urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mTW4jP0c37YJ5MqW1CySG74gzKgdW6qVjZH6ZZBpgW7TTpRd3LxnYhW...
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5IS...
Submission: On March 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 35 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 6969.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on March 23rd 2023. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 3 2620:1ec:a92:... 8068 (MICROSOFT...)
21 2a02:26f0:f3:... 20940 (AKAMAI-ASN1)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 52.109.88.108 8075 (MICROSOFT...)
1 2620:1ec:4f:1... 8075 (MICROSOFT...)
1 23.222.46.142 16625 (AKAMAI-AS)
6 13.89.178.27 8075 (MICROSOFT...)
35 8
2    2606:4700:4400::6812:2a5e (United States)

ASN13335 (CLOUDFLARENET, US)
t.sidekickopen10.com
3    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
21    2a02:26f0:f3::5043:52d8 (Glattbrugg, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    52.109.88.108 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
1    2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
1    23.222.46.142 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-46-142.deploy.static.akamaitechnologies.com
static2.sharepointonline.com
6    13.89.178.27 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
21 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 10307
487 KB
7 office.com
forms.office.com — Cisco Umbrella Rank: 6969
c.office.com — Cisco Umbrella Rank: 27892
lists.office.com — Cisco Umbrella Rank: 16542
890 KB
6 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 251
1 KB
2 sidekickopen10.com
t.sidekickopen10.com — Cisco Umbrella Rank: 60419
3 KB
1 sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 3288
36 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1869
61 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 252
738 B
35 7
Domain Requested by
21 cdn.forms.office.net forms.office.com
cdn.forms.office.net
6 browser.events.data.microsoft.com js.monitor.azure.com
cdn.forms.office.net
3 forms.office.com 1 redirects t.sidekickopen10.com
forms.office.com
2 lists.office.com
2 c.office.com 1 redirects
2 t.sidekickopen10.com 1 redirects
1 static2.sharepointonline.com
1 js.monitor.azure.com cdn.forms.office.net
1 c.bing.com 1 redirects
35 9

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-27 -
2023-05-27		 a year crt.sh
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2023-03-23 -
2024-03-17		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
lists.office.com
Microsoft Azure TLS Issuing CA 05		 2023-01-11 -
2024-01-06		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2023-03-23 -
2024-03-17		 a year crt.sh
privatecdn.sharepointonline.com
DigiCert SHA2 Secure Server CA		 2022-09-19 -
2023-09-19		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-03-08 -
2024-03-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Frame ID: D11080695A0484066AB35AD857630E87
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IGL Employment Information

Page URL History Show full URLs

  1. https://t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mTW4jP0c37YJ5MqW1CySG74gzKgdW6qVjZH... Page URL
  2. https://t.sidekickopen10.com/events/public/v1/encoded/track/tc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mTW4j... HTTP 307
    https://forms.office.com/r/Pmxi89WFrE HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyR... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

35
Requests

97 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

1477 kB
Transfer

2487 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mTW4jP0c37YJ5MqW1CySG74gzKgdW6qVjZH6ZZBpgW7TTpRd3LxnYhW3NvJT12hMLxnW266pZv5PRCyPW2BXGCj21kVDRW8WxpcS3yjVp6W2Cp2Y38gR_r-W66VztK5XZW7xW47ZbRz26D--sV3flcc3QL3QGW71N9HR4-Htq9N88MCqQh_g9TVMk2DB1zlvlvW47rtSY8zzCNNW763ZVx3B63kVW7B8RH519KzJmVczWdY64930mW6xdY8f3pvFvpf66BkTC04 Page URL
  2. https://t.sidekickopen10.com/events/public/v1/encoded/track/tc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mTW4jP0c37YJ5MqW1CySG74gzKgdW6qVjZH6ZZBpgW7TTpRd3LxnYhW3NvJT12hMLxnW266pZv5PRCyPW2BXGCj21kVDRW8WxpcS3yjVp6W2Cp2Y38gR_r-W66VztK5XZW7xW47ZbRz26D--sV3flcc3QL3QGW71N9HR4-Htq9N88MCqQh_g9TVMk2DB1zlvlvW47rtSY8zzCNNW763ZVx3B63kVW7B8RH519KzJmVczWdY64930mW6xdY8f3pvFvpf66BkTC04?_ud=1026678e-1c45-4a68-8081-16b425498926&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://forms.office.com/r/Pmxi89WFrE HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CAD48E9269FE49C58B328FE79C574939&RedC=c.office.com&MXFR=31794116AE16660B2B3153F2AA166D96 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=CAD48E9269FE49C58B328FE79C574939&MUID=31794116AE16660B2B3153F2AA166D96

