcodes.pro
cache-control
private, max-age=1
content-encoding
br
content-language
en-gb
content-type
text/html; charset=utf-8
date
Sun, 21 Jul 2024 17:10:14 GMT
server
nginx
vary
Accept-Encoding,Origin,Cookie,Accept-Language,Accept-Encoding
via
1.1 759d447e04dad48878f29ac5fabe9524.cloudfront.net (CloudFront)
x-amz-cf-id
ewfuIafRIDbqQocn7EfdNfu_XDU5wK1-ksFjdiRvST-RCAfNovCsEg==
x-amz-cf-pop
LHR50-P7
x-cache
Miss from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 21 Jul 2024 17:10:14 GMT
location
https://qrcodes.pro/1O63LhJ7yKD
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 google
x-cloud-trace-context
b384ada9ad7153a3aca38b099dfe1253
js
www.googletagmanager.com/gtag/ 		226 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-None
Requested by
Host: qrcodes.pro
URL: https://qrcodes.pro/1O63LhJ7yKD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://qrcodes.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 17:10:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83303
x-xss-protection
0
last-modified
Sun, 21 Jul 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Jul 2024 17:10:15 GMT
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: qrcodes.pro
URL: https://qrcodes.pro/1O63LhJ7yKD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://qrcodes.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 21 Jul 2024 17:10:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1297, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
ArwQ6m94O5T8nWraLavoHBBFGm8mHe16X4CJXUXWq3nJO8yudLTeaXcaM5uQ05NF3/zFnKRhAvziIgPXEz1poA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
Primary Request responsepage.aspx
forms.office.com/pages/ 		64 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Requested by
Host: qrcodes.pro
URL: https://qrcodes.pro/1O63LhJ7yKD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d12e048e86265e17dd5e849f8ee190e4561c7ead0e6279f61fc875a8df3bd91d
Security Headers
Name Value
Content-Security-Policy object-src 'none';script-src 'nonce-0ed3b83f-81ac-4d93-84e0-3cfb7d45403b' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://qrcodes.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
object-src 'none';script-src 'nonce-0ed3b83f-81ac-4d93-84e0-3cfb7d45403b' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;base-uri 'none';require-trusted-types-for 'script'; report-uri https://csp.microsoft.com/report/Forms-PROD;report-to endpoint-1;
content-type
text/html; charset=utf-8
date
Sun, 21 Jul 2024 17:10:14 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
report-to
{ "group": "endpoint-1", "max_age": 108864000, "endpoints": [ { "url": "https://csp.microsoft.com/report/Forms-PROD" }] }
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
8b236830-15ae-4580-ac02-731fcc04d0c4
x-msedge-ref
Ref A: F165CCE608FE4C5C8136FB9BCB2BD4D2 Ref B: LON212050714045 Ref C: 2024-07-21T17:10:15Z
x-officecluster
frc-100.forms.office.com
x-officefe
FormsSingleBox_IN_2
x-officeversion
16.0.17914.42050
x-robots-tag
noindex, nofollow
x-routingcorrelationid
8b236830-15ae-4580-ac02-731fcc04d0c4
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_7
x-routingofficeversion
16.0.17914.42050
x-routingsessionid
176b4e85-dbef-4628-8527-1b5a5f4eb3d3
x-usersessionid
176b4e85-dbef-4628-8527-1b5a5f4eb3d3
runtimeFormsWithResponses('G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu')
forms.office.com/formapi/api/a3c59d1b-b8f1-4299-9d6a-39ad8f570422/groups/93f36eb5-77cf-45ac-805e-b9efeab77d32/light/ 		70 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/a3c59d1b-b8f1-4299-9d6a-39ad8f570422/groups/93f36eb5-77cf-45ac-805e-b9efeab77d32/light/runtimeFormsWithResponses('G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ae90f4d6d2ee289e2db5d1392a69dc8c94ad633e77fee9c2bc6f28f2fe29ef0a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
X-UserSessionId
176b4e85-dbef-4628-8527-1b5a5f4eb3d3
__RequestVerificationToken
zZhB3Wv4SWuE46uCMN-VLQfd9sYvkowrNKkj3EEpewRWA2R6NLDM-yDgn9kKtPOgtu8-s6K9yaHTPl6d-XQpb-nh8u65TbXuQZtxDWVN1ZY1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Sun, 21 Jul 2024 17:10:15 GMT
x-officeversion
16.0.17914.42050
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_9
x-routingofficeversion
16.0.17914.42050
x-correlationid
ea7fa079-9262-4040-baac-910a1fb83e78
x-officecluster
frc-100.forms.office.com
x-usersessionid
176b4e85-dbef-4628-8527-1b5a5f4eb3d3
x-msedge-ref
Ref A: 0D9BAF26FD0D4A1C83BC1DCC7B476A2D Ref B: LON212050714045 Ref C: 2024-07-21T17:10:15Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
ea7fa079-9262-4040-baac-910a1fb83e78
x-routingsessionid
176b4e85-dbef-4628-8527-1b5a5f4eb3d3
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-100.forms.office.com
ls-response.en-gb.77705b26a.js
cdn.forms.office.net/forms/scripts/dists/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.en-gb.77705b26a.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3a62e12f2bea3dbc033b50b593c27b5c52a1c51ea3cf7da15c97323b8a05d9f9

