urlscan.io logo urlscan.io
SecurityTrails logo

booking-agora.pages.dev Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://booking-agora.pages.dev/
Submission: On June 06 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 34 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is booking-agora.pages.dev.
TLS certificate: Issued by E1 on June 6th 2023. Valid for: 3 months.
This is the only time booking-agora.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 6 2620:1ec:a92:... 8068 (MICROSOFT...)
20 2a02:26f0:118... 20940 (AKAMAI-ASN1)
3 40.126.32.72 8075 (MICROSOFT...)
1 2620:1ec:48:1... 8075 (MICROSOFT...)
2 4 68.219.88.97 8075 (MICROSOFT...)
2 2 2620:1ec:c11:... ()
34 7
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
booking-agora.pages.dev
6    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
20    2a02:26f0:1180:4::212:7952 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
3    40.126.32.72 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
1    2620:1ec:48:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
4    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
2    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
Apex Domain
Subdomains		 Transfer
20 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 9477
720 KB
10 office.com
forms.office.com — Cisco Umbrella Rank: 6160
c.office.com — Cisco Umbrella Rank: 23420
115 KB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 17
59 KB
2 bing.com
c.bing.com
1 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1600
61 KB
1 pages.dev
booking-agora.pages.dev
906 B
0 microsoft.com Failed
browser.events.data.microsoft.com Failed
34 7
Domain Requested by
20 cdn.forms.office.net forms.office.com
cdn.forms.office.net
6 forms.office.com 1 redirects booking-agora.pages.dev
forms.office.com
4 c.office.com 2 redirects forms.office.com
3 login.microsoftonline.com forms.office.com
login.microsoftonline.com
2 c.bing.com 2 redirects
1 js.monitor.azure.com forms.office.com
1 booking-agora.pages.dev
0 browser.events.data.microsoft.com Failed
34 8

This site contains no links.

Subject Issuer Validity Valid
booking-agora.pages.dev
E1		 2023-06-06 -
2023-09-04		 3 months crt.sh
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2023-03-23 -
2024-03-17		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2023-05-25 -
2024-05-25		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2023-03-23 -
2024-03-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://booking-agora.pages.dev/
Frame ID: 5D36C80747AAAAFDE419C6AB98A06600
Requests: 1 HTTP requests in this frame

Frame: https://forms.office.com/pages/responsepage.aspx?id=f4KApWFR3EeDszS7rGh7-RSwpVwMxRBOqCDYoMUJjexUREk1RFlUSVNUQVRZS1lEQTRTUEhJS1IwRi4u&embed=true
Frame ID: 3B9C6D5E2F5DD3EC040C2D042DA76C31
Requests: 18 HTTP requests in this frame

Frame: https://forms.office.com/default.aspx
Frame ID: D3E368733DC702C8C3045CD22AF242AC
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Réservation Agora

Page Statistics

34
Requests

88 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

954 kB
Transfer

2578 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://forms.office.com/ HTTP 302
  • https://forms.office.com/default.aspx
Request Chain 25
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0EE9ABB3DD464ACCBB632DF821E9296E&RedC=c.office.com&MXFR=38499051BF716D00300C8379BB716696 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=0EE9ABB3DD464ACCBB632DF821E9296E&MUID=38499051BF716D00300C8379BB716696
Request Chain 27
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5AD4DFCDE04345A9975A198E4C397B67&RedC=c.office.com&MXFR=1A82900F7A4564A4082683277E456FA6 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=5AD4DFCDE04345A9975A198E4C397B67&MUID=1A82900F7A4564A4082683277E456FA6