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Jks2-6q7W69sMD-6lZ3mTW4jP0c37YJ5MqW1CySG74gzKgdW6qVjZH6ZZBpgW7TTpRd3LxnYhW3NvJT12hMLxnW266pZv5PRCyPW2BXGCj21kVDRW8WxpcS3yjVp6W2Cp2Y38gR_r-W66VztK5XZW7xW47ZbRz26D--sV3flcc3QL3QGW71N9HR4-Htq9N88MCqQh...
t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/ 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mTW4jP0c37YJ5MqW1CySG74gzKgdW6qVjZH6ZZBpgW7TTpRd3LxnYhW3NvJT12hMLxnW266pZv5PRCyPW2BXGCj21kVDRW8WxpcS3yjVp6W2Cp2Y38gR_r-W66VztK5XZW7xW47ZbRz26D--sV3flcc3QL3QGW71N9HR4-Htq9N88MCqQh_g9TVMk2DB1zlvlvW47rtSY8zzCNNW763ZVx3B63kVW7B8RH519KzJmVczWdY64930mW6xdY8f3pvFvpf66BkTC04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
7afeee6c9b229293-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Thu, 30 Mar 2023 08:20:05 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-hubspot-correlation-id
fcb71a87-d0af-4fb8-a501-4bbb61c29cd7
x-robots-tag
none
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://t.sidekickopen10.com/events/public/v1/encoded/track/tc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mTW4jP0c37YJ5MqW1CySG74gzKgdW6qVjZH6ZZBpgW7TTpRd3LxnYhW3NvJT12hMLxnW266pZv5PRCyPW2BXGCj21kVDRW8Wx...
  • https://forms.office.com/r/Pmxi89WFrE
  • https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
58 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Requested by
Host: t.sidekickopen10.com
URL: https://t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mTW4jP0c37YJ5MqW1CySG74gzKgdW6qVjZH6ZZBpgW7TTpRd3LxnYhW3NvJT12hMLxnW266pZv5PRCyPW2BXGCj21kVDRW8WxpcS3yjVp6W2Cp2Y38gR_r-W66VztK5XZW7xW47ZbRz26D--sV3flcc3QL3QGW71N9HR4-Htq9N88MCqQh_g9TVMk2DB1zlvlvW47rtSY8zzCNNW763ZVx3B63kVW7B8RH519KzJmVczWdY64930mW6xdY8f3pvFvpf66BkTC04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
095ddb875908f8ac9bf9face894e1a71490d630328ed31ff03685c3ff08bb563
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mTW4jP0c37YJ5MqW1CySG74gzKgdW6qVjZH6ZZBpgW7TTpRd3LxnYhW3NvJT12hMLxnW266pZv5PRCyPW2BXGCj21kVDRW8WxpcS3yjVp6W2Cp2Y38gR_r-W66VztK5XZW7xW47ZbRz26D--sV3flcc3QL3QGW71N9HR4-Htq9N88MCqQh_g9TVMk2DB1zlvlvW47rtSY8zzCNNW763ZVx3B63kVW7B8RH519KzJmVczWdY64930mW6xdY8f3pvFvpf66BkTC04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 30 Mar 2023 08:20:05 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
cb3fa835-5b93-48b6-bf55-b2cfed6f5548
x-msedge-ref
Ref A: 0028D7085EE64BB1BDD065652360D3D4 Ref B: AMS231032601007 Ref C: 2023-03-30T08:20:06Z
x-officecluster
weu-100.forms.office.com
x-officefe
FormsSingleBox_IN_9
x-officeversion
16.0.16322.42053
x-robots-tag
noindex, nofollow
x-routingcorrelationid
cb3fa835-5b93-48b6-bf55-b2cfed6f5548
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_9
x-routingofficeversion
16.0.16322.42053
x-routingsessionid
f513b073-c2c3-4148-916c-d024e1b705d5
x-usersessionid
f513b073-c2c3-4148-916c-d024e1b705d5

