urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mmV48SNF5P3cYBW1lmypB6cYf3nMMV77zYWKHGN6fJMKnKZZZ6W7cb6...
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5IS...
Submission: On March 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 7 domains to perform 35 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 5828.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on March 23rd 2023. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 3 2620:1ec:a92:... 8068 (MICROSOFT...)
21 2a02:26f0:470... 20940 (AKAMAI-ASN1)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 52.109.88.76 8075 (MICROSOFT...)
1 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 23.72.97.126 16625 (AKAMAI-AS)
6 13.89.178.27 8075 (MICROSOFT...)
35 8
2    2606:4700:4400::6812:2a5e (United States)

ASN13335 (CLOUDFLARENET, US)
t.sidekickopen10.com
3    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
21    2a02:26f0:4700::210:2ba (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    52.109.88.76 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
1    2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
1    23.72.97.126 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-97-126.deploy.static.akamaitechnologies.com
static2.sharepointonline.com
6    13.89.178.27 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
21 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8505
477 KB
7 office.com
forms.office.com — Cisco Umbrella Rank: 5828
c.office.com — Cisco Umbrella Rank: 23013
lists.office.com — Cisco Umbrella Rank: 13930
890 KB
6 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 233
1 KB
2 sidekickopen10.com
t.sidekickopen10.com — Cisco Umbrella Rank: 49621
3 KB
1 sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 2594
36 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1527
61 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 230
739 B
35 7
Domain Requested by
21 cdn.forms.office.net forms.office.com
cdn.forms.office.net
6 browser.events.data.microsoft.com js.monitor.azure.com
cdn.forms.office.net
3 forms.office.com 1 redirects t.sidekickopen10.com
forms.office.com
2 lists.office.com forms.office.com
2 c.office.com 1 redirects forms.office.com
2 t.sidekickopen10.com 1 redirects
1 static2.sharepointonline.com forms.office.com
1 js.monitor.azure.com cdn.forms.office.net
1 c.bing.com 1 redirects
35 9

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-27 -
2023-05-27		 a year crt.sh
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2023-03-23 -
2024-03-17		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
lists.office.com
Microsoft Azure TLS Issuing CA 05		 2023-01-11 -
2024-01-06		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2023-03-23 -
2024-03-17		 a year crt.sh
privatecdn.sharepointonline.com
DigiCert SHA2 Secure Server CA		 2022-09-19 -
2023-09-19		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-03-08 -
2024-03-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Frame ID: 1177B8017E646AD7517A5CB80589EB09
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IGL Employment Information

Page URL History Show full URLs

  1. https://t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mmV48SNF5P3cYBW1lmypB6cYf3nMMV77zYW... Page URL
  2. https://t.sidekickopen10.com/events/public/v1/encoded/track/tc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mmV48... HTTP 307
    https://forms.office.com/r/Pmxi89WFrE HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyR... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

35
Requests

97 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

8
IPs

5
Countries

1467 kB
Transfer

2486 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mmV48SNF5P3cYBW1lmypB6cYf3nMMV77zYWKHGN6fJMKnKZZZ6W7cb6Vt5QPSLcW7T8KSB6JNCfkW4B5SnM89JwV6N71djFmRKK49W92JYWl7VKhg9W3FGnKr1gw3CZVHJpQJ7hRsFwW5Ghs1t5Jr4rzVqdL8J8XQMmvW1RShgH167DVHW90QHl-7P5zdsW2WWrw85T0N3ZW4SLKVw7yR3yBN5CCyvQzQzGLN7svczQL2hXQN77QwBxZn6dJf13-Q8n04 Page URL
  2. https://t.sidekickopen10.com/events/public/v1/encoded/track/tc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mmV48SNF5P3cYBW1lmypB6cYf3nMMV77zYWKHGN6fJMKnKZZZ6W7cb6Vt5QPSLcW7T8KSB6JNCfkW4B5SnM89JwV6N71djFmRKK49W92JYWl7VKhg9W3FGnKr1gw3CZVHJpQJ7hRsFwW5Ghs1t5Jr4rzVqdL8J8XQMmvW1RShgH167DVHW90QHl-7P5zdsW2WWrw85T0N3ZW4SLKVw7yR3yBN5CCyvQzQzGLN7svczQL2hXQN77QwBxZn6dJf13-Q8n04?_ud=463c1bb6-181f-41e7-b321-7e315de1686e&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://forms.office.com/r/Pmxi89WFrE HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9A9376F99E8B44EC91858558257BC189&RedC=c.office.com&MXFR=12FDCC6167696A921376DE8363696105 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=9A9376F99E8B44EC91858558257BC189&MUID=12FDCC6167696A921376DE8363696105