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
booking-agora.pages.dev/ 		603 B
906 B 		Document
General
Check archive.org
Download Go to
Full URL
https://booking-agora.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e17ad85d8806f8809cd9cbde523098f3ff7233688fe3b5c94d683e7b24e8a26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
7d32997b8883b88e-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 18:08:14 GMT
etag
W/"7d46dba7e3e0fe42c0bdd70a993c6b37"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Frs8FG8ObvJX0GcpZOUDGobfCCKEcGXDphzxmUpnJQC%2BoEqvkgBzPL4o4Pc8UFdeIIXjQ5sTYQ8XY8enFfSsOyVzFz3JvN2sveGXTjwYotyEzrpTRCDbp5SwEUOnkLk3MPFeAUqfuQ3MfLo92sWXmHHliFjkUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
responsepage.aspx
forms.office.com/pages/ Frame 3B9C 		120 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=f4KApWFR3EeDszS7rGh7-RSwpVwMxRBOqCDYoMUJjexUREk1RFlUSVNUQVRZS1lEQTRTUEhJS1IwRi4u&embed=true
Requested by
Host: booking-agora.pages.dev
URL: https://booking-agora.pages.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ea7d3cad36adfd98f86722f4fe31d62ec6f7fa504e07ceac3eee720e724e2381
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://booking-agora.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 18:08:15 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
22b69afe-76b5-414d-956e-605a71984734
x-msedge-ref
Ref A: EC4DEDFBD7AC439280E7B468B88A8F69 Ref B: AMS231032606023 Ref C: 2023-06-06T18:08:14Z
x-officecluster
frc-101.forms.office.com
x-officefe
FormsSingleBox_IN_3
x-officeversion
16.0.16530.42055
x-robots-tag
noindex, nofollow
x-routingcorrelationid
22b69afe-76b5-414d-956e-605a71984734
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_3
x-routingofficeversion
16.0.16530.42055
x-routingsessionid
384e625c-9d9f-455a-9945-37c5c496a66a
x-usersessionid
384e625c-9d9f-455a-9945-37c5c496a66a
runtimeFormsWithResponses('f4KApWFR3EeDszS7rGh7-RSwpVwMxRBOqCDYoMUJjexUREk1RFlUSVNUQVRZS1lEQTRTUEhJS1IwRi4u')
forms.office.com/formapi/api/a580827f-5161-47dc-83b3-34bbac687bf9/users/5ca5b014-c50c-4e10-a820-d8a0c5098dec/light/ Frame 3B9C 		97 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/a580827f-5161-47dc-83b3-34bbac687bf9/users/5ca5b014-c50c-4e10-a820-d8a0c5098dec/light/runtimeFormsWithResponses('f4KApWFR3EeDszS7rGh7-RSwpVwMxRBOqCDYoMUJjexUREk1RFlUSVNUQVRZS1lEQTRTUEhJS1IwRi4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=f4KApWFR3EeDszS7rGh7-RSwpVwMxRBOqCDYoMUJjexUREk1RFlUSVNUQVRZS1lEQTRTUEhJS1IwRi4u&embed=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
804afd34b6a457c1e712bb336ef8c02babeaf7931973e0e733fa6399ac25eadb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=f4KApWFR3EeDszS7rGh7-RSwpVwMxRBOqCDYoMUJjexUREk1RFlUSVNUQVRZS1lEQTRTUEhJS1IwRi4u&embed=true
X-UserSessionId
384e625c-9d9f-455a-9945-37c5c496a66a
accept-language
nl-NL,nl;q=0.9
__RequestVerificationToken
BwN3MbTGIMx5mVuxj-evTG0dAXK6ZL8s6rpGph-GZ-7Uu9MATgBtXaL6sjzu4516WtAF2u8Q3fOdWdt9SxWE33kMHY5VknU3D84aLU0F0uA1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Tue, 06 Jun 2023 18:08:17 GMT
x-officeversion
16.0.16530.42055
x-officefe
FormsSingleBox_IN_13
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_1
x-routingofficeversion
16.0.16530.42055
x-correlationid
5552cacb-c3e7-4008-92fa-a7e8a31cd677
x-officecluster
weu-101.forms.office.com
x-usersessionid
384e625c-9d9f-455a-9945-37c5c496a66a
x-msedge-ref
Ref A: 586F148180CD4E999B97FFC6844677C7 Ref B: AMS231032606023 Ref C: 2023-06-06T18:08:15Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
5552cacb-c3e7-4008-92fa-a7e8a31cd677
x-routingsessionid
384e625c-9d9f-455a-9945-37c5c496a66a
x-robots-tag
noindex, nofollow
x-routingofficecluster
weu-101.forms.office.com
ls-response.nl.81272b7b0.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.nl.81272b7b0.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=f4KApWFR3EeDszS7rGh7-RSwpVwMxRBOqCDYoMUJjexUREk1RFlUSVNUQVRZS1lEQTRTUEhJS1IwRi4u&embed=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
879c970037e0c5a3bfcb288142dd4eee4903d8c99557ee05441293184001169f

