urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s2.bl-1.com/h/dsH7Drmm?url=https://forms.office.com/r/CwUtaRLRXy
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlER...
Submission: On March 20 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 17 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 5772.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.43.106.36 16509 (AMAZON-02)
1 3 2620:1ec:a92:... 8068 (MICROSOFT...)
12 2a02:26f0:470... 20940 (AKAMAI-ASN1)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 20.42.73.27 ()
17 4
1    52.43.106.36 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-106-36.us-west-2.compute.amazonaws.com
s2.bl-1.com
3    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
12    2a02:26f0:4700::210:2c0 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    20.42.73.27 (None, )

ASN- ()
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
12 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8147
346 KB
5 office.com
forms.office.com — Cisco Umbrella Rank: 5772
c.office.com — Cisco Umbrella Rank: 22718
20 KB
2 microsoft.com
browser.events.data.microsoft.com
1 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 240
735 B
1 bl-1.com
s2.bl-1.com — Cisco Umbrella Rank: 20512
962 B
17 5
Domain Requested by
12 cdn.forms.office.net forms.office.com
cdn.forms.office.net
3 forms.office.com 1 redirects forms.office.com
2 browser.events.data.microsoft.com cdn.forms.office.net
2 c.office.com 1 redirects
1 c.bing.com 1 redirects
1 s2.bl-1.com 1 redirects
17 6

This site contains no links.

Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2022-07-20 -
2023-07-15		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-03-08 -
2024-03-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u
Frame ID: BBDC8B8E9EF8B8A64F3585A7BDA6AF7A
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft Forms

Page URL History Show full URLs

  1. https://s2.bl-1.com/h/dsH7Drmm?url=https://forms.office.com/r/CwUtaRLRXy HTTP 302
    https://forms.office.com/r/CwUtaRLRXy HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1T... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

17
Requests

94 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

366 kB
Transfer

851 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s2.bl-1.com/h/dsH7Drmm?url=https://forms.office.com/r/CwUtaRLRXy HTTP 302
    https://forms.office.com/r/CwUtaRLRXy HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=24F8BF13520D497E8F2410A547738552&RedC=c.office.com&MXFR=20202478172B650127EC36A2132B6E53 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=24F8BF13520D497E8F2410A547738552&MUID=20202478172B650127EC36A2132B6E53

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://s2.bl-1.com/h/dsH7Drmm?url=https://forms.office.com/r/CwUtaRLRXy
  • https://forms.office.com/r/CwUtaRLRXy
  • https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u
58 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4d5e41442cde484e1e86b3d2ed42336e78b4bce352a25c4eead3e3e17f487312
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 20 Mar 2023 06:27:26 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
3d8550f2-33fb-4b9a-97f8-ea1309e0a78e
x-msedge-ref
Ref A: A64C599BB9B54856A8D2F7B45B499A7A Ref B: AMS231032606023 Ref C: 2023-03-20T06:27:25Z
x-officecluster
weu-101.forms.office.com
x-officefe
FormsSingleBox_IN_3
x-officeversion
16.0.16313.42051
x-robots-tag
noindex, nofollow
x-routingcorrelationid
3d8550f2-33fb-4b9a-97f8-ea1309e0a78e
x-routingofficecluster
weu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_3
x-routingofficeversion
16.0.16313.42051
x-routingsessionid
7f534c00-49b4-468e-8cf7-e6032bd1acf1
x-usersessionid
7f534c00-49b4-468e-8cf7-e6032bd1acf1

Redirect headers

cache-control
no-cache
content-length
0
date
Mon, 20 Mar 2023 06:27:24 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
a5965e85-1175-47bb-8d2b-d67204562748
x-msedge-ref
Ref A: BCD020826B2042BE8D8C46BDFCB51B6B Ref B: AMS231032606023 Ref C: 2023-03-20T06:27:25Z
x-officecluster
eus2-101.forms.office.com
x-officefe
FormIntelligenceService_IN_3
x-officeversion
16.0.16313.42051
x-usersessionid
a5965e85-1175-47bb-8d2b-d67204562748
ls-response.de.816165522.js
cdn.forms.office.net/forms/scripts/dists/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.816165522.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3404b88362934f8c5c8d0aae0661f9c2ef03312e3c0554513ddbf1339b4edb86

