urlscan.io logo urlscan.io
SecurityTrails logo

record-bank.tf-nitic-iwate.com Open in urlscan Pro
157.112.187.10  Public Scan

Go To Rescan Add Verdict Report
URL: https://record-bank.tf-nitic-iwate.com/
Submission: On October 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 11 domains to perform 36 HTTP transactions. The main IP is 157.112.187.10, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is record-bank.tf-nitic-iwate.com.
TLS certificate: Issued by R3 on August 6th 2021. Valid for: 3 months.
This is the only time record-bank.tf-nitic-iwate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 157.112.187.10 131965 (XSERVER X...)
1 142.250.74.104 15169 (GOOGLE)
1 69.16.175.10 20446 (HIGHWINDS3)
1 104.16.19.94 13335 (CLOUDFLAR...)
1 104.18.11.207 13335 (CLOUDFLAR...)
3 13.107.6.194 8068 (MICROSOFT...)
1 142.250.74.206 15169 (GOOGLE)
16 2.16.107.96 20940 (AKAMAI-ASN1)
1 13.107.213.44 8068 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 13.107.21.200 8068 (MICROSOFT...)
36 11
7    157.112.187.10 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv9.star.ne.jp
record-bank.tf-nitic-iwate.com
tf-nitic-iwate.com
1    142.250.74.104 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f8.1e100.net
www.googletagmanager.com
1    69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net
code.jquery.com
1    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    13.107.6.194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
1    142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net
www.google-analytics.com
16    2.16.107.96 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-96.deploy.static.akamaitechnologies.com
cdn.forms.office.net
1    13.107.213.44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Domain Requested by
16 cdn.forms.office.net forms.office.com
cdn.forms.office.net
6 tf-nitic-iwate.com record-bank.tf-nitic-iwate.com
3 forms.office.com record-bank.tf-nitic-iwate.com
cdn.forms.office.net
2 c.office.com 1 redirects
1 c.bing.com 1 redirects
1 js.monitor.azure.com cdn.forms.office.net
1 www.google-analytics.com www.googletagmanager.com
1 maxcdn.bootstrapcdn.com record-bank.tf-nitic-iwate.com
1 cdnjs.cloudflare.com record-bank.tf-nitic-iwate.com
1 code.jquery.com record-bank.tf-nitic-iwate.com
1 www.googletagmanager.com record-bank.tf-nitic-iwate.com
1 record-bank.tf-nitic-iwate.com
0 browser.events.data.microsoft.com Failed js.monitor.azure.com
36 13
Subject Issuer Validity Valid
record-bank.tf-nitic-iwate.com
R3		 2021-08-06 -
2021-11-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.tf-nitic-iwate.com
R3		 2021-08-17 -
2021-11-15		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
forms.office.com
DigiCert Cloud Services CA-1		 2021-09-02 -
2022-09-01		 a year crt.sh
cdn.forms.office.net
Microsoft RSA TLS CA 01		 2020-10-19 -
2021-10-19		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2021-09-28 -
2022-09-23		 a year crt.sh
c.msn.com
Microsoft Azure TLS Issuing CA 02		 2021-06-27 -
2022-06-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://record-bank.tf-nitic-iwate.com/
Frame ID: BDB51EEFF7C4AD83D5DD4F7857557AFF
Requests: 12 HTTP requests in this frame

Frame: https://forms.office.com/Pages/ResponsePage.aspx?id=YOdfyhjHvUmTGx0DnNAG9NBDJNtNJj9JuW0M3Th3P0FUNDE5VElMVkpKQk41UDY1MEI5VzRNVUExNC4u&embed=true
Frame ID: 366E9D6470052CF4F4381774BB040E26
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Record-Bank View - 一関高専陸上競技部

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

92 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

11
IPs

5
Countries

487 kB
Transfer

1339 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=51C140AEBE224BE0B9DFEFF120031F28&RedC=c.office.com&MXFR=300F26E6805E6B053BF03621845E608C HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=51C140AEBE224BE0B9DFEFF120031F28&MUID=300F26E6805E6B053BF03621845E608C

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
record-bank.tf-nitic-iwate.com/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://record-bank.tf-nitic-iwate.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.10 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv9.star.ne.jp
Software
nginx /
Resource Hash
ae4566b3c86d112b1da058ceb5af39b93c069cc6352416fa11f6dcb5e6067a16