Redirect headers

cache-control
no-cache
content-length
0
date
Thu, 30 Mar 2023 08:20:05 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
98aca4bb-8754-4a19-a667-66b4a17d68a4
x-msedge-ref
Ref A: F923549961274FAA9BC3458BD80BB77E Ref B: AMS231032601007 Ref C: 2023-03-30T08:20:05Z
x-officecluster
eus2-101.forms.office.com
x-officefe
FormIntelligenceService_IN_1
x-officeversion
16.0.16322.42053
x-usersessionid
98aca4bb-8754-4a19-a667-66b4a17d68a4
ls-response.de.46a8d9471.js
cdn.forms.office.net/forms/scripts/dists/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.46a8d9471.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
73945ff9b7383e19b288c278aa5cf82843c874eb3111867a4c3c9b23b19acc94

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
LTJehm5SMdr5j4EYyTmycg==
content-length
10691
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB301323DE7140
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b939c526-c01e-0032-480b-62f129000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.min.4fec861.css
cdn.forms.office.net/forms/css/dist/ 		100 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.4fec861.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d093c11793b57f171120cc0301d8e1a59c7a8166b83a70de9cea1f19cc19bca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
q5Y1IvqHNkv1K4ujdPfLgA==
content-length
18147
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E2FD35D1C6
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
2f1eb335-001e-006b-30d6-57f4af000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.min.23a3c42.js
cdn.forms.office.net/forms/scripts/dists/ 		373 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
64ef4d307dde1cee9e3c68418fccde13d216b5f1488533be06d97ad52eb69e78