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:15 GMT
content-encoding
br
content-md5
1pu33nZUb3veF+NWK79uyg==
content-length
10926
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 06:16:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA55ED26BC35C
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e302e6e7-f01e-003a-2551-d7ea5a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:15 GMT
dll-dompurify.min.bcf1a85.js
cdn.forms.office.net/forms/scripts/dists/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.bcf1a85.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:15 GMT
content-encoding
br
content-md5
3nKtWQ895+qkc91KKpgmGw==
content-length
11487
x-ms-lease-status
unlocked
last-modified
Sun, 18 Feb 2024 04:45:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC303C76BCD96B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f57797fb-801e-0058-332d-62ad82000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:15 GMT
light-response-page.min.ebb4d08.js
cdn.forms.office.net/forms/scripts/dists/ 		483 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d6a89d62e618996ce690254a572db1149988ff79e00cef95adfd8d1bf418ce97

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:15 GMT
content-encoding
br
content-md5
9iU4Y+BmzcKrxoHW7nVxFQ==
content-length
129957
x-ms-lease-status
unlocked
last-modified
Wed, 17 Jul 2024 05:53:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA624BC040D43
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
54d52d37-a01e-006d-4313-d803d7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:15 GMT
light-response-page.chunk.lrp_ext.e6c944c.js
cdn.forms.office.net/forms/scripts/dists/ 		0
108 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.e6c944c.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
MlhMUL5RpM2frvosLlF3zw==
content-length
110532
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 06:16:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA55ECEA69B9F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
778593a2-a01e-000b-2550-d7b18d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
light-response-page.chunk.lrp_saveresponse.bbd80fd.js
cdn.forms.office.net/forms/scripts/dists/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.bbd80fd.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
JlAHCfzWRMQ1iDDiOhTn+w==
content-length
9339
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 06:16:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA55ECEAE89AC
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6def3c5e-701e-0009-5750-d7b377000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
light-response-page.chunk.lrp_groupnote.480cf84.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_groupnote.480cf84.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
eSNM4MGUsQx2RP2k7djRDA==
content-length
1616
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 06:16:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA55ECEA6268C
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1cb3024e-d01e-0040-3050-d78017000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
light-response-page.chunk.lrp_cover.af64d13.js
cdn.forms.office.net/forms/scripts/dists/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.af64d13.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
FrVyIeneTRgq+YT1cjNymA==
content-length
17982
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 06:16:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA55ECEA5153B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
475e05a8-301e-0005-5650-d75d86000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
light-response-page.chunk.lrp_post.boot.3280002.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.3280002.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
J2mc+46NRg9mOxpIwZqFHw==
content-length
5108
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 06:16:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA55ECEAB07C3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
76e9c1de-101e-0056-4650-d74189000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
favicon.ico
cdn.forms.office.net/forms/images/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-md5
lCXY6TE6aSuz8CLoBV+rgg==
content-length
7886
x-ms-lease-status
unlocked
last-modified
Fri, 19 May 2023 11:02:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB5858898E3028
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
233e66e2-a01e-0000-37e1-8ba9f9000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
light-response-page.chunk.lrp_ext.e6c944c.js
cdn.forms.office.net/forms/scripts/dists/ 		388 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.e6c944c.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
538c89247662dcf131c5c5dd06935c3507fbe549ee3c32a8878a3e566393548a

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
MlhMUL5RpM2frvosLlF3zw==
content-length
110532
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 06:16:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA55ECEA69B9F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
778593a2-a01e-000b-2550-d7b18d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
light-response-page.chunk.themes.c288f9f.js
cdn.forms.office.net/forms/scripts/dists/ 		309 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.themes.c288f9f.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
047fec89dfc905c0180464905739e50ee59c78b76d0bd9345e4ba5e851f4828b

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
9WyUzmcjXzy/AFDruX8hCQ==
content-length
27898
x-ms-lease-status
unlocked
last-modified
Thu, 18 Apr 2024 05:05:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC5F65241AC817
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c01d3590-f01e-003a-4213-92ea5a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
light-response-page.chunk.lrp_saveresponse.bbd80fd.js
cdn.forms.office.net/forms/scripts/dists/ 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.bbd80fd.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd9b2464dc9e4c6be270b5aff4200b3f8b89596482ea88dda64c9eb006720752

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
JlAHCfzWRMQ1iDDiOhTn+w==
content-length
9339
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 06:16:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA55ECEAE89AC
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6def3c5e-701e-0009-5750-d7b377000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
light-response-page.chunk.lrp_copilot.b7ea322.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_copilot.b7ea322.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
84d3e5c4a213d571274b54a41dca72aaa3e34432d3e15883545e0003cf7f7c1d

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
Bppe3z+BCXORHmy3OyNDTg==
content-length
529
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 06:16:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA55ECEA53C47
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9e0b7c74-e01e-006a-0250-d7f552000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
light-response-page.chunk.lrp_post.boot.3280002.js
cdn.forms.office.net/forms/scripts/dists/ 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.3280002.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f4cb746099615815818d2c24bb7193116887474e0de101b6f1d64723005e8658

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
J2mc+46NRg9mOxpIwZqFHw==
content-length
5108
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 06:16:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA55ECEAB07C3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
76e9c1de-101e-0056-4650-d74189000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
wave-pattern-v1.svg
cdn.forms.office.net/forms/images/aio/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/aio/wave-pattern-v1.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-md5
3xzT8tqu5fYpwQ+8YJysNQ==
content-length
1795
x-ms-lease-status
unlocked
last-modified
Fri, 17 Nov 2023 11:37:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBE7619A733670
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
23d7745f-201e-005e-6c9f-1a5afa000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
light-response-page.chunk.sw.a6ac500.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.a6ac500.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
nY8PCaNNXKMbNv65yICtKg==
content-length
585
x-ms-lease-status
unlocked
last-modified
Wed, 06 Mar 2024 05:29:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC3D9E71C8E737
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5805a98f-f01e-0075-1c8b-6f2e42000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
microsoft365logo_v1.png
cdn.forms.office.net/forms/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/microsoft365logo_v1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-md5
MRJ0yMnGbolPWvpR+s1yzQ==
content-length
5895
x-ms-lease-status
unlocked
last-modified
Wed, 10 Jul 2024 05:53:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA0A4A6023AD8
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
958f3956-c01e-0054-18ff-d24373000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
light-response-page.chunk.officebrowserfeedback.f9811c6.js
cdn.forms.office.net/forms/scripts/dists/ 		0
118 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.officebrowserfeedback.f9811c6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
2F2AE/NG6HFoVVQ3HxukRw==
content-length
120049
x-ms-lease-status
unlocked
last-modified
Wed, 17 Jul 2024 05:53:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA624BBF62C99
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
079bc238-401e-0045-7a13-d87468000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
light-response-page.chunk.1ds.a8079b3.js
cdn.forms.office.net/forms/scripts/dists/ 		108 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
K1wotL4HRbGauz+Vu/VA/w==
content-length
34470
x-ms-lease-status
unlocked
last-modified
Wed, 21 Feb 2024 05:49:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DC32A0EE652AE0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c0abf1bb-f01e-0031-228c-64f22e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
light-response-page.chunk.utel.8823725.js
cdn.forms.office.net/forms/scripts/dists/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.8823725.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ebb4d08.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0a2399d29c7cee569634b81dd594c06e30b2981c5b0ccb0ab3d0bd58495cf78f