Request headers

:method
GET
:authority
record-bank.tf-nitic-iwate.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 05 Oct 2021 23:12:59 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding User-Agent
content-encoding
gzip
js
www.googletagmanager.com/gtag/ 		125 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R79571JSDS
Requested by
Host: record-bank.tf-nitic-iwate.com
URL: https://record-bank.tf-nitic-iwate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
951b657df8209596e30ad2abd0ef73e359ac1fddda88524efc79e8da64d0c338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://record-bank.tf-nitic-iwate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:13:00 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49878
x-xss-protection
0
expires
Tue, 05 Oct 2021 23:13:00 GMT
minilogo.png
tf-nitic-iwate.com/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-nitic-iwate.com/image/minilogo.png
Requested by
Host: record-bank.tf-nitic-iwate.com
URL: https://record-bank.tf-nitic-iwate.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.10 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv9.star.ne.jp
Software
nginx /
Resource Hash
0fcd70815f0bac083353992dc06b374fc66fa779bb2180c948cd5d10a3d0e7a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://record-bank.tf-nitic-iwate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:13:02 GMT
last-modified
Sun, 11 Dec 2016 10:07:28 GMT
server
nginx
etag
"10f5-5435f278c1800"
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
4341
Twitter_Social_Icon_Circle_Color.svg
tf-nitic-iwate.com/image/ 		1 KB
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-nitic-iwate.com/image/Twitter_Social_Icon_Circle_Color.svg
Requested by
Host: record-bank.tf-nitic-iwate.com
URL: https://record-bank.tf-nitic-iwate.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.10 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv9.star.ne.jp
Software
nginx /
Resource Hash
6a0ba7e38b8cce4ac154aedef12a88945ca9dd6eb93b3c50413f9b403d7bbe30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://record-bank.tf-nitic-iwate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:13:02 GMT
content-encoding
gzip
last-modified
Wed, 31 Oct 2018 11:56:02 GMT
server
nginx
etag
W/"467-57984fc793880"
vary
Accept-Encoding, User-Agent
content-type
image/svg+xml
cache-control
max-age=2592000, public
youtube_social_circle_red.png
tf-nitic-iwate.com/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-nitic-iwate.com/image/youtube_social_circle_red.png
Requested by
Host: record-bank.tf-nitic-iwate.com
URL: https://record-bank.tf-nitic-iwate.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.10 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv9.star.ne.jp
Software
nginx /
Resource Hash
73006c3710381128a9e52bcdfc0900e72530fd1b870b3ecf1acaaedbf780286c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://record-bank.tf-nitic-iwate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:13:02 GMT
last-modified
Wed, 31 Oct 2018 11:58:38 GMT
server
nginx
etag
"b13-5798505c59780"
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
2835
f_logo_RGB-Blue_58.png
tf-nitic-iwate.com/image/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-nitic-iwate.com/image/f_logo_RGB-Blue_58.png
Requested by
Host: record-bank.tf-nitic-iwate.com
URL: https://record-bank.tf-nitic-iwate.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.10 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv9.star.ne.jp
Software
nginx /
Resource Hash
055b86bac8b7e6902f4cce2ff8c77d055cb439f2f94e9c784c968a0f9a5fd7ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://record-bank.tf-nitic-iwate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:13:02 GMT
last-modified
Sat, 10 Oct 2020 02:53:50 GMT
server
nginx
etag
"9a1-5b1482cbe8b80"
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
2465
LINE_SOCIAL_Circle.png
tf-nitic-iwate.com/image/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tf-nitic-iwate.com/image/LINE_SOCIAL_Circle.png