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
RbMACzx1OxvPhlQH7Pq6WA==
content-length
105329
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3013205A3A5F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cf1ce852-901e-0021-7c08-62c4c8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
runtimeFormsWithResponses('Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u')
forms.office.com/formapi/api/972d6f5e-124b-46f8-bbb1-64519eac4760/users/15386ae6-da7c-40e7-95a2-054fb87a17e5/light/ 		148 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/972d6f5e-124b-46f8-bbb1-64519eac4760/users/15386ae6-da7c-40e7-95a2-054fb87a17e5/light/runtimeFormsWithResponses('Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba543bb28a4970e4a630dfe8fa241e192acffc2d99412cb34f98b96ce2dc69c2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
X-UserSessionId
f513b073-c2c3-4148-916c-d024e1b705d5
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
J786Pifha1Wqxv8xj-6OwifmUiLJM68ub_sPQGSqqMh3HtjpNNWJdBKmBOECGI9BTSpK-nkQZCom3SDYCsDWf2VjODSOf8pgfKgPI9ogZYU1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Thu, 30 Mar 2023 08:20:05 GMT
x-officeversion
16.0.16322.42053
x-officefe
FormsSingleBox_IN_10
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_10
x-routingofficeversion
16.0.16322.42053
x-correlationid
7e41aaa6-10ec-4eca-ae6a-c3d5cca322a2
x-officecluster
frc-101.forms.office.com
x-usersessionid
f513b073-c2c3-4148-916c-d024e1b705d5
x-msedge-ref
Ref A: CEA9B329F78742ABA8971793814EBB10 Ref B: AMS231032601007 Ref C: 2023-03-30T08:20:06Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
7e41aaa6-10ec-4eca-ae6a-c3d5cca322a2
x-routingsessionid
f513b073-c2c3-4148-916c-d024e1b705d5
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-101.forms.office.com
light-response-page.chunk.lrp_ext.8fbd930.js
cdn.forms.office.net/forms/scripts/dists/ 		0
69 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.8fbd930.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
9UeJzxYDdC79oAQZ5q0dgQ==
content-length
70459
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB301320112E12
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5006b541-001e-0049-1f09-629a99000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.lrp_cover.38d67d0.js
cdn.forms.office.net/forms/scripts/dists/ 		0
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.38d67d0.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
GAek79FcuyeEjZnkly0jkQ==
content-length
26848
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB30132010E002
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0910c64a-f01e-0075-1809-622e42000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.lrp_phishing.7eef1d2.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.7eef1d2.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
bVnQsEmYi+FsODYVEm91lw==
content-length
1962
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB301320383863
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
218f9f3b-201e-0055-0909-62428e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.lrp_saveresponse.00015c0.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.00015c0.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
IYMM+4xWhnBRPbcHcD62+w==
content-length
4623
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3013203AD018
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
218f9f21-201e-0055-7109-62428e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.lrp_post.boot.04a5269.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.04a5269.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
zm5unhVoaaZ/nNfRwF1yXw==
content-length
4859
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB30132039229E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0cca8431-101e-0012-7409-629de5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.lrp_ext.8fbd930.js
cdn.forms.office.net/forms/scripts/dists/ 		227 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.8fbd930.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
624846f78e3636225754bc54db6eaf636a84d0cd652f50e6d439d601f53027c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
9UeJzxYDdC79oAQZ5q0dgQ==
content-length
70459
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB301320112E12
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5006b541-001e-0049-1f09-629a99000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.lrp_cover.38d67d0.js
cdn.forms.office.net/forms/scripts/dists/ 		97 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.38d67d0.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
33377bc85c4fb4b52607b03e54a5abf6459fccf224271cf8d0c0cf71c6e554c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
GAek79FcuyeEjZnkly0jkQ==
content-length
26848
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB30132010E002
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0910c64a-f01e-0075-1809-622e42000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.lrp_saveresponse.00015c0.js
cdn.forms.office.net/forms/scripts/dists/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.00015c0.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f5b3357a4fede6b9efca16297ba3ecece384f01292504eb9712fd11cd3445992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
IYMM+4xWhnBRPbcHcD62+w==
content-length
4623
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3013203AD018
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
218f9f21-201e-0055-7109-62428e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.lrp_post.boot.04a5269.js
cdn.forms.office.net/forms/scripts/dists/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.04a5269.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6977e5f2170fdc4295c09a7e77ab5447877800044307af43b68fd3171ea13d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
zm5unhVoaaZ/nNfRwF1yXw==
content-length
4859
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB30132039229E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0cca8431-101e-0012-7409-629de5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.lrp_poll.f611f2d.js
cdn.forms.office.net/forms/scripts/dists/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_poll.f611f2d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4548120b97ed069350d429f9911f06b12962b19a5541b2a9d4362b25a7c9b240

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
BzXUbIQKQYPGYbQud4zqJg==
content-length
3716
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB30132038AD80
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c808ad98-601e-0070-6609-62da3d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.sw.c4d753d.js
cdn.forms.office.net/forms/scripts/dists/ 		978 B
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.c4d753d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5b8cf759f4d7237f946863325e3352e7aea74a4abe5d233411774146691e63d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
vv1/MiNldrtujK4JFiAzMA==
content-length
502
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB301320524C4B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ded82fbe-001e-0060-7009-62ecdb000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.fluent.400d486.js
cdn.forms.office.net/forms/scripts/dists/ 		208 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.fluent.400d486.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
da7ca5ffa7a34d76b41a40c966ec7c01ada71a5dac0b6c52e28e16a11f327500