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Jks2-6q7W69sMD-6lZ3mmV48SNF5P3cYBW1lmypB6cYf3nMMV77zYWKHGN6fJMKnKZZZ6W7cb6Vt5QPSLcW7T8KSB6JNCfkW4B5SnM89JwV6N71djFmRKK49W92JYWl7VKhg9W3FGnKr1gw3CZVHJpQJ7hRsFwW5Ghs1t5Jr4rzVqdL8J8XQMmvW1RShgH167DVHW...
t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/ 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mmV48SNF5P3cYBW1lmypB6cYf3nMMV77zYWKHGN6fJMKnKZZZ6W7cb6Vt5QPSLcW7T8KSB6JNCfkW4B5SnM89JwV6N71djFmRKK49W92JYWl7VKhg9W3FGnKr1gw3CZVHJpQJ7hRsFwW5Ghs1t5Jr4rzVqdL8J8XQMmvW1RShgH167DVHW90QHl-7P5zdsW2WWrw85T0N3ZW4SLKVw7yR3yBN5CCyvQzQzGLN7svczQL2hXQN77QwBxZn6dJf13-Q8n04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
7af2004dec3c9b83-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Tue, 28 Mar 2023 18:40:23 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-hubspot-correlation-id
3ad328e5-e901-472f-9004-94d07fc6e744
x-robots-tag
none
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://t.sidekickopen10.com/events/public/v1/encoded/track/tc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mmV48SNF5P3cYBW1lmypB6cYf3nMMV77zYWKHGN6fJMKnKZZZ6W7cb6Vt5QPSLcW7T8KSB6JNCfkW4B5SnM89JwV6N71djFmR...
  • https://forms.office.com/r/Pmxi89WFrE
  • https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
58 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Requested by
Host: t.sidekickopen10.com
URL: https://t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mmV48SNF5P3cYBW1lmypB6cYf3nMMV77zYWKHGN6fJMKnKZZZ6W7cb6Vt5QPSLcW7T8KSB6JNCfkW4B5SnM89JwV6N71djFmRKK49W92JYWl7VKhg9W3FGnKr1gw3CZVHJpQJ7hRsFwW5Ghs1t5Jr4rzVqdL8J8XQMmvW1RShgH167DVHW90QHl-7P5zdsW2WWrw85T0N3ZW4SLKVw7yR3yBN5CCyvQzQzGLN7svczQL2hXQN77QwBxZn6dJf13-Q8n04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9b4840f3fc5d62aab41d06f0e707f1e43975efaadd9dfb86dcf3805c2c29933c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://t.sidekickopen10.com/Ctc/GG+23284/d2xV-904/Jks2-6q7W69sMD-6lZ3mmV48SNF5P3cYBW1lmypB6cYf3nMMV77zYWKHGN6fJMKnKZZZ6W7cb6Vt5QPSLcW7T8KSB6JNCfkW4B5SnM89JwV6N71djFmRKK49W92JYWl7VKhg9W3FGnKr1gw3CZVHJpQJ7hRsFwW5Ghs1t5Jr4rzVqdL8J8XQMmvW1RShgH167DVHW90QHl-7P5zdsW2WWrw85T0N3ZW4SLKVw7yR3yBN5CCyvQzQzGLN7svczQL2hXQN77QwBxZn6dJf13-Q8n04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 28 Mar 2023 18:40:23 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
b8ccb437-f5eb-4850-8dee-c5a004f2b3d0
x-msedge-ref
Ref A: BE3FDF361F36414CB6A5D424D9657A13 Ref B: AMS231032609039 Ref C: 2023-03-28T18:40:23Z
x-officecluster
frc-101.forms.office.com
x-officefe
FormsSingleBox_IN_13
x-officeversion
16.0.16322.42500
x-robots-tag
noindex, nofollow
x-routingcorrelationid
b8ccb437-f5eb-4850-8dee-c5a004f2b3d0
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_13
x-routingofficeversion
16.0.16322.42500
x-routingsessionid
a7524a7e-6e76-43bb-8174-c8de3e27d87f
x-usersessionid
a7524a7e-6e76-43bb-8174-c8de3e27d87f

Redirect headers

cache-control
no-cache
content-length
0
date
Tue, 28 Mar 2023 18:40:23 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
fc492a0c-2c4e-4216-a3ef-c7fa0a2addcf
x-msedge-ref
Ref A: E3BCED753AF74A89B57CA5CC7499AF4D Ref B: AMS231032609039 Ref C: 2023-03-28T18:40:23Z
x-officecluster
eus2-100.forms.office.com
x-officefe
FormIntelligenceService_IN_0
x-officeversion
16.0.16322.42500
x-usersessionid
fc492a0c-2c4e-4216-a3ef-c7fa0a2addcf
ls-response.de.bde8a5cd0.js
cdn.forms.office.net/forms/scripts/dists/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.bde8a5cd0.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d8250d0dfad7dcd22834aff9e351dc311fcb4d89300810eb427ea35eda0489aa

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
O0c22mC7Lt6rHRvjzX7asA==
content-length
10707
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56EA9993CF
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5c55d618-801e-0071-4451-5ddbc0000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.min.4fec861.css
cdn.forms.office.net/forms/css/dist/ 		100 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.4fec861.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d093c11793b57f171120cc0301d8e1a59c7a8166b83a70de9cea1f19cc19bca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
q5Y1IvqHNkv1K4ujdPfLgA==
content-length
18147
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E2FD35D1C6
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d1b48bc7-c01e-005f-3ad6-575b07000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.min.ea52de9.js
cdn.forms.office.net/forms/scripts/dists/ 		360 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6299d7428f8935b25c4c6a42c05f9d9272a6e00574e7ce92c2a7a235b78c45fa

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
5sEZ/TlBcaPavDg8Rjp8Pg==
content-length
102413
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E6C48FA4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dd831d21-e01e-0025-3f4a-5d314a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
runtimeFormsWithResponses('Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u')
forms.office.com/formapi/api/972d6f5e-124b-46f8-bbb1-64519eac4760/users/15386ae6-da7c-40e7-95a2-054fb87a17e5/light/ 		148 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/972d6f5e-124b-46f8-bbb1-64519eac4760/users/15386ae6-da7c-40e7-95a2-054fb87a17e5/light/runtimeFormsWithResponses('Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba543bb28a4970e4a630dfe8fa241e192acffc2d99412cb34f98b96ce2dc69c2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
X-UserSessionId
a7524a7e-6e76-43bb-8174-c8de3e27d87f
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
Tk5WQigmRRVaVU4Vg_7z07IbL-1q4Xv4bjg4IKpW1wGhe5xWx-GAIlDWESJb9_yC4AaTIER4H5p8ExqQdZ_Mi1OUg-byCQxRWcwiqTzHGFA1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Tue, 28 Mar 2023 18:40:23 GMT
x-officeversion
16.0.16322.42500
x-officefe
FormsSingleBox_IN_10
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_9
x-routingofficeversion
16.0.16322.42500
x-correlationid
3ce4c517-e1c0-4ec8-95c5-be082840665d
x-officecluster
frc-101.forms.office.com
x-usersessionid
a7524a7e-6e76-43bb-8174-c8de3e27d87f
x-msedge-ref
Ref A: 30DBF477BB6A47E5930823644FAA78FA Ref B: AMS231032609039 Ref C: 2023-03-28T18:40:23Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
3ce4c517-e1c0-4ec8-95c5-be082840665d
x-routingsessionid
a7524a7e-6e76-43bb-8174-c8de3e27d87f
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-101.forms.office.com
light-response-page.chunk.lrp_ext.0019e9a.js
cdn.forms.office.net/forms/scripts/dists/ 		0
71 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.0019e9a.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
jmZfrngRlakL2K2E9qhePQ==
content-length
72426
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E6C66411
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d67814c6-401e-0001-654a-5da804000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.lrp_cover.44fe6e9.js
cdn.forms.office.net/forms/scripts/dists/ 		0
29 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.44fe6e9.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
uhlXGGww73mw91oIdEDz3g==
content-length
28831
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E64A420E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9091cd61-f01e-005c-7d4a-5d5800000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.lrp_phishing.6048b69.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.6048b69.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
GSeizb5U5BLH20X9BgUt4w==
content-length
1903
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E6A636CB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ec5e52dd-501e-003c-594a-5d1d22000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.lrp_saveresponse.0c6e611.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.0c6e611.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
gKw1tbQvXzwIMmHuRXWSIg==
content-length
4646
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E6A636CB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e2e887dc-001e-0060-0b4a-5decdb000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.lrp_trial.6224cd9.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_trial.6224cd9.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
ZvxEP82iLJykGaQGAs4x2A==
content-length
1561
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E6A65DD4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cb0d703d-201e-0038-5a4a-5de8a0000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.lrp_post.boot.e5d2d29.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.e5d2d29.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
cEVwe6OVerxrm0ZGS9ZBsQ==
content-length
5125
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E6A636CB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9e3bf51b-e01e-0048-4e4a-5d9b64000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.lrp_ext.0019e9a.js
cdn.forms.office.net/forms/scripts/dists/ 		235 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.0019e9a.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
760f516e590e81bc779cd0224a6ceea40dbdfa6a91c2b70e8dbe56982c871661

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
jmZfrngRlakL2K2E9qhePQ==
content-length
72426
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E6C66411
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d67814c6-401e-0001-654a-5da804000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.lrp_cover.44fe6e9.js
cdn.forms.office.net/forms/scripts/dists/ 		105 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.44fe6e9.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e94b0aef336189d69bf2dfd6555154e7f708715f189a08a9cfe8d51102d4ad71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
uhlXGGww73mw91oIdEDz3g==
content-length
28831
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E64A420E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9091cd61-f01e-005c-7d4a-5d5800000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.lrp_saveresponse.0c6e611.js
cdn.forms.office.net/forms/scripts/dists/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.0c6e611.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f200a3d749c0a61acf0ef0c09eb60ab9f115f809f7f86841b9c4feca9d19eb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
gKw1tbQvXzwIMmHuRXWSIg==
content-length
4646
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E6A636CB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e2e887dc-001e-0060-0b4a-5decdb000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.lrp_trial.6224cd9.js
cdn.forms.office.net/forms/scripts/dists/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_trial.6224cd9.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
eeae2df6a862a2435104be64893271cf284515d17416f8ceae8cd65db804f3c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
ZvxEP82iLJykGaQGAs4x2A==
content-length
1561
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E6A65DD4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cb0d703d-201e-0038-5a4a-5de8a0000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.lrp_post.boot.e5d2d29.js
cdn.forms.office.net/forms/scripts/dists/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.e5d2d29.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1f8361fe30dc3bb5611f31320f04dc4e9a0c93cc1ee1c4f5ed681c76c11a21dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
cEVwe6OVerxrm0ZGS9ZBsQ==
content-length
5125
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E6A636CB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9e3bf51b-e01e-0048-4e4a-5d9b64000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.sw.8c51011.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.8c51011.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2161a9b0826b826258796a6ff92079bdd030f840537ea615304b7f745234565e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
kLnl/ZJuEnmei8AESPspGA==
content-length
598
x-ms-lease-status
unlocked
last-modified
Fri, 03 Mar 2023 05:34:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB1BA8F910568B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
61933cd4-101e-0056-08a1-4d4189000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.fluent.9b81361.js
cdn.forms.office.net/forms/scripts/dists/ 		208 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.fluent.9b81361.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1937859bc6b1148b24f924bcbc8e659fa3b227a58e2f0f0f8ca23b66dd675ee4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
41xWBuq3Sgr6tHX0YuHVvw==
content-length
57987
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E64BA175
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9091d268-f01e-005c-614a-5d5800000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.lrp_template.c90385d.js
cdn.forms.office.net/forms/scripts/dists/ 		0
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_template.c90385d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
oMKawhA+OtNLsp6hFW34Wg==
content-length
15565
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56E6A65DD4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
abea4d8b-d01e-000f-3e4a-5d440f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.try_dv.20b557b.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.try_dv.20b557b.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
9VVchEDaWLkPlvcPg7cPrA==
content-length
1701
x-ms-lease-status
unlocked
last-modified
Wed, 08 Mar 2023 04:45:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB1F8FF216F9CE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7d488f2c-a01e-0000-6786-51a9f9000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
light-response-page.chunk.1ds.a62f923.js
cdn.forms.office.net/forms/scripts/dists/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a62f923.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
536ef3c34c432017e190a83a369409e89b542c4bb974504ff61b294edd9bef90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
jBltzj0Rg2nwg9lhivUsLA==
content-length
33756
x-ms-lease-status
unlocked
last-modified
Tue, 21 Mar 2023 07:24:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB29DD4E883341
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
57963655-401e-004e-30cd-5b6c1c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
ls-response.en-us.bde8a5cd0.js
cdn.forms.office.net/forms/scripts/dists/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.en-us.bde8a5cd0.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.ea52de9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
933e7ac7d339bd2fc6a116cc6f86c40a365ad066bf30a350468cad2a88d45fff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
content-md5
VgHEkmUytvo8+iMjV078Lw==
content-length
8403
x-ms-lease-status
unlocked
last-modified
Thu, 23 Mar 2023 04:27:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB2B56EAAE0317
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9091c785-f01e-005c-1a4a-5d5800000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:23 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9A9376F99E8B44EC91858558257BC189&RedC=c.office.com&MXFR=12FDCC6167696A921376DE8363696105
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=9A9376F99E8B44EC91858558257BC189&MUID=12FDCC6167696A921376DE8363696105
42 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=9A9376F99E8B44EC91858558257BC189&MUID=12FDCC6167696A921376DE8363696105
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Mar 2023 18:40:23 GMT
last-modified
Thu, 16 Mar 2023 17:16:22 GMT
server
Microsoft-IIS/10.0
etag
"c4b6d572b58d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 28 Mar 2023 18:40:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A8F12A6E02CD4F42A1809E4C52EE9C25 Ref B: FRAEDGE2020 Ref C: 2023-03-28T18:40:24Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=9A9376F99E8B44EC91858558257BC189&MUID=12FDCC6167696A921376DE8363696105
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
3ddd1b43-0ed3-4351-8203-660669bc7edf
lists.office.com/Images/972d6f5e-124b-46f8-bbb1-64519eac4760/15386ae6-da7c-40e7-95a2-054fb87a17e5/TCU2EL9O96ELTEF3TNHH3J1I5S/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/972d6f5e-124b-46f8-bbb1-64519eac4760/15386ae6-da7c-40e7-95a2-054fb87a17e5/TCU2EL9O96ELTEF3TNHH3J1I5S/3ddd1b43-0ed3-4351-8203-660669bc7edf
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.76 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3806a0d3b50a9c0b9dc366023af3b46af3bce3ed8fb9a78fe59869f31e7aba04
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Mar 2023 18:40:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.16316.42102
content-type
image/jpeg
x-routingcorrelationid
cb31b56b-d89e-4d1f-ad5c-22a843544b8d
cache-control
no-cache
x-routingsessionid
1eaabda4-1e5b-4e6d-aa40-5982c00ff2b8
x-hivering
3
x-routingofficecluster
weu-100.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_5
expires
-1
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		179 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.e5d2d29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 18:40:23 GMT
content-encoding
br
x-azure-ref-originshield
0hzQjZAAAAABl/+Ll7y0CTpYVm3CiorTaRlJBMjMxMDUwNDE3MDIxAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
b+j9g6sJxD1l0IIs+rjbCw==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.2.9
last-modified
Tue, 21 Feb 2023 18:33:42 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.9.min.js
etag
0x8DB143A28B32497
x-azure-ref
0mDQjZAAAAABxVwa7xpCmRKir94RlT0lSRlJBMzFFREdFMDQyMgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8041b0c5-b01e-00b5-62a2-6169c5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
eb9a3b33-71ea-4d4a-9e46-452e26c829e5
lists.office.com/Images/972d6f5e-124b-46f8-bbb1-64519eac4760/15386ae6-da7c-40e7-95a2-054fb87a17e5/TCU2EL9O96ELTEF3TNHH3J1I5S/ 		837 KB
839 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/972d6f5e-124b-46f8-bbb1-64519eac4760/15386ae6-da7c-40e7-95a2-054fb87a17e5/TCU2EL9O96ELTEF3TNHH3J1I5S/eb9a3b33-71ea-4d4a-9e46-452e26c829e5
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.76 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
046988e0330bf558e3d8b25a42b92e730e76ff3814460a4cdf68045e56acd32b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Mar 2023 18:40:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.16316.42102
content-type
image/jpeg
x-routingcorrelationid
62e23f59-06fc-4280-af9b-65f93aa6db0c
cache-control
no-cache
x-routingsessionid
9328baed-281c-49c7-993f-59fcf3382c30
x-hivering
3
x-routingofficecluster
weu-100.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_5
expires
-1
fluent-hybrid-icons-d54cb751.woff
cdn.forms.office.net/forms/fonts/light/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/fonts/light/fluent-hybrid-icons-d54cb751.woff
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:4700::210:2ba Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7f77c691d669fc94853c14f76de8c2665411c899c168e4655a4215d296de8c3b

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:24 GMT
content-md5
/Gpiei0dQQsFHAGSgYDTDw==
content-length
1964
x-ms-lease-status
unlocked
last-modified
Thu, 05 Jan 2023 11:31:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAEF106A974AC2
content-type
application/x-font-woff
access-control-allow-origin
*
x-ms-request-id
92059d90-801e-0017-0358-21699a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Mar 2024 18:40:24 GMT
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=Xm8tl0sS-Ea7sWRRnqxHYOZqOBV82udAlaIFT7h6F-VUQ1UyRUw5Tzk2RUxURUYzVE5ISDNKMUk1Uy4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.97.126 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-97-126.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 28 Mar 2023 18:40:24 GMT
last-modified
Thu, 02 Nov 2017 17:22:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D522163B704E10
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
551e6907-501e-0041-5aaa-67dec9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=12421338
x-ms-version
2009-09-19
content-length
36344
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.27 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
ae4ab934967e95af72e96b690b63ea2502f7277e7d6ac871af122f6318e8e595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1680028825113
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Mar 2023 18:40:25 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
725
access-control-allow-methods
POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis
content-length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.27 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 28 Mar 2023 18:40:25 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.27 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
f48abdb540de340c5bad701f6220d5c39cb22edf5f31c9549351655926f65f86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1680028826115
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
time-delta-to-apply-millis
725
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Mar 2023 18:40:26 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
176
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.27 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 28 Mar 2023 18:40:26 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.27 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://forms.office.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 28 Mar 2023 18:40:26 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.a62f923.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.27 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
f0cb1f8409a35507b0fc05d14673725dd23bd075309057359afb278af13fd423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1680028826263
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Mar 2023 18:40:26 GMT
server
Microsoft-HTTPAPI/2.0
time-delta-millis
169
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://forms.office.com
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-headers
time-delta-millis
content-length
153

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap boolean| __COMPAT_PREACT_FOCUSZONE__ object| __globalSettings__ object| __themeState__ object| __packages__ number| __currentId__ object| __dynProto$Gbl object| e function| t object| oneDS object| awa

14 Cookies

Domain/Path Name / Value
forms.office.com/ Name: RpsAuthNonce
Value: 427ab974-93c3-47e4-9e6e-959ff4ad072a
.forms.office.com/ Name: RpsAuthNonce
Value: 427ab974-93c3-47e4-9e6e-959ff4ad072a
forms.office.com/ Name: __RequestVerificationToken
Value: QWurgQ1ySgHm5C4xU6Sd1NMPP20Y7alMcJjATQ5_bIPgxCKRg4dZNIFq3_iIwlntzxaPhEuvEiSOvpoQzyflldjBwMCMTPnjGRgzvtltjzg1
.office.com/ Name: MUID
Value: 12FDCC6167696A921376DE8363696105
forms.office.com/ Name: ai_session
Value: EeqsoPz8oorLAhmXTpQ1U4|1680028824110|1680028824110
.bing.com/ Name: MUID
Value: 12FDCC6167696A921376DE8363696105
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 12FDCC6167696A921376DE8363696105
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=322f6dd1c25a492789442e51463420fd&HASH=322f&LV=202303&V=4&LU=1680028825838
.microsoft.com/ Name: MS0
Value: b97104e07c334619b43097a89b4ed701
forms.office.com/ Name: MSFPC
Value: GUID=322f6dd1c25a492789442e51463420fd&HASH=322f&LV=202303&V=4&LU=1680028825838

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
js.monitor.azure.com
lists.office.com
static2.sharepointonline.com
t.sidekickopen10.com
13.89.178.27
23.72.97.126
2606:4700:4400::6812:2a5e
2620:1ec:4e:1::44
2620:1ec:a92::194
2620:1ec:c11::200
2a02:26f0:4700::210:2ba
52.109.88.76
68.219.88.97
046988e0330bf558e3d8b25a42b92e730e76ff3814460a4cdf68045e56acd32b
1937859bc6b1148b24f924bcbc8e659fa3b227a58e2f0f0f8ca23b66dd675ee4
1f8361fe30dc3bb5611f31320f04dc4e9a0c93cc1ee1c4f5ed681c76c11a21dc
2161a9b0826b826258796a6ff92079bdd030f840537ea615304b7f745234565e
3806a0d3b50a9c0b9dc366023af3b46af3bce3ed8fb9a78fe59869f31e7aba04
536ef3c34c432017e190a83a369409e89b542c4bb974504ff61b294edd9bef90
5f200a3d749c0a61acf0ef0c09eb60ab9f115f809f7f86841b9c4feca9d19eb3
6299d7428f8935b25c4c6a42c05f9d9272a6e00574e7ce92c2a7a235b78c45fa
760f516e590e81bc779cd0224a6ceea40dbdfa6a91c2b70e8dbe56982c871661
7f77c691d669fc94853c14f76de8c2665411c899c168e4655a4215d296de8c3b
933e7ac7d339bd2fc6a116cc6f86c40a365ad066bf30a350468cad2a88d45fff
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b4840f3fc5d62aab41d06f0e707f1e43975efaadd9dfb86dcf3805c2c29933c
ae4ab934967e95af72e96b690b63ea2502f7277e7d6ac871af122f6318e8e595
ba543bb28a4970e4a630dfe8fa241e192acffc2d99412cb34f98b96ce2dc69c2
d093c11793b57f171120cc0301d8e1a59c7a8166b83a70de9cea1f19cc19bca4
d8250d0dfad7dcd22834aff9e351dc311fcb4d89300810eb427ea35eda0489aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749
e94b0aef336189d69bf2dfd6555154e7f708715f189a08a9cfe8d51102d4ad71
eeae2df6a862a2435104be64893271cf284515d17416f8ceae8cd65db804f3c4
f0cb1f8409a35507b0fc05d14673725dd23bd075309057359afb278af13fd423
f48abdb540de340c5bad701f6220d5c39cb22edf5f31c9549351655926f65f86