Requested by
Host: record-bank.tf-nitic-iwate.com
URL: https://record-bank.tf-nitic-iwate.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.10 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv9.star.ne.jp
Software
nginx /
Resource Hash
ed48fac0897231a6a9e5702abb288242f01e636708e426bc0e8b0dc548ae5a3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://record-bank.tf-nitic-iwate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:13:02 GMT
last-modified
Sat, 10 Oct 2020 02:49:32 GMT
server
nginx
etag
"a7b3-5b1481d5dc700"
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
42931
bootstrap.min.css
tf-nitic-iwate.com/css/ 		138 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tf-nitic-iwate.com/css/bootstrap.min.css
Requested by
Host: record-bank.tf-nitic-iwate.com
URL: https://record-bank.tf-nitic-iwate.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.112.187.10 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv9.star.ne.jp
Software
nginx /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://record-bank.tf-nitic-iwate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:13:02 GMT
content-encoding
gzip
last-modified
Tue, 18 Sep 2018 08:24:00 GMT
server
nginx
etag
W/"22688-576210301c800"
vary
Accept-Encoding, User-Agent
content-type
text/css
cache-control
max-age=2592000, public
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: record-bank.tf-nitic-iwate.com
URL: https://record-bank.tf-nitic-iwate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer
https://record-bank.tf-nitic-iwate.com/
Origin
https://record-bank.tf-nitic-iwate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:13:00 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
etag
W/"58d026fb-10fdd"
vary
Accept-Encoding
x-hw
1633475580.dop226.fr8.t,1633475580.cds268.fr8.hn,1633475580.cds257.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
23856
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: record-bank.tf-nitic-iwate.com
URL: https://record-bank.tf-nitic-iwate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://record-bank.tf-nitic-iwate.com/
Origin
https://record-bank.tf-nitic-iwate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:13:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1049903
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6157
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SczYk%2BWe4RurqDlUwcTOKxSzs%2FlSdOmX7fqwqOipDh%2BgHdtM4qfaGw4VXwrOTmwi0%2BX7ru5OsrORSioGr5GtiHXma7aUQ9EXGTfTHh71gbaOUrz6Z9m3yOaFcZQDnhUC4arJBrJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
699a5687d92e2c56-FRA
expires
Sun, 25 Sep 2022 23:13:00 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: record-bank.tf-nitic-iwate.com
URL: https://record-bank.tf-nitic-iwate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://record-bank.tf-nitic-iwate.com/
Origin
https://record-bank.tf-nitic-iwate.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:13:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
601
access-control-allow-origin
*
cdn-cachedat
08/04/2021 00:04:37
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
4911f6f2e6509c01a61427ab9a9c6836
cf-ray
699a5687de090631-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ResponsePage.aspx
forms.office.com/Pages/ Frame 366E 		69 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=YOdfyhjHvUmTGx0DnNAG9NBDJNtNJj9JuW0M3Th3P0FUNDE5VElMVkpKQk41UDY1MEI5VzRNVUExNC4u&embed=true
Requested by
Host: record-bank.tf-nitic-iwate.com
URL: https://record-bank.tf-nitic-iwate.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e78e83c98f07eda293256497f22532f3baecd872540a1aab39a0010ae9c0926
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
forms.office.com
:scheme
https
:path
/Pages/ResponsePage.aspx?id=YOdfyhjHvUmTGx0DnNAG9NBDJNtNJj9JuW0M3Th3P0FUNDE5VElMVkpKQk41UDY1MEI5VzRNVUExNC4u&embed=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://record-bank.tf-nitic-iwate.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://record-bank.tf-nitic-iwate.com/

Response headers

cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
content-length
20286
content-type
text/html; charset=utf-8
content-encoding
br
expires
0
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1031&data=1031; expires=Wed, 05-Jan-2022 23:13:01 GMT; path=/; samesite=none; secure; HttpOnly FormsWebSessionId=1ead9f81-1774-4c4a-b715-fbefb08ac733; domain=forms.office.com; expires=Thu, 04-Nov-2021 23:13:01 GMT; path=/; samesite=none; secure; HttpOnly usenewauthrollout=True; domain=forms.office.com; expires=Thu, 04-Nov-2021 23:13:01 GMT; path=/; samesite=none; secure; HttpOnly usenewrpsauthrollout=True; domain=forms.office.com; expires=Thu, 04-Nov-2021 23:13:01 GMT; path=/; samesite=none; secure; HttpOnly __RequestVerificationToken=cSziS3B76Uul99YBWAPV8ziRg_ExXOmZB3sIWOwijmCINSvFB_lVRyCQhjvjs3c06VRMxJnENkKlAoNKkrk2Z7L1QqC4KTta6ep0f0CXcdw1; path=/; samesite=none; secure; HttpOnly
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficecluster
weu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_21
x-routingofficeversion
16.0.14524.33228
x-routingsessionid
c3c26f07-1352-4ea6-a63d-e4bf6fa0b44b
x-routingcorrelationid
be05d50b-117d-45ef-92b2-479a211a73e6
x-correlationid
be05d50b-117d-45ef-92b2-479a211a73e6
x-usersessionid
c3c26f07-1352-4ea6-a63d-e4bf6fa0b44b
x-officefe
FormsSingleBox_IN_21
x-officeversion
16.0.14524.33228
x-officecluster
weu-101.forms.office.com
x-failurereason
Unknown
x-robots-tag
noindex, nofollow
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 594536557F2246F79B2CC440CED431C0 Ref B: VIEEDGE2819 Ref C: 2021-10-05T23:13:00Z
date
Tue, 05 Oct 2021 23:13:03 GMT
collect
www.google-analytics.com/g/ 		0
378 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R79571JSDS&gtm=2oe9r0&_p=1804769836&sr=1600x1200&ul=en-us&cid=915892348.1633475580&_s=1&dl=https%3A%2F%2Frecord-bank.tf-nitic-iwate.com%2F&dt=Record-Bank%20View%20-%20%E4%B8%80%E9%96%A2%E9%AB%98%E5%B0%82%E9%99%B8%E4%B8%8A%E7%AB%B6%E6%8A%80%E9%83%A8&sid=1633475580&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R79571JSDS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://record-bank.tf-nitic-iwate.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:13:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://record-bank.tf-nitic-iwate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
light-response-page.min.0ec25d9.css
cdn.forms.office.net/forms/css/dist/ Frame 366E 		127 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.0ec25d9.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=YOdfyhjHvUmTGx0DnNAG9NBDJNtNJj9JuW0M3Th3P0FUNDE5VElMVkpKQk41UDY1MEI5VzRNVUExNC4u&embed=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3767d9e88eb48cd31ab4403666d8ecbf724d54eb3686a4921d67761138fe80d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:03 GMT
content-encoding
br
content-md5
ShD+CUX7BbKiXM+YOlAY+w==
content-length
21510
x-ms-lease-status
unlocked
last-modified
Sun, 26 Sep 2021 04:45:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D980A877365893
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f011a3f6-f01e-00e5-1594-b24623000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:03 GMT
light-response-page-integration-auth.min.f72df4c.js
cdn.forms.office.net/forms/scripts/dists/ Frame 366E 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page-integration-auth.min.f72df4c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=YOdfyhjHvUmTGx0DnNAG9NBDJNtNJj9JuW0M3Th3P0FUNDE5VElMVkpKQk41UDY1MEI5VzRNVUExNC4u&embed=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7bdd31d0758cfd08baf35272cea3f71c5ac292f6fdc8463b41fa00aee89ce6b5

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:03 GMT
content-encoding
br
content-md5
suubtH31I9ZOy4exgdRCvw==
content-length
6721
x-ms-lease-status
unlocked
last-modified
Thu, 23 Sep 2021 05:13:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D97E50D23647A1
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9d183e35-701e-005e-2e42-b0a7d7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:03 GMT
light-response-page.min.cb3c5fc.js
cdn.forms.office.net/forms/scripts/dists/ Frame 366E 		245 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cb3c5fc.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=YOdfyhjHvUmTGx0DnNAG9NBDJNtNJj9JuW0M3Th3P0FUNDE5VElMVkpKQk41UDY1MEI5VzRNVUExNC4u&embed=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
60590057bc47509088981e6b183f177579efee3987fb06f8aa09e07a5c787e5c

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:03 GMT
content-encoding
br
content-md5
7FvVFwBxXhKXopdEiU0DmQ==
content-length
71383
x-ms-lease-status
unlocked
last-modified
Sun, 26 Sep 2021 04:46:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D980A890E1730A
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7d5d1f84-501e-000d-7f94-b2bbd8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:03 GMT
light-response-page.chunk.prefetch.4a8110bf.js
cdn.forms.office.net/forms/scripts/dists/ Frame 366E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.prefetch.4a8110bf.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cb3c5fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
04df6786946c9ff7b31b9254e382debf6e0e98dd1a3aeac53c56a606eeed98c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:03 GMT
content-encoding
br
content-md5
CISlL2cRCwn3cvWdW2D4mw==
content-length
1045
x-ms-lease-status
unlocked
last-modified
Sun, 26 Sep 2021 04:46:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D980A890CC3988
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
406425d4-a01e-0135-30ad-b2bcd4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:03 GMT
light-response-page.chunk.828.e0e72f65.js
cdn.forms.office.net/forms/scripts/dists/ Frame 366E 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.828.e0e72f65.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cb3c5fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:03 GMT
content-encoding
br
content-md5
zxp4AML1p2rSAfANuPv6UQ==
content-length
8956
x-ms-lease-status
unlocked
last-modified
Sun, 26 Sep 2021 04:46:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D980A890A0B4D2
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4e951c65-e01e-00f1-6994-b28547000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:03 GMT
light-response-page.chunk.ext.c138f154.js
cdn.forms.office.net/forms/scripts/dists/ Frame 366E 		0
40 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.c138f154.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cb3c5fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:03 GMT
content-encoding
br
content-md5
tHpRmRuPmuFcb9kVTXTAhA==
content-length
40692
x-ms-lease-status
unlocked
last-modified
Sun, 26 Sep 2021 04:46:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D980A890A597B9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
17336672-201e-002b-0794-b2206c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:03 GMT
light-response-page.chunk.post.boot.d5a58038.js
cdn.forms.office.net/forms/scripts/dists/ Frame 366E 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.d5a58038.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cb3c5fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:03 GMT
content-encoding
br
content-md5
S3ZhB/ruPKRFcvajVhKcbA==
content-length
4145
x-ms-lease-status
unlocked
last-modified
Sun, 26 Sep 2021 04:46:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D980A890C6BA41
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e7e23ac4-801e-0040-4694-b27d3a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:03 GMT
runtimeFormsWithResponses('YOdfyhjHvUmTGx0DnNAG9NBDJNtNJj9JuW0M3Th3P0FUNDE5VElMVkpKQk41UDY1MEI5VzRNVUExNC4u')
forms.office.com/formapi/api/ca5fe760-c718-49bd-931b-1d039cd006f4/users/db2443d0-264d-493f-b96d-0cdd38773f41/light/ Frame 366E 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/ca5fe760-c718-49bd-931b-1d039cd006f4/users/db2443d0-264d-493f-b96d-0cdd38773f41/light/runtimeFormsWithResponses('YOdfyhjHvUmTGx0DnNAG9NBDJNtNJj9JuW0M3Th3P0FUNDE5VElMVkpKQk41UDY1MEI5VzRNVUExNC4u')?$expand=questions($expand=choices)
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.prefetch.4a8110bf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
649bf0722237592a2996a908d579d96928e8fd85bd4a5fa1912066d01b25790a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=YOdfyhjHvUmTGx0DnNAG9NBDJNtNJj9JuW0M3Th3P0FUNDE5VElMVkpKQk41UDY1MEI5VzRNVUExNC4u&embed=true
X-UserSessionId
c3c26f07-1352-4ea6-a63d-e4bf6fa0b44b
Accept-Language
de-DE,de;q=0.9
__RequestVerificationToken
eF0RU2gok8PqdkgqDvYIy-HeENr6jJG5V5NZwbr9mFOBF7er8chVL2Ox-C4yKKEmo_DKV58fGxsx2Sx1tMOJHLU1nLyoUYddr-Vo4icnZDU1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-officeversion
16.0.14524.33228
x-officefe
FormsSingleBox_IN_3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
1987
x-routingofficefe
FormsSingleBox_IN_0
pragma
no-cache
x-routingofficeversion
16.0.14524.33228
x-correlationid
495060d0-8e96-490e-a599-db317ece7e1f
x-officecluster
weu-100.forms.office.com
x-usersessionid
c3c26f07-1352-4ea6-a63d-e4bf6fa0b44b
x-powered-by
ASP.NET
date
Tue, 05 Oct 2021 23:13:05 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
495060d0-8e96-490e-a599-db317ece7e1f
cache-control
no-cache
x-failurereason
Unknown
x-routingsessionid
c3c26f07-1352-4ea6-a63d-e4bf6fa0b44b
x-msedge-ref
Ref A: 8CAA5B2FFBD4462298C73761CA0ECA80 Ref B: VIEEDGE2819 Ref C: 2021-10-05T23:13:03Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
weu-100.forms.office.com
expires
-1
ls-response.de-de.a24d4d0de.js
cdn.forms.office.net/forms/scripts/dists/ Frame 366E 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de-de.a24d4d0de.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cb3c5fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:13:03 GMT
content-encoding
br
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
26f69582-801e-00c8-643e-bac5e3000000
access-control-expose-headers
x-ms-request-id,x-ms-version
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
215
expires
Wed, 05 Oct 2022 23:13:03 GMT
ls-response.de.a24d4d0de.js
cdn.forms.office.net/forms/scripts/dists/ Frame 366E 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.a24d4d0de.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cb3c5fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0b91331579cc0d39a9b7b995749001733fe8ef84e36c932fd99640e4a41dd461

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:03 GMT
content-encoding
br
content-md5
2MmZ/L1jEI8Uge7O9eeoTw==
content-length
11706
x-ms-lease-status
unlocked
last-modified
Fri, 24 Sep 2021 05:53:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D97F1F91E934A3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fbf26954-101e-00e4-3010-b147de000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:03 GMT
ls-response.de-de.a24d4d0de.js
cdn.forms.office.net/forms/scripts/dists/ Frame 366E 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de-de.a24d4d0de.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cb3c5fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:13:06 GMT
content-encoding
br
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
26f69944-801e-00c8-5f3e-bac5e3000000
access-control-expose-headers
x-ms-request-id,x-ms-version
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
215
expires
Wed, 05 Oct 2022 23:13:06 GMT
light-response-page.chunk.828.e0e72f65.js
cdn.forms.office.net/forms/scripts/dists/ Frame 366E 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.828.e0e72f65.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cb3c5fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
63f4af2e20754ab559114da0a65a39f1449ce092051a7f009f01c8ae715c38a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:06 GMT
content-encoding
br
content-md5
zxp4AML1p2rSAfANuPv6UQ==
content-length
8956
x-ms-lease-status
unlocked
last-modified
Sun, 26 Sep 2021 04:46:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D980A890A0B4D2
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4e951c65-e01e-00f1-6994-b28547000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:06 GMT
light-response-page.chunk.ext.c138f154.js
cdn.forms.office.net/forms/scripts/dists/ Frame 366E 		148 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.c138f154.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cb3c5fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
84029056903a9d6c9b0fbf7a03107d588eebfa502ac5cfaefe0c96efce4f79dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:06 GMT
content-encoding
br
content-md5
tHpRmRuPmuFcb9kVTXTAhA==
content-length
40692
x-ms-lease-status
unlocked
last-modified
Sun, 26 Sep 2021 04:46:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D980A890A597B9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
17336672-201e-002b-0794-b2206c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:06 GMT
light-response-page.chunk.post.boot.d5a58038.js
cdn.forms.office.net/forms/scripts/dists/ Frame 366E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.d5a58038.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cb3c5fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
47ee7ce7b624a86869a2bceb3c962e9468f1642dbb285bb1c0a0ed80868b9f6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:06 GMT
content-encoding
br
content-md5
S3ZhB/ruPKRFcvajVhKcbA==
content-length
4145
x-ms-lease-status
unlocked
last-modified
Sun, 26 Sep 2021 04:46:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D980A890C6BA41
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e7e23ac4-801e-0040-4694-b27d3a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:06 GMT
ir_white_title.svg
cdn.forms.office.net/forms/images/ Frame 366E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/ir_white_title.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4df85e89a466d2f979ed3995337ac223eda5cb62ddcaa3044a256a0ba1f90000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:06 GMT
content-md5
10Dd1PpC6lRQDD1f/z25Sw==
content-length
2271
x-ms-lease-status
unlocked
last-modified
Thu, 08 Apr 2021 05:23:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8FA4E75CEBCFD
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a8dc9c9f-801e-00ae-6c70-2c77b9000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:06 GMT
immersive-reader-icon_black.svg
cdn.forms.office.net/forms/images/ Frame 366E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/immersive-reader-icon_black.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d70d70889244b82741e7343b2acb22b0b083835898b050c18e138e85d9a2c7cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:06 GMT
content-md5
KcE1VrPtrNUxMzaM4LNsNw==
content-length
2384
x-ms-lease-status
unlocked
last-modified
Thu, 08 Apr 2021 05:23:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8FA4E75C481E8
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
2940f4cf-d01e-0053-0c70-2c48db000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:06 GMT
light-response-page.chunk.sw.78b3a1d0.js
cdn.forms.office.net/forms/scripts/dists/ Frame 366E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.78b3a1d0.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.cb3c5fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-96.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fde55e57aa677b8b95528cb09e7244366e441bf4350ecab20c0435e1521c88ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Oct 2021 23:13:06 GMT
content-encoding
br
content-md5
l6wJgaGC1Xw67WdsYsO0RQ==
content-length
777
x-ms-lease-status
unlocked
last-modified
Sun, 26 Sep 2021 04:46:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D980A890D5D831
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bab5be37-701e-0099-4096-b2db16000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Oct 2022 23:13:06 GMT
GetThemes
forms.office.com/Pages/ResponsePage.aspx/ Frame 366E 		226 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx/GetThemes
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.c138f154.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dd159f138ac8f5fed2de2d7cd4d73fd941090ecd8ccace0a371f478120620d84
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

odata-version
4.0
x-correlationid
undefined
x-usersessionid
c3c26f07-1352-4ea6-a63d-e4bf6fa0b44b
x-ms-form-request-ring
business
authorization
content-type
application/json
Accept-Language
de-DE,de;q=0.9
accept
application/json
Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=YOdfyhjHvUmTGx0DnNAG9NBDJNtNJj9JuW0M3Th3P0FUNDE5VElMVkpKQk41UDY1MEI5VzRNVUExNC4u&embed=true
odata-maxverion
4.0
__requestverificationtoken
eF0RU2gok8PqdkgqDvYIy-HeENr6jJG5V5NZwbr9mFOBF7er8chVL2Ox-C4yKKEmo_DKV58fGxsx2Sx1tMOJHLU1nLyoUYddr-Vo4icnZDU1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
x-ms-form-request-source
ms-formweb

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-officeversion
16.0.14524.33228
x-officefe
FormsSingleBox_IN_0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-length
140
x-routingofficefe
FormsSingleBox_IN_0
x-routingofficeversion
16.0.14524.33228
x-correlationid
d11869fa-1145-4f75-9ac9-0700f312ed81
x-officecluster
weu-100.forms.office.com
x-usersessionid
c3c26f07-1352-4ea6-a63d-e4bf6fa0b44b
date
Tue, 05 Oct 2021 23:13:06 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
undefined
cache-control
max-age=0, private
x-failurereason
Unknown
x-routingsessionid
c3c26f07-1352-4ea6-a63d-e4bf6fa0b44b
x-msedge-ref
Ref A: C8FA33603DAC45E0864CFE1BF74D9656 Ref B: VIEEDGE2819 Ref C: 2021-10-05T23:13:06Z
x-routingofficecluster
weu-100.forms.office.com
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ Frame 366E 		175 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.d5a58038.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7a05a878ebad7153b928d6a0e9f5b5e78fb356ffbe6c2f311adf46452ec5a7ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:13:05 GMT
content-encoding
br
x-azure-ref-originshield
0+9lcYQAAAADT27P4qTzaSrvwiHrqn6pgTE9OMjFFREdFMDExMABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-md5
bScySq2trF3VfdFPlChwog==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.1.7
last-modified
Tue, 05 Oct 2021 17:45:29 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.1.7.min.js
etag
0x8D98827EC1951F3
x-azure-ref
0AtxcYQAAAADx8aL12OUTT4OX30hctSr2UFJHMDFFREdFMDYyMQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c8f848b8-601e-00a7-2039-ba00b7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
'de-de'
forms.office.com/formapi/api/ca5fe760-c718-49bd-931b-1d039cd006f4/users/db2443d0-264d-493f-b96d-0cdd38773f41/forms('YOdfyhjHvUmTGx0DnNAG9NBDJNtNJj9JuW0M3Th3P0FUNDE5VElMVkpKQk41UDY1MEI5VzRNVUExNC4u'... Frame 366E 		0
0
c.gif
c.office.com/ Frame 366E
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=51C140AEBE224BE0B9DFEFF120031F28&RedC=c.office.com&MXFR=300F26E6805E6B053BF03621845E608C
  • https://c.office.com/c.gif?CtsSyncId=51C140AEBE224BE0B9DFEFF120031F28&MUID=300F26E6805E6B053BF03621845E608C
42 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=51C140AEBE224BE0B9DFEFF120031F28&MUID=300F26E6805E6B053BF03621845E608C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:13:06 GMT
last-modified
Wed, 15 Sep 2021 17:29:40 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"367bb54357aad71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:13:06 GMT
x-msedge-ref
Ref A: 112659D8E6A541D199BE7C7EC4B5335A Ref B: PRG01EDGE0813 Ref C: 2021-10-05T23:13:06Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=51C140AEBE224BE0B9DFEFF120031F28&MUID=300F26E6805E6B053BF03621845E608C
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
truncated
/ Frame 366E 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Referer
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 366E 		0
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forms.office.com
URL
https://forms.office.com/formapi/api/ca5fe760-c718-49bd-931b-1d039cd006f4/users/db2443d0-264d-493f-b96d-0cdd38773f41/forms('YOdfyhjHvUmTGx0DnNAG9NBDJNtNJj9JuW0M3Th3P0FUNDE5VElMVkpKQk41UDY1MEI5VzRNVUExNC4u')/localeResource/'de-de'
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.7&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1633475587424&time-delta-to-apply-millis=use-collector-delta&w=0
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.7&apikey=a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539&upload-time=1633475587424&time-delta-to-apply-millis=use-collector-delta&w=0

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal function| $ function| jQuery function| Popper object| bootstrap function| onYouTubeIframeAPIReady

14 Cookies

Domain/Path Name / Value
.tf-nitic-iwate.com/ Name: _ga_R79571JSDS
Value: GS1.1.1633475580.1.0.1633475580.0
.tf-nitic-iwate.com/ Name: _ga
Value: GA1.1.915892348.1633475580
forms.office.com/ Name: DcLcid
Value: ui=1031&data=1031
.forms.office.com/ Name: FormsWebSessionId
Value: 1ead9f81-1774-4c4a-b715-fbefb08ac733
.forms.office.com/ Name: usenewauthrollout
Value: True
.forms.office.com/ Name: usenewrpsauthrollout
Value: True
forms.office.com/ Name: __RequestVerificationToken
Value: cSziS3B76Uul99YBWAPV8ziRg_ExXOmZB3sIWOwijmCINSvFB_lVRyCQhjvjs3c06VRMxJnENkKlAoNKkrk2Z7L1QqC4KTta6ep0f0CXcdw1
.office.com/ Name: MUID
Value: 300F26E6805E6B053BF03621845E608C
forms.office.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 09470bda-fb7e-4309-afe3-9889b890007a
forms.office.com/ Name: ai_session
Value: OEZz164HbTmI02sDjr7ZSa|1633475586422|1633475586422
.bing.com/ Name: MUID
Value: 300F26E6805E6B053BF03621845E608C
.c.bing.com/ Name: SRM_B
Value: 300F26E6805E6B053BF03621845E608C
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: ANONCHK
Value: 0

2 Console Messages

Source Level URL
Text
network error URL: https://cdn.forms.office.net/forms/scripts/dists/ls-response.de-de.a24d4d0de.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cdn.forms.office.net/forms/scripts/dists/ls-response.de-de.a24d4d0de.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
cdnjs.cloudflare.com
code.jquery.com
forms.office.com
js.monitor.azure.com
maxcdn.bootstrapcdn.com
record-bank.tf-nitic-iwate.com
tf-nitic-iwate.com
www.google-analytics.com
www.googletagmanager.com
browser.events.data.microsoft.com
forms.office.com
104.16.19.94
104.18.11.207
13.107.21.200
13.107.213.44
13.107.6.194
142.250.74.104
142.250.74.206
157.112.187.10
2.16.107.96
52.142.114.2
69.16.175.10
04df6786946c9ff7b31b9254e382debf6e0e98dd1a3aeac53c56a606eeed98c9
055b86bac8b7e6902f4cce2ff8c77d055cb439f2f94e9c784c968a0f9a5fd7ef
0b91331579cc0d39a9b7b995749001733fe8ef84e36c932fd99640e4a41dd461
0e78e83c98f07eda293256497f22532f3baecd872540a1aab39a0010ae9c0926
0fcd70815f0bac083353992dc06b374fc66fa779bb2180c948cd5d10a3d0e7a1
3767d9e88eb48cd31ab4403666d8ecbf724d54eb3686a4921d67761138fe80d9
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
47ee7ce7b624a86869a2bceb3c962e9468f1642dbb285bb1c0a0ed80868b9f6c
4df85e89a466d2f979ed3995337ac223eda5cb62ddcaa3044a256a0ba1f90000
60590057bc47509088981e6b183f177579efee3987fb06f8aa09e07a5c787e5c
63f4af2e20754ab559114da0a65a39f1449ce092051a7f009f01c8ae715c38a5
649bf0722237592a2996a908d579d96928e8fd85bd4a5fa1912066d01b25790a
6a0ba7e38b8cce4ac154aedef12a88945ca9dd6eb93b3c50413f9b403d7bbe30
73006c3710381128a9e52bcdfc0900e72530fd1b870b3ecf1acaaedbf780286c
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7a05a878ebad7153b928d6a0e9f5b5e78fb356ffbe6c2f311adf46452ec5a7ea
7bdd31d0758cfd08baf35272cea3f71c5ac292f6fdc8463b41fa00aee89ce6b5
84029056903a9d6c9b0fbf7a03107d588eebfa502ac5cfaefe0c96efce4f79dc
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
951b657df8209596e30ad2abd0ef73e359ac1fddda88524efc79e8da64d0c338
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
ae4566b3c86d112b1da058ceb5af39b93c069cc6352416fa11f6dcb5e6067a16
d70d70889244b82741e7343b2acb22b0b083835898b050c18e138e85d9a2c7cf
dd159f138ac8f5fed2de2d7cd4d73fd941090ecd8ccace0a371f478120620d84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ed48fac0897231a6a9e5702abb288242f01e636708e426bc0e8b0dc548ae5a3c
fde55e57aa677b8b95528cb09e7244366e441bf4350ecab20c0435e1521c88ee