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 06:27:27 GMT
content-encoding
br
content-md5
FLO+tZsVzP3muQuenCsB3A==
content-length
10598
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E31D5880B8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
20fcd148-501e-0051-03d6-57b70c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 19 Mar 2024 06:27:27 GMT
light-response-page.min.4fec861.css
cdn.forms.office.net/forms/css/dist/ 		100 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.4fec861.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d093c11793b57f171120cc0301d8e1a59c7a8166b83a70de9cea1f19cc19bca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 06:27:27 GMT
content-encoding
br
content-md5
q5Y1IvqHNkv1K4ujdPfLgA==
content-length
18147
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E2FD35D1C6
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d1b48bc7-c01e-005f-3ad6-575b07000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 19 Mar 2024 06:27:27 GMT
light-response-page.min.4cd6e39.js
cdn.forms.office.net/forms/scripts/dists/ 		360 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.4cd6e39.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
355a8c437865b674a029cc9ea9f7e743daab42ce1103f3c1775bcd2022ee994b

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 06:27:27 GMT
content-encoding
br
content-md5
b6GpSfaS7kKvCwUSEBaphg==
content-length
102647
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E3199EA43F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f1ac472a-e01e-006a-14d6-57f552000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 19 Mar 2024 06:27:27 GMT
runtimeFormsWithResponses('5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u')
forms.office.com/formapi/api/ce56fae6-055d-4c9f-b6c9-9d341506a491/users/7d7a2f21-c5de-4408-bbd8-17e97ee16596/light/ 		97 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/ce56fae6-055d-4c9f-b6c9-9d341506a491/users/7d7a2f21-c5de-4408-bbd8-17e97ee16596/light/runtimeFormsWithResponses('5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
804afd34b6a457c1e712bb336ef8c02babeaf7931973e0e733fa6399ac25eadb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u
X-UserSessionId
7f534c00-49b4-468e-8cf7-e6032bd1acf1
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
CW2YXR51o0j-sIcroyQ7U6RkItO1ZMqcRCxI1NRE7X-sQHBKmdtS-OP3yIR1weapcllgVY4RLx1jd0GIoGOQYQNY0DBkMxL2wsDJpCBMXiA1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Mon, 20 Mar 2023 06:27:29 GMT
x-officeversion
16.0.16315.42053
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_5
x-routingofficeversion
16.0.16315.42053
x-correlationid
c29faaa2-1d68-4e6b-81cb-ae00091dd8bc
x-officecluster
weu-100.forms.office.com
x-usersessionid
7f534c00-49b4-468e-8cf7-e6032bd1acf1
x-msedge-ref
Ref A: 6F69D681E8C1420C8AFD492162C9269B Ref B: AMS231032606023 Ref C: 2023-03-20T06:27:27Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
c29faaa2-1d68-4e6b-81cb-ae00091dd8bc
x-routingsessionid
7f534c00-49b4-468e-8cf7-e6032bd1acf1
x-robots-tag
noindex, nofollow
x-routingofficecluster
weu-100.forms.office.com
light-response-page.chunk.lrp_ext.9a53ffa.js
cdn.forms.office.net/forms/scripts/dists/ 		0
64 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.9a53ffa.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.4cd6e39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 06:27:27 GMT
content-encoding
br
content-md5
/czQwvxD6Es5pwTgEyoP9A==
content-length
64506
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E319788483
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9e27e7fd-001e-000d-32d6-5746f5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 19 Mar 2024 06:27:27 GMT
light-response-page.chunk.lrp_cover.cd948b0.js
cdn.forms.office.net/forms/scripts/dists/ 		0
30 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.cd948b0.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.4cd6e39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 06:27:27 GMT
content-encoding
br
content-md5
H7eoB6qAKBTUmpT7bO3asQ==
content-length
30118
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E31976FE1C
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
eb7eeeb3-001e-0042-18d6-5782ed000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 19 Mar 2024 06:27:27 GMT
light-response-page.chunk.lrp_saveresponse.ec14b64.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.ec14b64.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.4cd6e39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 06:27:27 GMT
content-encoding
br
content-md5
bcD/tXrQuleeI6BF1299tQ==
content-length
4295
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E319759ECB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
86872d01-f01e-0075-06d6-572e42000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 19 Mar 2024 06:27:27 GMT
light-response-page.chunk.lrp_trial.0b8fe6e.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_trial.0b8fe6e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.4cd6e39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 06:27:27 GMT
content-encoding
br
content-md5
MY6Ppr9zKGWFUZ+7Rg0yKg==
content-length
1462
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E31975C5CE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
179be67d-301e-0063-6cd6-57efdc000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 19 Mar 2024 06:27:27 GMT
light-response-page.chunk.lrp_post.boot.951792d.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.951792d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.4cd6e39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 06:27:27 GMT
content-encoding
br
content-md5
qCpo72AerTYtn3XUFSwE2Q==
content-length
4343
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E319759ECB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d1b49401-c01e-005f-24d6-575b07000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 19 Mar 2024 06:27:27 GMT
light-response-page.chunk.lrp_ext.9a53ffa.js
cdn.forms.office.net/forms/scripts/dists/ 		208 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.9a53ffa.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.4cd6e39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b7e3068f82665a9520d2b2fdfbe753686e1aaeb13cbdcce3634ca360d0226333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 06:27:30 GMT
content-encoding
br
content-md5
/czQwvxD6Es5pwTgEyoP9A==
content-length
64506
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E319788483
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9e27e7fd-001e-000d-32d6-5746f5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 19 Mar 2024 06:27:30 GMT
light-response-page.chunk.lrp_template.24ec091.js
cdn.forms.office.net/forms/scripts/dists/ 		0
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_template.24ec091.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.4cd6e39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 06:27:30 GMT
content-encoding
br
content-md5
Sk5DL+r2Rjy6KqbhWKqOow==
content-length
15964
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E31975C5CE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d6a87ebc-901e-0008-76d6-57b28a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 19 Mar 2024 06:27:30 GMT
light-response-page.chunk.try_dv.20b557b.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.try_dv.20b557b.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.4cd6e39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 06:27:30 GMT
content-encoding
br
content-md5
9VVchEDaWLkPlvcPg7cPrA==
content-length
1701
x-ms-lease-status
unlocked
last-modified
Wed, 08 Mar 2023 04:45:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB1F8FF216F9CE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7d488f2c-a01e-0000-6786-51a9f9000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 19 Mar 2024 06:27:30 GMT
light-response-page.chunk.1ds.32bf351.js
cdn.forms.office.net/forms/scripts/dists/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.32bf351.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.4cd6e39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2c0 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4e12170373129f30ad1a9fe96a0b7c90d924a11e41b3aa590fa508bbb2488d5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Mar 2023 06:27:30 GMT
content-encoding
br
content-md5
sVBurRBLyLNls3nBX6ozVQ==
content-length
30183
x-ms-lease-status
unlocked
last-modified
Fri, 03 Mar 2023 05:34:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB1BA8F8D72684
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
619340a6-101e-0056-67a1-4d4189000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 19 Mar 2024 06:27:30 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=24F8BF13520D497E8F2410A547738552&RedC=c.office.com&MXFR=20202478172B650127EC36A2132B6E53
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=24F8BF13520D497E8F2410A547738552&MUID=20202478172B650127EC36A2132B6E53
42 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=24F8BF13520D497E8F2410A547738552&MUID=20202478172B650127EC36A2132B6E53
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Mar 2023 06:27:29 GMT
last-modified
Thu, 16 Mar 2023 17:16:22 GMT
server
Microsoft-IIS/10.0
etag
"c4b6d572b58d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 20 Mar 2023 06:27:30 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E53137CDCD7C49C0B10423623495345B Ref B: FRAEDGE2015 Ref C: 2023-03-20T06:27:30Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=24F8BF13520D497E8F2410A547738552&MUID=20202478172B650127EC36A2132B6E53
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.32bf351.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.27 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
b71770268f8876ff3a648dcd1ff4daabb8999876f4769a86fd8daf4ae857c596
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1679293650838
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 20 Mar 2023 06:27:31 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
806
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.27 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Mon, 20 Mar 2023 06:27:30 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap

11 Cookies

Domain/Path Name / Value
s2.bl-1.com/ Name: f7bd4d4b8c98a805fa4ea6f99c7461f2
Value: 4756b310-c6e8-11ed-86f4-4f4450b53188
forms.office.com/ Name: RpsAuthNonce
Value: 58e2c5f7-a166-4c79-a067-dea90a986eda
.forms.office.com/ Name: RpsAuthNonce
Value: 58e2c5f7-a166-4c79-a067-dea90a986eda
forms.office.com/ Name: __RequestVerificationToken
Value: raOsU6Qa-sSshEcRtoXy1AQE14--mIryehafYHbGc1jqHk-jTdRby4d0WAQAZwwP2tNNgxclAM28AnPh4Js5vwFLTa-VXIqJMLA0_jS8vIM1
.office.com/ Name: MUID
Value: 20202478172B650127EC36A2132B6E53
.bing.com/ Name: MUID
Value: 20202478172B650127EC36A2132B6E53
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 20202478172B650127EC36A2132B6E53
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://forms.office.com/formapi/api/ce56fae6-055d-4c9f-b6c9-9d341506a491/users/7d7a2f21-c5de-4408-bbd8-17e97ee16596/light/runtimeFormsWithResponses('5vpWzl0Fn0y2yZ00FQakkSEven3exQhEu9gX6X7hZZZURjA1TkVQWVUySlJWQzFIQUlERFZFQ0ZSQi4u')?$expand=questions($expand=choices)
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains