urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://d2qxzp04.na1.hubspotlinksfree.com/Ctc/UB+113/d2qxZP04/MW3fjNJq1jzW40d2p12bsrfKW15bp5B4ZdvM4N4WpFg93lSbNV1-WJV7CgQvTW5zHSZQ7c8gKbW8...
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXM...
Submission Tags: falconsandbox
Submission: On April 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 29 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 6969.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on March 23rd 2023. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 2620:1ec:a92:... 8068 (MICROSOFT...)
20 2a02:26f0:f3:... 20940 (AKAMAI-ASN1)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 52.109.88.108 8075 (MICROSOFT...)
1 2620:1ec:4f:1... 8075 (MICROSOFT...)
29 7
2    2606:4700::6812:1130 (United States)

ASN13335 (CLOUDFLARENET, US)
d2qxzp04.na1.hubspotlinksfree.com
4    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
20    2a02:26f0:f3::5043:52eb (Glattbrugg, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    52.109.88.108 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
1    2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
Apex Domain
Subdomains		 Transfer
20 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 10307
571 KB
7 office.com
forms.office.com — Cisco Umbrella Rank: 6969
c.office.com — Cisco Umbrella Rank: 27892
lists.office.com — Cisco Umbrella Rank: 16542
87 KB
2 hubspotlinksfree.com
d2qxzp04.na1.hubspotlinksfree.com
3 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1869
77 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 252
742 B
0 microsoft.com Failed
browser.events.data.microsoft.com Failed
29 6
Domain Requested by
20 cdn.forms.office.net forms.office.com
cdn.forms.office.net
4 forms.office.com 1 redirects d2qxzp04.na1.hubspotlinksfree.com
forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects
2 d2qxzp04.na1.hubspotlinksfree.com 1 redirects
1 js.monitor.azure.com cdn.forms.office.net
1 lists.office.com
1 c.bing.com 1 redirects
0 browser.events.data.microsoft.com Failed js.monitor.azure.com
29 8

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
hubspotlinksfree.com
Cloudflare Inc ECC CA-3		 2022-05-17 -
2023-05-17		 a year crt.sh
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2023-03-23 -
2024-03-17		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
lists.office.com
Microsoft Azure TLS Issuing CA 05		 2023-01-11 -
2024-01-06		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2023-03-23 -
2024-03-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u&utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt_i9Y6p41dF9zrEC-gvr-y-eNSjtH9zo4Sgb_JeJRDvEsu6jy1lREoOpCzQWDvRtMpuDJlhWmpHo9g&utm_content=252394273&utm_source=hs_email
Frame ID: BAC6612160B46094B9A2F9E5CE7642D0
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PREMIOS SIETE 2023. Mejores personas, mejores empresas

Page URL History Show full URLs

  1. https://d2qxzp04.na1.hubspotlinksfree.com/Ctc/UB+113/d2qxZP04/MW3fjNJq1jzW40d2p12bsrfKW15bp5B4ZdvM4N4WpFg93lSbNV1-WJV7... Page URL
  2. https://d2qxzp04.na1.hubspotlinksfree.com/events/public/v1/encoded/track/tc/UB+113/d2qxZP04/MW3fjNJq1jzW40d2p12bsrfKW1... HTTP 307
    https://forms.office.com/r/4gwxxPTDfw?utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt... HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGN... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

29
Requests

90 %
HTTPS

71 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

736 kB
Transfer

1748 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://d2qxzp04.na1.hubspotlinksfree.com/Ctc/UB+113/d2qxZP04/MW3fjNJq1jzW40d2p12bsrfKW15bp5B4ZdvM4N4WpFg93lSbNV1-WJV7CgQvTW5zHSZQ7c8gKbW8G8kz81CjJC4W4WHvHr3qXK7jW2JqFgf4vtFngW7hvRYk3cYZmxW2kpVJw6vz5sWW87z7wM8jMvXSN7H3jJ3SZfcMW6hpdrw7K0MmCW4dCGj03MC3yYTHr9f6R6SpLW4CdZ_B2JzYTdW7tS-HZ6pzQ07W44SdWr2JjW2RW4p_YlZ5sdG7XW2SHyKd18gjMqW4s11cx5zV3-PW7-Wxy54f-85kN5R6mV28Q5t-W4bh1ss2k2ykjW2lwG5m8hCHp7W6ZZf7P7BwDgG32cr1 Page URL
  2. https://d2qxzp04.na1.hubspotlinksfree.com/events/public/v1/encoded/track/tc/UB+113/d2qxZP04/MW3fjNJq1jzW40d2p12bsrfKW15bp5B4ZdvM4N4WpFg93lSbNV1-WJV7CgQvTW5zHSZQ7c8gKbW8G8kz81CjJC4W4WHvHr3qXK7jW2JqFgf4vtFngW7hvRYk3cYZmxW2kpVJw6vz5sWW87z7wM8jMvXSN7H3jJ3SZfcMW6hpdrw7K0MmCW4dCGj03MC3yYTHr9f6R6SpLW4CdZ_B2JzYTdW7tS-HZ6pzQ07W44SdWr2JjW2RW4p_YlZ5sdG7XW2SHyKd18gjMqW4s11cx5zV3-PW7-Wxy54f-85kN5R6mV28Q5t-W4bh1ss2k2ykjW2lwG5m8hCHp7W6ZZf7P7BwDgG32cr1?_ud=59422c3c-616a-4ce9-9373-82a2d189d7b7&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://forms.office.com/r/4gwxxPTDfw?utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt_i9Y6p41dF9zrEC-gvr-y-eNSjtH9zo4Sgb_JeJRDvEsu6jy1lREoOpCzQWDvRtMpuDJlhWmpHo9g&utm_content=252394273&utm_source=hs_email HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u&utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt_i9Y6p41dF9zrEC-gvr-y-eNSjtH9zo4Sgb_JeJRDvEsu6jy1lREoOpCzQWDvRtMpuDJlhWmpHo9g&utm_content=252394273&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3C9ED5342E4E413BB784499FD6BA09A8&RedC=c.office.com&MXFR=3368431CF5F063DF246951EDF1F06894 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=3C9ED5342E4E413BB784499FD6BA09A8&MUID=3368431CF5F063DF246951EDF1F06894

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
MW3fjNJq1jzW40d2p12bsrfKW15bp5B4ZdvM4N4WpFg93lSbNV1-WJV7CgQvTW5zHSZQ7c8gKbW8G8kz81CjJC4W4WHvHr3qXK7jW2JqFgf4vtFngW7hvRYk3cYZmxW2kpVJw6vz5sWW87z7wM8jMvXSN7H3jJ3SZfcMW6hpdrw7K0MmCW4dCGj03MC3yYTHr9f6R...
d2qxzp04.na1.hubspotlinksfree.com/Ctc/UB+113/d2qxZP04/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2qxzp04.na1.hubspotlinksfree.com/Ctc/UB+113/d2qxZP04/MW3fjNJq1jzW40d2p12bsrfKW15bp5B4ZdvM4N4WpFg93lSbNV1-WJV7CgQvTW5zHSZQ7c8gKbW8G8kz81CjJC4W4WHvHr3qXK7jW2JqFgf4vtFngW7hvRYk3cYZmxW2kpVJw6vz5sWW87z7wM8jMvXSN7H3jJ3SZfcMW6hpdrw7K0MmCW4dCGj03MC3yYTHr9f6R6SpLW4CdZ_B2JzYTdW7tS-HZ6pzQ07W44SdWr2JjW2RW4p_YlZ5sdG7XW2SHyKd18gjMqW4s11cx5zV3-PW7-Wxy54f-85kN5R6mV28Q5t-W4bh1ss2k2ykjW2lwG5m8hCHp7W6ZZf7P7BwDgG32cr1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
7b6b0adf4dc39a1e-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Wed, 12 Apr 2023 11:13:52 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-hubspot-correlation-id
c6c607b2-f4cb-4bd1-8616-e900ab96ef0a
x-robots-tag
none
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://d2qxzp04.na1.hubspotlinksfree.com/events/public/v1/encoded/track/tc/UB+113/d2qxZP04/MW3fjNJq1jzW40d2p12bsrfKW15bp5B4ZdvM4N4WpFg93lSbNV1-WJV7CgQvTW5zHSZQ7c8gKbW8G8kz81CjJC4W4WHvHr3qXK7jW2JqF...
  • https://forms.office.com/r/4gwxxPTDfw?utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt_i9Y6p41dF9zrEC-gvr-y-eNSjtH9zo4Sgb_JeJRDvEsu6jy1lREoOpCzQWDvRtMpuDJlhWmpHo9g&utm_content=252394...
  • https://forms.office.com/pages/responsepage.aspx?id=3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u&utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt_...
59 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u&utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt_i9Y6p41dF9zrEC-gvr-y-eNSjtH9zo4Sgb_JeJRDvEsu6jy1lREoOpCzQWDvRtMpuDJlhWmpHo9g&utm_content=252394273&utm_source=hs_email
Requested by
Host: d2qxzp04.na1.hubspotlinksfree.com
URL: https://d2qxzp04.na1.hubspotlinksfree.com/Ctc/UB+113/d2qxZP04/MW3fjNJq1jzW40d2p12bsrfKW15bp5B4ZdvM4N4WpFg93lSbNV1-WJV7CgQvTW5zHSZQ7c8gKbW8G8kz81CjJC4W4WHvHr3qXK7jW2JqFgf4vtFngW7hvRYk3cYZmxW2kpVJw6vz5sWW87z7wM8jMvXSN7H3jJ3SZfcMW6hpdrw7K0MmCW4dCGj03MC3yYTHr9f6R6SpLW4CdZ_B2JzYTdW7tS-HZ6pzQ07W44SdWr2JjW2RW4p_YlZ5sdG7XW2SHyKd18gjMqW4s11cx5zV3-PW7-Wxy54f-85kN5R6mV28Q5t-W4bh1ss2k2ykjW2lwG5m8hCHp7W6ZZf7P7BwDgG32cr1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8cde51811750821cf230b1018e6f1697cf03ec2fc55c0e75556288692058cc6b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://d2qxzp04.na1.hubspotlinksfree.com/Ctc/UB+113/d2qxZP04/MW3fjNJq1jzW40d2p12bsrfKW15bp5B4ZdvM4N4WpFg93lSbNV1-WJV7CgQvTW5zHSZQ7c8gKbW8G8kz81CjJC4W4WHvHr3qXK7jW2JqFgf4vtFngW7hvRYk3cYZmxW2kpVJw6vz5sWW87z7wM8jMvXSN7H3jJ3SZfcMW6hpdrw7K0MmCW4dCGj03MC3yYTHr9f6R6SpLW4CdZ_B2JzYTdW7tS-HZ6pzQ07W44SdWr2JjW2RW4p_YlZ5sdG7XW2SHyKd18gjMqW4s11cx5zV3-PW7-Wxy54f-85kN5R6mV28Q5t-W4bh1ss2k2ykjW2lwG5m8hCHp7W6ZZf7P7BwDgG32cr1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 12 Apr 2023 11:13:55 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
bb50b46f-050f-42d1-97cc-cc05db8f6abc
x-msedge-ref
Ref A: 8417A4A8D7904E7AA93B3C239529DC3B Ref B: AMS231032605027 Ref C: 2023-04-12T11:13:53Z
x-officecluster
weu-100.forms.office.com
x-officefe
FormsSingleBox_IN_9
x-officeversion
16.0.16406.42054
x-robots-tag
noindex, nofollow
x-routingcorrelationid
bb50b46f-050f-42d1-97cc-cc05db8f6abc
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_9
x-routingofficeversion
16.0.16406.42054
x-routingsessionid
e1ce826e-e036-472e-a712-40cdcf8af706
x-usersessionid
e1ce826e-e036-472e-a712-40cdcf8af706

Redirect headers

cache-control
no-cache
content-length
0
date
Wed, 12 Apr 2023 11:13:53 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u&utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt_i9Y6p41dF9zrEC-gvr-y-eNSjtH9zo4Sgb_JeJRDvEsu6jy1lREoOpCzQWDvRtMpuDJlhWmpHo9g&utm_content=252394273&utm_source=hs_email
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
9fe280ef-8cf5-47ec-9c3d-8bbf8cdd4b74
x-msedge-ref
Ref A: E46D8FB91B9B4AEE85082DB8FDA632D1 Ref B: AMS231032605027 Ref C: 2023-04-12T11:13:53Z
x-officecluster
eus2-100.forms.office.com
x-officefe
FormIntelligenceService_IN_3
x-officeversion
16.0.16406.42054
x-usersessionid
9fe280ef-8cf5-47ec-9c3d-8bbf8cdd4b74
ls-response.de.fa94d5e03.js
cdn.forms.office.net/forms/scripts/dists/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.fa94d5e03.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u&utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt_i9Y6p41dF9zrEC-gvr-y-eNSjtH9zo4Sgb_JeJRDvEsu6jy1lREoOpCzQWDvRtMpuDJlhWmpHo9g&utm_content=252394273&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a448bc96fb55d34dd246730cf0af1ee8f3661399778d63d9d72120dda78d0785

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:55 GMT
content-encoding
br
content-md5
2OyuuAKPr/aJQbBBH7wZ+w==
content-length
10783
x-ms-lease-status
unlocked
last-modified
Thu, 06 Apr 2023 04:24:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3656CFB3D9C1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
54b25f15-e01e-0061-7a54-68ed26000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:55 GMT
light-response-page.min.4fec861.css
cdn.forms.office.net/forms/css/dist/ 		100 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.4fec861.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u&utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt_i9Y6p41dF9zrEC-gvr-y-eNSjtH9zo4Sgb_JeJRDvEsu6jy1lREoOpCzQWDvRtMpuDJlhWmpHo9g&utm_content=252394273&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d093c11793b57f171120cc0301d8e1a59c7a8166b83a70de9cea1f19cc19bca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:55 GMT
content-encoding
br
content-md5
q5Y1IvqHNkv1K4ujdPfLgA==
content-length
18147
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E2FD35D1C6
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
2f1eb335-001e-006b-30d6-57f4af000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:55 GMT
light-response-page.min.18fe95b.js
cdn.forms.office.net/forms/scripts/dists/ 		380 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u&utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt_i9Y6p41dF9zrEC-gvr-y-eNSjtH9zo4Sgb_JeJRDvEsu6jy1lREoOpCzQWDvRtMpuDJlhWmpHo9g&utm_content=252394273&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e93924f3f67df87f72ec6aa058c86c6aa5581101af52a69e623254dd805e671d

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:55 GMT
content-encoding
br
content-md5
b335rQ+6on6n/81XJ4dXhw==
content-length
107046
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BE2AE9AB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7890b3b9-001e-0024-3d37-6c30b7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:55 GMT
runtimeFormsWithResponses('3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u')
forms.office.com/formapi/api/0aa506dc-8e20-437a-af36-6329317f1771/users/da0bbd31-f488-4e78-9ec6-9d42760622e4/light/ 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/0aa506dc-8e20-437a-af36-6329317f1771/users/da0bbd31-f488-4e78-9ec6-9d42760622e4/light/runtimeFormsWithResponses('3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u&utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt_i9Y6p41dF9zrEC-gvr-y-eNSjtH9zo4Sgb_JeJRDvEsu6jy1lREoOpCzQWDvRtMpuDJlhWmpHo9g&utm_content=252394273&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c77474d80d23dc01c9d064fd33a731fdf8807dcb16c466856e0b28088038ef00
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u&utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt_i9Y6p41dF9zrEC-gvr-y-eNSjtH9zo4Sgb_JeJRDvEsu6jy1lREoOpCzQWDvRtMpuDJlhWmpHo9g&utm_content=252394273&utm_source=hs_email
X-UserSessionId
e1ce826e-e036-472e-a712-40cdcf8af706
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
iMs4obHL1HuM59M42EMIW7c3JK_6FhHcoc1uQspGUnYv40NgOaEQlMMDA3i6ad4vo2IHz8P8WUiO47VorfM4C04Oqk_ZegAXZujELpc5EX41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Wed, 12 Apr 2023 11:13:58 GMT
x-officeversion
16.0.16406.42054
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_11
x-routingofficeversion
16.0.16406.42054
x-correlationid
040d0f7f-f7c6-4fa8-8710-f7f81c49626d
x-officecluster
neu-100.forms.office.com
x-usersessionid
e1ce826e-e036-472e-a712-40cdcf8af706
x-msedge-ref
Ref A: 912F9BBAEBFE4814883D184321B89D1D Ref B: AMS231032605027 Ref C: 2023-04-12T11:13:55Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
040d0f7f-f7c6-4fa8-8710-f7f81c49626d
x-routingsessionid
e1ce826e-e036-472e-a712-40cdcf8af706
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com
light-response-page.chunk.lrp_ext.34e2b00.js
cdn.forms.office.net/forms/scripts/dists/ 		0
70 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.34e2b00.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:56 GMT
content-encoding
br
content-md5
pRjtsENi21m82piz3cIVLA==
content-length
71045
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BDD49995
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1d4ebe97-201e-0055-7838-6c428e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:56 GMT
light-response-page.chunk.lrp_cover.741adbe.js
cdn.forms.office.net/forms/scripts/dists/ 		0
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.741adbe.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:56 GMT
content-encoding
br
content-md5
lddq1Kmj9dSj65vRi/h+IA==
content-length
26956
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BDD1DAE0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1fc7a62d-b01e-003d-0b38-6c1cdf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:56 GMT
light-response-page.chunk.lrp_phishing.a1ea426.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.a1ea426.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:56 GMT
content-encoding
br
content-md5
pOBRWfAPlVardLvVFTjt/w==
content-length
2063
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BDF0CFCC
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6389bd61-001e-000d-1538-6c46f5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:56 GMT
light-response-page.chunk.lrp_saveresponse.59013b2.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.59013b2.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:56 GMT
content-encoding
br
content-md5
McuQ8HdCA7mGPzxhvV5Ang==
content-length
4849
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BDECB1B9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1530521a-401e-0023-7437-6cc632000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:56 GMT
light-response-page.chunk.lrp_post.boot.39c2ffb.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.39c2ffb.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:56 GMT
content-encoding
br
content-md5
r6lvpuLqDtyggMPCdALxbw==
content-length
5005
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BDEF7074
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
10d9e1a4-801e-0053-6637-6cb5f6000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:56 GMT
light-response-page.chunk.lrp_ext.34e2b00.js
cdn.forms.office.net/forms/scripts/dists/ 		230 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.34e2b00.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7496249e953ef6725cc612bef12f8da55b9de5e65f7848cec85febc30318796f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:58 GMT
content-encoding
br
content-md5
pRjtsENi21m82piz3cIVLA==
content-length
71045
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BDD49995
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1d4ebe97-201e-0055-7838-6c428e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:58 GMT
light-response-page.chunk.lrp_cover.741adbe.js
cdn.forms.office.net/forms/scripts/dists/ 		97 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.741adbe.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5ffeaaf659075641ccdcfeb98f29986ebfeeee1793bf840b22bda2fae3e2a4d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:58 GMT
content-encoding
br
content-md5
lddq1Kmj9dSj65vRi/h+IA==
content-length
26956
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BDD1DAE0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1fc7a62d-b01e-003d-0b38-6c1cdf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:58 GMT
light-response-page.chunk.lrp_saveresponse.59013b2.js
cdn.forms.office.net/forms/scripts/dists/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.59013b2.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bff945e2f26cf7bacb2ab9b6c442d5e66ca81051af33733ee4e61211c0cdb9f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:58 GMT
content-encoding
br
content-md5
McuQ8HdCA7mGPzxhvV5Ang==
content-length
4849
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BDECB1B9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1530521a-401e-0023-7437-6cc632000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:58 GMT
light-response-page.chunk.lrp_learningassistant.c8f26a7.js
cdn.forms.office.net/forms/scripts/dists/ 		443 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_learningassistant.c8f26a7.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bdc166d0718729fa7ed9d34234ed72912b63150f91078589f199d88ab91cb89d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:58 GMT
content-encoding
br
content-md5
EQtz5zCzsIn8s6N1t3kL4Q==
content-length
142123
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BDF3B585
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9fa164de-101e-0074-2737-6c2fbf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:58 GMT
light-response-page.chunk.lrp_post.boot.39c2ffb.js
cdn.forms.office.net/forms/scripts/dists/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.39c2ffb.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
075a8e6e655ef8f2c6cdef6bfc3968f63624256b92fd98e5c4208c76ab5242e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:58 GMT
content-encoding
br
content-md5
r6lvpuLqDtyggMPCdALxbw==
content-length
5005
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BDEF7074
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
10d9e1a4-801e-0053-6637-6cb5f6000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:58 GMT
light-response-page.chunk.lrp_poll.dcb6fa8.js
cdn.forms.office.net/forms/scripts/dists/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_poll.dcb6fa8.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ac72b11363ecf19e8799763703b4010ea0abc43925fdd235fa73dbdda28a798c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:58 GMT
content-encoding
br
content-md5
qkp10VU5pngWqFXaEMMwNg==
content-length
3850
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BDEF9779
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
71a15d00-901e-004c-7e38-6c6ee6000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:58 GMT
light-response-page.chunk.sw.98b4871.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.98b4871.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b8124e395fd1fa3f7e2f8a428b4fb21ab900aa34f2fbf0d59690b1a02734a111

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:58 GMT
content-encoding
br
content-md5
9RCH1YQJwoagf7rVYJ3jxg==
content-length
572
x-ms-lease-status
unlocked
last-modified
Mon, 03 Apr 2023 05:41:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB34060E2FE1F1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4893552c-a01e-0066-4cf8-651ba3000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:58 GMT
light-response-page.chunk.lrp_template.7f8aada.js
cdn.forms.office.net/forms/scripts/dists/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_template.7f8aada.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:58 GMT
content-encoding
br
content-md5
PkzKiYr8UH/oaW8OX2aA4Q==
content-length
15280
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BDEC159C
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e0f5dd24-b01e-0072-4038-6cd8c7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:58 GMT
light-response-page.chunk.try_dv.c774be8.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.try_dv.c774be8.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:58 GMT
content-encoding
br
content-md5
WWK4HWd9MXr1MlP3HgW+tA==
content-length
1749
x-ms-lease-status
unlocked
last-modified
Mon, 03 Apr 2023 05:41:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB34060E2FE1F1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3cfb0074-301e-002c-52f8-652bc4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:58 GMT
light-response-page.chunk.1ds.3356ffb.js
cdn.forms.office.net/forms/scripts/dists/ 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.3356ffb.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dc6faf40bb416398f2af907de9217302ad7f01c4e139c35867cd966b9ac8dcc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:58 GMT
content-encoding
br
content-md5
oquKF3duI3iFAr74cNcTow==
content-length
33851
x-ms-lease-status
unlocked
last-modified
Mon, 03 Apr 2023 05:41:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB34060DF15B75
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
50cf3a8e-201e-0077-14f8-652cb8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:58 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3C9ED5342E4E413BB784499FD6BA09A8&RedC=c.office.com&MXFR=3368431CF5F063DF246951EDF1F06894
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=3C9ED5342E4E413BB784499FD6BA09A8&MUID=3368431CF5F063DF246951EDF1F06894
42 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=3C9ED5342E4E413BB784499FD6BA09A8&MUID=3368431CF5F063DF246951EDF1F06894
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Apr 2023 11:13:58 GMT
last-modified
Thu, 16 Mar 2023 17:16:22 GMT
server
Microsoft-IIS/10.0
etag
"c4b6d572b58d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 12 Apr 2023 11:13:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5E3511584F4D4EA2AF79FB7FEE2165CE Ref B: FRAEDGE1921 Ref C: 2023-04-12T11:13:58Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=3C9ED5342E4E413BB784499FD6BA09A8&MUID=3368431CF5F063DF246951EDF1F06894
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
188a5855-f986-4da5-8276-0b8824ceff67
lists.office.com/Images/0aa506dc-8e20-437a-af36-6329317f1771/da0bbd31-f488-4e78-9ec6-9d42760622e4/T9SF5BSOPANPTE4YORW1OEOAUR/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/0aa506dc-8e20-437a-af36-6329317f1771/da0bbd31-f488-4e78-9ec6-9d42760622e4/T9SF5BSOPANPTE4YORW1OEOAUR/188a5855-f986-4da5-8276-0b8824ceff67
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.108 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac989490b9916076501d2669be4cac37276e2ec0437359a8fdb2b791ef14b570
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Apr 2023 11:13:58 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.16405.42100
content-type
image/png
x-routingcorrelationid
3acdfce8-0543-43fb-bfcd-b7f58e7bdb27
cache-control
no-cache
x-routingsessionid
fb678fb0-fd99-4ebe-b03c-91f3cb8ee21f
x-hivering
3
x-routingofficecluster
weu-101.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_0
expires
-1
'de'
forms.office.com/formapi/api/0aa506dc-8e20-437a-af36-6329317f1771/users/da0bbd31-f488-4e78-9ec6-9d42760622e4/forms('3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u'... 		2 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/0aa506dc-8e20-437a-af36-6329317f1771/users/da0bbd31-f488-4e78-9ec6-9d42760622e4/forms('3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u')/localeResource/'de'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.34e2b00.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
7410021d-2ff6-44dc-b2e1-599eba345e0a
x-usersessionid
e1ce826e-e036-472e-a712-40cdcf8af706
x-ms-form-request-ring
business
accept-language
de-DE,de;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=3AalCiCOekOvNmMpMX8XcTG9C9qI9HhOnsadQnYGIuRUOVNGNUJTT1BBTlBURTRZT1JXMU9FT0FVUi4u&utm_medium=email&_hsmi=252394273&_hsenc=p2ANqtz-_LVooK8bIJ-HSbt_i9Y6p41dF9zrEC-gvr-y-eNSjtH9zo4Sgb_JeJRDvEsu6jy1lREoOpCzQWDvRtMpuDJlhWmpHo9g&utm_content=252394273&utm_source=hs_email
x-ms-form-request-source
ms-formweb
__requestverificationtoken
iMs4obHL1HuM59M42EMIW7c3JK_6FhHcoc1uQspGUnYv40NgOaEQlMMDA3i6ad4vo2IHz8P8WUiO47VorfM4C04Oqk_ZegAXZujELpc5EX41

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Wed, 12 Apr 2023 11:13:58 GMT
x-officeversion
16.0.16406.42054
x-officefe
FormsSingleBox_IN_0
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_10
x-routingofficeversion
16.0.16406.42054
x-correlationid
7410021d-2ff6-44dc-b2e1-599eba345e0a
x-officecluster
neu-100.forms.office.com
x-usersessionid
e1ce826e-e036-472e-a712-40cdcf8af706
x-msedge-ref
Ref A: 83134150B7C045B9BD12414B242A594B Ref B: AMS231032605027 Ref C: 2023-04-12T11:13:58Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
7410021d-2ff6-44dc-b2e1-599eba345e0a
x-routingsessionid
e1ce826e-e036-472e-a712-40cdcf8af706
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com
light-response-page.chunk.lrp_trial.aa28344.js
cdn.forms.office.net/forms/scripts/dists/ 		0
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_trial.aa28344.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.18fe95b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:58 GMT
content-encoding
br
content-md5
IiC3rlD1+H25oXV3Ke7Mgg==
content-length
21694
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 03:56:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3A40BDEB2B55
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
babc87e2-701e-0064-5238-6c1959000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:58 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		179 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.39c2ffb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 11:13:58 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.9
last-modified
Tue, 21 Feb 2023 18:33:42 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.9.min.js
vary
Accept-Encoding
x-azure-ref
20230412T111358Z-wm085tycvd3d760px9289a38r000000005zg00000001683w
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e5793545-101e-003b-7dbe-659c8d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
wave-pattern-v1.svg
cdn.forms.office.net/forms/images/aio/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/aio/wave-pattern-v1.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f3::5043:52eb Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 12 Apr 2023 11:13:58 GMT
content-md5
3xzT8tqu5fYpwQ+8YJysNQ==
content-length
1795
x-ms-lease-status
unlocked
last-modified
Fri, 23 Dec 2022 04:36:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE49F429D278D
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e7038f12-901e-004c-4de5-186ee6000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 11 Apr 2024 11:13:58 GMT
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl object| e function| t object| oneDS object| awa

11 Cookies

Domain/Path Name / Value
forms.office.com/ Name: RpsAuthNonce
Value: 92395381-a9d4-4859-a0e4-bcca0630b51d
.forms.office.com/ Name: RpsAuthNonce
Value: 92395381-a9d4-4859-a0e4-bcca0630b51d
forms.office.com/ Name: __RequestVerificationToken
Value: Tjn2Sb_AnMJp3GqH6rzSANhDK5OpdJ2Aj0N8GYSEepm8uvY1gjA6Ph3VOMAMvwC7rfAUB4Dtkq9rSnM8OXAgqBbEOdS7h0BapxXsBsNc2jY1
.office.com/ Name: MUID
Value: 3368431CF5F063DF246951EDF1F06894
forms.office.com/ Name: ai_session
Value: AbjPWBvam2R/XX6IDYKICg|1681298038929|1681298038929
.bing.com/ Name: MUID
Value: 3368431CF5F063DF246951EDF1F06894
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 3368431CF5F063DF246951EDF1F06894
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
d2qxzp04.na1.hubspotlinksfree.com
forms.office.com
js.monitor.azure.com
lists.office.com
browser.events.data.microsoft.com
2606:4700::6812:1130
2620:1ec:4f:1::45
2620:1ec:a92::194
2620:1ec:c11::200
2a02:26f0:f3::5043:52eb
52.109.88.108
68.219.88.97
075a8e6e655ef8f2c6cdef6bfc3968f63624256b92fd98e5c4208c76ab5242e7
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5ffeaaf659075641ccdcfeb98f29986ebfeeee1793bf840b22bda2fae3e2a4d0
7496249e953ef6725cc612bef12f8da55b9de5e65f7848cec85febc30318796f
8cde51811750821cf230b1018e6f1697cf03ec2fc55c0e75556288692058cc6b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a448bc96fb55d34dd246730cf0af1ee8f3661399778d63d9d72120dda78d0785
ac72b11363ecf19e8799763703b4010ea0abc43925fdd235fa73dbdda28a798c
ac989490b9916076501d2669be4cac37276e2ec0437359a8fdb2b791ef14b570
b8124e395fd1fa3f7e2f8a428b4fb21ab900aa34f2fbf0d59690b1a02734a111
bdc166d0718729fa7ed9d34234ed72912b63150f91078589f199d88ab91cb89d
bff945e2f26cf7bacb2ab9b6c442d5e66ca81051af33733ee4e61211c0cdb9f9
c04bc4ee3d822b90ba1a8562df69fc44e199e8e36d2fdad3f3787fcf9c5163dd
c77474d80d23dc01c9d064fd33a731fdf8807dcb16c466856e0b28088038ef00
d093c11793b57f171120cc0301d8e1a59c7a8166b83a70de9cea1f19cc19bca4
dc6faf40bb416398f2af907de9217302ad7f01c4e139c35867cd966b9ac8dcc2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749
e93924f3f67df87f72ec6aa058c86c6aa5581101af52a69e623254dd805e671d