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-encoding
br
content-md5
UwKELi0iQfE0lEweV4MPoA==
content-length
37248
x-ms-lease-status
unlocked
last-modified
Wed, 17 Jul 2024 05:53:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA624BC0238C3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bc7f2dc5-101e-0056-3a13-d84189000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=67F6CB1D302343B5AE9849DC8423CFA6&RedC=c.office.com&MXFR=174E54378D2866CF089840F489286D7A
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=67F6CB1D302343B5AE9849DC8423CFA6&MUID=174E54378D2866CF089840F489286D7A
42 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=67F6CB1D302343B5AE9849DC8423CFA6&MUID=174E54378D2866CF089840F489286D7A
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 17:10:16 GMT
last-modified
Tue, 25 Jun 2024 19:30:12 GMT
server
Microsoft-IIS/10.0
etag
"7473f1936c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 21 Jul 2024 17:10:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 10912E22E2E847F79EB859A5FBFC6835 Ref B: LON04EDGE1016 Ref C: 2024-07-21T17:10:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=67F6CB1D302343B5AE9849DC8423CFA6&MUID=174E54378D2866CF089840F489286D7A
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
f036acb8-dc38-46ba-8ea8-f6836cc89f1a
lists.office.com/Images/a3c59d1b-b8f1-4299-9d6a-39ad8f570422/93f36eb5-77cf-45ac-805e-b9efeab77d32/T0E55K3NR80V7AASQTW231JX39/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/a3c59d1b-b8f1-4299-9d6a-39ad8f570422/93f36eb5-77cf-45ac-805e-b9efeab77d32/T0E55K3NR80V7AASQTW231JX39/f036acb8-dc38-46ba-8ea8-f6836cc89f1a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:2405:1::67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a7235f5936a35ede5a1cedc5da8c9678b5343ba8c0f4b105e4eaea8fe2726c7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 17:10:16 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.17914.42100
content-type
image/png
x-routingcorrelationid
9f1b41c9-ef24-416f-9316-b099db536d93
cache-control
no-cache
x-routingsessionid
3fec2df8-28c4-43f7-9af2-f805b7e7ef97
x-hivering
3
x-routingofficecluster
weu-100.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_4
expires
-1
'en-gb'
forms.office.com/formapi/api/a3c59d1b-b8f1-4299-9d6a-39ad8f570422/groups/93f36eb5-77cf-45ac-805e-b9efeab77d32/forms('G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQl... 		2 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/a3c59d1b-b8f1-4299-9d6a-39ad8f570422/groups/93f36eb5-77cf-45ac-805e-b9efeab77d32/forms('G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu')/localeResource/'en-gb'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.e6c944c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
fcfefdd3-7afe-418b-843f-cc2bfe249e2a
x-usersessionid
176b4e85-dbef-4628-8527-1b5a5f4eb3d3
x-ms-form-request-ring
business
authorization
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=G53Fo_G4mUKdajmtj1cEIrVu85PPd6xFgF657-q3fTJUMEU1NUszTlI4MFY3QUFTUVRXMjMxSlgzOSQlQCN0PWcu
x-ms-form-request-source
ms-formweb
__requestverificationtoken
zZhB3Wv4SWuE46uCMN-VLQfd9sYvkowrNKkj3EEpewRWA2R6NLDM-yDgn9kKtPOgtu8-s6K9yaHTPl6d-XQpb-nh8u65TbXuQZtxDWVN1ZY1

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Sun, 21 Jul 2024 17:10:15 GMT
x-officeversion
16.0.17914.42050
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_9
x-routingofficeversion
16.0.17914.42050
x-correlationid
fcfefdd3-7afe-418b-843f-cc2bfe249e2a
x-officecluster
frc-100.forms.office.com
x-usersessionid
176b4e85-dbef-4628-8527-1b5a5f4eb3d3
x-msedge-ref
Ref A: 6EDC76578F9545EF82C59C1686F6B264 Ref B: LON212050714045 Ref C: 2024-07-21T17:10:16Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
fcfefdd3-7afe-418b-843f-cc2bfe249e2a
x-routingsessionid
176b4e85-dbef-4628-8527-1b5a5f4eb3d3
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-100.forms.office.com
buildings-sun.jpg
cdn.forms.office.net/forms/formsresources/intelligence/themes/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/formsresources/intelligence/themes/buildings-sun.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000::215:1673 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3404d0cd31a5f440541b40d238fd07d5faf9bb87e670a51f9847a7f727b59ae5

Request headers

Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 17:10:16 GMT
content-md5
8DQ5jT651gkzNBTBwA7x2A==
content-length
1186582
x-ms-lease-status
unlocked
last-modified
Fri, 12 Jul 2024 03:29:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DCA222DFC633DC
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
05394da2-c01e-0010-1380-db9f1f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 21 Jul 2025 17:10:16 GMT
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		25 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.178.17.235 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
b40b5c62fbc3f430efebe7dd3964b96fc68a67dd894ee17104ec8f52e6114972
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1721581817404
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
4e990506778b4d9cbf05300e98315eed-682648e1-a406-45c4-9d5b-709b9899d662-7161
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jul 2024 17:10:17 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
476
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
25
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.178.17.235 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Sun, 21 Jul 2024 17:10:16 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.178.17.235 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Sun, 21 Jul 2024 17:10:18 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
eu-mobile.events.data.microsoft.com/OneCollector/1.0/ 		154 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu-mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a8079b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.178.17.235 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
fdf31c27f18728597e9c465be1b554b33840f86ea8e3f867bc4abf8984de3323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1721581818899
client-version
1DS-Web-JS-3.2.15
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jul 2024 17:10:18 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
43
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
154

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NavKeyPoints function| reloadNoCdn object| MathJax object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| formsInlineScriptSyntaxCheck function| _dll_dompurify_e7d452d73246f470bc6d object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl

15 Cookies

Domain/Path Name / Value
qrcodes.pro/ Name: visitor-id
Value: 1721581815@7Fv0v
qrcodes.pro/ Name: mappable_id
Value: 1721581815@7Fv0v_1721581815
qrcodes.pro/ Name: access_token
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtYXBwYWJsZUlEIjoiMTcyMTU4MTgxNUA3RnYwdl8xNzIxNTgxODE1IiwidGltZXN0YW1wIjoxNzIxNTgxODE1MDM0LCJpYXQiOjE3MjE1ODE3ODUsImV4cCI6MTcyMTU4MjExNX0.pH7bWDTnbPhgE9iDBh-SiEal8m83kpKIBmQWRNN4e1w
.qrcodes.pro/ Name: _gcl_au
Value: 1.1.575587593.1721581816
forms.office.com/ Name: FormsWebSessionId
Value: 3649dc3c-effb-42fa-9fe6-89567ed6fffe
forms.office.com/ Name: __RequestVerificationToken
Value: 46hsgH86sllFm2S4lZgBG_-PjNAksApvhMuShqfXYPel9txy02lL5rjm_3-t6i_QQPPz3WXVISGcQgTiRKWBz6XZLCMpgSNVCeOUQjJfMSQ1
.office.com/ Name: MUID
Value: 174E54378D2866CF089840F489286D7A
.bing.com/ Name: MUID
Value: 174E54378D2866CF089840F489286D7A
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 174E54378D2866CF089840F489286D7A
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=8748343ae9624ba1bedf9874ac09ab13&HASH=8748&LV=202407&V=4&LU=1721581818942
.microsoft.com/ Name: MS0
Value: 0faa2a05990741cbbeaa1b567addeee0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.office.com
cdn.forms.office.net
connect.facebook.net
eu-mobile.events.data.microsoft.com
forms.office.com
lists.office.com
qr.page
qrcodes.pro
www.googletagmanager.com
13.74.129.1
18.244.140.113
2600:1901:0:4320::
2603:1026:2405:1::67
2620:1ec:a92::194
2620:1ec:c11::237
2a00:1450:4001:827::2008
2a02:26f0:3000::215:1673
2a03:2880:f084:d:face:b00c:0:3
52.178.17.235
047fec89dfc905c0180464905739e50ee59c78b76d0bd9345e4ba5e851f4828b
0a2399d29c7cee569634b81dd594c06e30b2981c5b0ccb0ab3d0bd58495cf78f
3404d0cd31a5f440541b40d238fd07d5faf9bb87e670a51f9847a7f727b59ae5
3a62e12f2bea3dbc033b50b593c27b5c52a1c51ea3cf7da15c97323b8a05d9f9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
538c89247662dcf131c5c5dd06935c3507fbe549ee3c32a8878a3e566393548a
5bea34a1b8999fb53f5b3b8541be6a2c6f8c75a8932bcb7a05e3fd5b91d78608
5e18809ef5c2dfeb8b35cb5cd230ed8c64cd04a564090761f24e5fb8f628c6ca
84d3e5c4a213d571274b54a41dca72aaa3e34432d3e15883545e0003cf7f7c1d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a7235f5936a35ede5a1cedc5da8c9678b5343ba8c0f4b105e4eaea8fe2726c7
ae90f4d6d2ee289e2db5d1392a69dc8c94ad633e77fee9c2bc6f28f2fe29ef0a
b40b5c62fbc3f430efebe7dd3964b96fc68a67dd894ee17104ec8f52e6114972
bc3c029408dab6b5cb676b990b2e21bdd474e4b2e45daf87e70210539390bf49
bd9b2464dc9e4c6be270b5aff4200b3f8b89596482ea88dda64c9eb006720752
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
d12e048e86265e17dd5e849f8ee190e4561c7ead0e6279f61fc875a8df3bd91d
d6a89d62e618996ce690254a572db1149988ff79e00cef95adfd8d1bf418ce97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86b0bf07871186dd32b20c7b4fd8e8729c717eabe73763847be9cb091d348f7
f2a1abcf12ebd0f329e5b66b811b0bd76c8e954cb283ce3b61e72fbf459ef6f1
f4cb746099615815818d2c24bb7193116887474e0de101b6f1d64723005e8658
f6cbc6ddaacf46bf8ac3d980a53d933773f2a5ed65af651ab454ae24a8bbe30a
fdf31c27f18728597e9c465be1b554b33840f86ea8e3f867bc4abf8984de3323