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
YIfnljFLQmPZcSZ2qVzIzQ==
content-length
57986
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB30131FF87988
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9eb67724-701e-006f-6219-62012d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.lrp_template.4e2e7b1.js
cdn.forms.office.net/forms/scripts/dists/ 		0
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_template.4e2e7b1.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
0NXQNY0cxPFZ7L3ZUUT0DA==
content-length
15487
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB301320524C4B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
68b0acf3-b01e-0072-6809-62d8c7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.try_dv.20b557b.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.try_dv.20b557b.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
9VVchEDaWLkPlvcPg7cPrA==
content-length
1701
x-ms-lease-status
unlocked
last-modified
Wed, 08 Mar 2023 04:45:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB1F8FF216F9CE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dba28c2b-501e-001e-0d86-517314000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
light-response-page.chunk.1ds.a62f923.js
cdn.forms.office.net/forms/scripts/dists/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a62f923.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
536ef3c34c432017e190a83a369409e89b542c4bb974504ff61b294edd9bef90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
jBltzj0Rg2nwg9lhivUsLA==
content-length
33756
x-ms-lease-status
unlocked
last-modified
Tue, 21 Mar 2023 07:24:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB29DD4E883341
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4066f761-301e-002c-68ce-5b2bc4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
ls-response.en-us.46a8d9471.js
cdn.forms.office.net/forms/scripts/dists/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.en-us.46a8d9471.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0ce977054f281e69d5bfbb7a73c6af23418e218f2cfa27e2db3d846a6b0e0e6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
N7klbUhQfPqtrELs+ZGJQg==
content-length
8410
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB301323DC00A3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ded82947-001e-0060-6709-62ecdb000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CAD48E9269FE49C58B328FE79C574939&RedC=c.office.com&MXFR=31794116AE16660B2B3153F2AA166D96
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=CAD48E9269FE49C58B328FE79C574939&MUID=31794116AE16660B2B3153F2AA166D96
42 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=CAD48E9269FE49C58B328FE79C574939&MUID=31794116AE16660B2B3153F2AA166D96
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 08:20:07 GMT
last-modified
Thu, 16 Mar 2023 17:16:22 GMT
server
Microsoft-IIS/10.0
etag
"c4b6d572b58d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 30 Mar 2023 08:20:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 12F67E39851A401D8C3FB2FA46CF036C Ref B: FRAEDGE1209 Ref C: 2023-03-30T08:20:07Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=CAD48E9269FE49C58B328FE79C574939&MUID=31794116AE16660B2B3153F2AA166D96
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
3ddd1b43-0ed3-4351-8203-660669bc7edf
lists.office.com/Images/972d6f5e-124b-46f8-bbb1-64519eac4760/15386ae6-da7c-40e7-95a2-054fb87a17e5/TCU2EL9O96ELTEF3TNHH3J1I5S/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/972d6f5e-124b-46f8-bbb1-64519eac4760/15386ae6-da7c-40e7-95a2-054fb87a17e5/TCU2EL9O96ELTEF3TNHH3J1I5S/3ddd1b43-0ed3-4351-8203-660669bc7edf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.108 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3806a0d3b50a9c0b9dc366023af3b46af3bce3ed8fb9a78fe59869f31e7aba04
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 08:20:06 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.16321.42101
content-type
image/jpeg
x-routingcorrelationid
e9b70b81-07de-48a5-8f4c-5c763b7cba08
cache-control
no-cache
x-routingsessionid
0465bfbb-d0f9-4a80-b5ec-83529ce0edf6
x-hivering
3
x-routingofficecluster
weu-101.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_0
expires
-1
light-response-page.chunk.lrp_trial.05fd167.js
cdn.forms.office.net/forms/scripts/dists/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_trial.05fd167.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.23a3c42.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
content-md5
zvdS1ueSoWxvM0f+rdNS8g==
content-length
15362
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 05:04:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB301320530F8B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a17de07b-501e-0051-3a09-62b70c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		179 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.04a5269.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 08:20:06 GMT
content-encoding
br
x-azure-ref-originshield
0CUQlZAAAAAB51wMekcS4QLBexmU+4YGhRlJBMjMxMDUwNDE4MDMzAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
b+j9g6sJxD1l0IIs+rjbCw==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.2.9
last-modified
Tue, 21 Feb 2023 18:33:42 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.9.min.js
etag
0x8DB143A28B32497
x-azure-ref
0NkYlZAAAAABN1jIc2agjRIZQ8feVv825RlJBMzFFREdFMDQxNQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3971a23b-d01e-009f-0bdc-62f6e3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
eb9a3b33-71ea-4d4a-9e46-452e26c829e5
lists.office.com/Images/972d6f5e-124b-46f8-bbb1-64519eac4760/15386ae6-da7c-40e7-95a2-054fb87a17e5/TCU2EL9O96ELTEF3TNHH3J1I5S/ 		837 KB
839 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/972d6f5e-124b-46f8-bbb1-64519eac4760/15386ae6-da7c-40e7-95a2-054fb87a17e5/TCU2EL9O96ELTEF3TNHH3J1I5S/eb9a3b33-71ea-4d4a-9e46-452e26c829e5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.108 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
046988e0330bf558e3d8b25a42b92e730e76ff3814460a4cdf68045e56acd32b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Mar 2023 08:20:06 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.16321.42101
content-type
image/jpeg
x-routingcorrelationid
53dd2c02-5064-4389-932c-eb70b324461b
cache-control
no-cache
x-routingsessionid
c5e6cee0-7a2f-4a5f-8ed1-53a4a593bf19
x-hivering
3
x-routingofficecluster
weu-101.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_0
expires
-1
fluent-hybrid-icons-d54cb751.woff
cdn.forms.office.net/forms/fonts/light/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/fonts/light/fluent-hybrid-icons-d54cb751.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52d8 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7f77c691d669fc94853c14f76de8c2665411c899c168e4655a4215d296de8c3b

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:06 GMT
content-md5
/Gpiei0dQQsFHAGSgYDTDw==
content-length
1964
x-ms-lease-status
unlocked
last-modified
Fri, 30 Dec 2022 04:47:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAEA20EE049B8A
content-type
application/x-font-woff
access-control-allow-origin
*
x-ms-request-id
37e60bc3-c01e-0032-7b12-1ff129000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:20:06 GMT
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.46.142 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-46-142.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 30 Mar 2023 08:20:07 GMT
last-modified
Thu, 02 Nov 2017 17:22:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D522163B704E10
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
304ce97f-901e-0095-691b-bb6e98000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=13947239
x-ms-version
2009-09-19
content-length
36344
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.27 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
4443f252cbd0ecc87ce34df8bae6761217c886d5f330bc1c63e7572ef05403fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1680164408169
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Mar 2023 08:20:08 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
702
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.27 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Thu, 30 Mar 2023 08:20:08 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.27 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e76800eb071506dbc851d088d6d0e49fe3ceed56de05a05a6eda02e48b765c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1680164409171
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
time-delta-to-apply-millis
702
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Mar 2023 08:20:08 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
184
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.27 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Thu, 30 Mar 2023 08:20:08 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a62f923.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.27 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
4af73f34947cec85a60980aebeeeebc2e2284c999a0cdab5a86cd990c2f963d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1680164409272
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Mar 2023 08:20:08 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
177
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.27 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Thu, 30 Mar 2023 08:20:08 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap boolean| __COMPAT_PREACT_FOCUSZONE__ object| __globalSettings__ object| __themeState__ object| __packages__ number| __currentId__ object| __dynProto$Gbl object| e function| t object| oneDS object| awa

14 Cookies

Domain/Path Name / Value
forms.office.com/ Name: RpsAuthNonce
Value: 4b6c28d1-a4b7-42af-879f-30b6185c7648
.forms.office.com/ Name: RpsAuthNonce
Value: 4b6c28d1-a4b7-42af-879f-30b6185c7648
forms.office.com/ Name: __RequestVerificationToken
Value: VLZsnDhwomRFE5OVllQjT4eWz1uHvprH7lINdZAQ7cj7mR4h66m9wGfU6oEgPCqa2o4Gkfz8IawLqTB0WNSia9qGOf9KYbtAfNdiTw17k_U1
.office.com/ Name: MUID
Value: 31794116AE16660B2B3153F2AA166D96
forms.office.com/ Name: ai_session
Value: bQ+PFpsjZYvcIPd3rMv7cO|1680164407165|1680164407165
.bing.com/ Name: MUID
Value: 31794116AE16660B2B3153F2AA166D96
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 31794116AE16660B2B3153F2AA166D96
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=dc4cf32f08fb4a36b2c45479d1a7b289&HASH=dc4c&LV=202303&V=4&LU=1680164408871
.microsoft.com/ Name: MS0
Value: d51d7adc1c2c451a8670ee2cec0c7ab0
forms.office.com/ Name: MSFPC
Value: GUID=dc4cf32f08fb4a36b2c45479d1a7b289&HASH=dc4c&LV=202303&V=4&LU=1680164408871

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
js.monitor.azure.com
lists.office.com
static2.sharepointonline.com
t.sidekickopen10.com
13.89.178.27
23.222.46.142
2606:4700:4400::6812:2a5e
2620:1ec:4f:1::45
2620:1ec:a92::194
2620:1ec:c11::200
2a02:26f0:f3::5043:52d8
52.109.88.108
68.219.88.97
046988e0330bf558e3d8b25a42b92e730e76ff3814460a4cdf68045e56acd32b
095ddb875908f8ac9bf9face894e1a71490d630328ed31ff03685c3ff08bb563
0ce977054f281e69d5bfbb7a73c6af23418e218f2cfa27e2db3d846a6b0e0e6c
33377bc85c4fb4b52607b03e54a5abf6459fccf224271cf8d0c0cf71c6e554c3
3806a0d3b50a9c0b9dc366023af3b46af3bce3ed8fb9a78fe59869f31e7aba04
4443f252cbd0ecc87ce34df8bae6761217c886d5f330bc1c63e7572ef05403fd
4548120b97ed069350d429f9911f06b12962b19a5541b2a9d4362b25a7c9b240
4af73f34947cec85a60980aebeeeebc2e2284c999a0cdab5a86cd990c2f963d2
536ef3c34c432017e190a83a369409e89b542c4bb974504ff61b294edd9bef90
5b8cf759f4d7237f946863325e3352e7aea74a4abe5d233411774146691e63d8
624846f78e3636225754bc54db6eaf636a84d0cd652f50e6d439d601f53027c4
64ef4d307dde1cee9e3c68418fccde13d216b5f1488533be06d97ad52eb69e78
6977e5f2170fdc4295c09a7e77ab5447877800044307af43b68fd3171ea13d98
73945ff9b7383e19b288c278aa5cf82843c874eb3111867a4c3c9b23b19acc94
7f77c691d669fc94853c14f76de8c2665411c899c168e4655a4215d296de8c3b
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
ba543bb28a4970e4a630dfe8fa241e192acffc2d99412cb34f98b96ce2dc69c2
d093c11793b57f171120cc0301d8e1a59c7a8166b83a70de9cea1f19cc19bca4
da7ca5ffa7a34d76b41a40c966ec7c01ada71a5dac0b6c52e28e16a11f327500
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749
e76800eb071506dbc851d088d6d0e49fe3ceed56de05a05a6eda02e48b765c5c
f5b3357a4fede6b9efca16297ba3ecece384f01292504eb9712fd11cd3445992