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:15 GMT
content-encoding
br
content-md5
+ovxj5x5+ChiYHOjRfpfTg==
content-length
11140
x-ms-lease-status
unlocked
last-modified
Thu, 01 Jun 2023 05:24:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB6260740579D6
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
154c7015-c01e-0039-7455-94e95d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:15 GMT
dll-dompurify.min.3c32c70.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/dll-dompurify.min.3c32c70.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=f4KApWFR3EeDszS7rGh7-RSwpVwMxRBOqCDYoMUJjexUREk1RFlUSVNUQVRZS1lEQTRTUEhJS1IwRi4u&embed=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:15 GMT
content-encoding
br
content-md5
oxUBT686mhsG6wWk22Bvig==
content-length
6037
x-ms-lease-status
unlocked
last-modified
Fri, 19 May 2023 08:48:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB5845D4D45F35
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8fbbbbaa-101e-003b-2457-8beba7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:15 GMT
light-response-page.min.9ab92f7.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		398 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9ab92f7.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=f4KApWFR3EeDszS7rGh7-RSwpVwMxRBOqCDYoMUJjexUREk1RFlUSVNUQVRZS1lEQTRTUEhJS1IwRi4u&embed=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
111e43834a79c495b58cb73695218d8e2d5ebb6cbfd1502ef71ce8324e17e74d

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:15 GMT
content-encoding
br
content-md5
RHpEPy+HPOcRkL6j9yPpJw==
content-length
112095
x-ms-lease-status
unlocked
last-modified
Thu, 01 Jun 2023 05:24:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB62606FC6C80E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4c55831c-e01e-002e-2a55-94293e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:15 GMT
light-response-page.chunk.lrp_ext.687038f.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		0
90 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.687038f.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9ab92f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:15 GMT
content-encoding
br
content-md5
sl6tbkAL+XfQ8OaqY/fQqg==
content-length
91926
x-ms-lease-status
unlocked
last-modified
Thu, 01 Jun 2023 05:24:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB62606F7B72A3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8f38b38a-601e-0070-1055-94da3d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:15 GMT
light-response-page.chunk.lrp_phishing.cee71a9.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.cee71a9.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9ab92f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:15 GMT
content-encoding
br
content-md5
iM9ehvXFzfHjymqrI9qJgg==
content-length
2481
x-ms-lease-status
unlocked
last-modified
Thu, 01 Jun 2023 05:24:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB62606FBDC8B9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a778f7e6-401e-0023-2e55-94c632000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:15 GMT
light-response-page.chunk.lrp_saveresponse.8a44b8e.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.8a44b8e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9ab92f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:15 GMT
content-encoding
br
content-md5
qBoo2PYoKfmkTMOfNLSXXQ==
content-length
3151
x-ms-lease-status
unlocked
last-modified
Thu, 01 Jun 2023 05:24:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB62606FBF010D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3464f4ab-f01e-0057-1455-944074000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:15 GMT
light-response-page.chunk.lrp_cover.b9346fb.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.b9346fb.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9ab92f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:15 GMT
content-encoding
br
content-md5
xk5NlL70rAz7wMhWd9nQsA==
content-length
17046
x-ms-lease-status
unlocked
last-modified
Thu, 01 Jun 2023 05:24:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB62606F7865E3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6ee713f9-f01e-005c-0654-945800000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:15 GMT
light-response-page.chunk.lrp_post.boot.c5bc54d.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.c5bc54d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9ab92f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:15 GMT
content-encoding
br
content-md5
IxCZ3hJcRVxD2LLNGT3WfA==
content-length
4866
x-ms-lease-status
unlocked
last-modified
Thu, 01 Jun 2023 05:24:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB62606FBDEFC2
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ac90f208-c01e-0076-5b54-942d45000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:15 GMT
light-response-page.chunk.lrp_ext.687038f.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		307 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.687038f.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9ab92f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
db7071c1d221618e2c6dc15ef1a3c6adc3527d31e3fa509eb487acab20809dc7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:17 GMT
content-encoding
br
content-md5
sl6tbkAL+XfQ8OaqY/fQqg==
content-length
91926
x-ms-lease-status
unlocked
last-modified
Thu, 01 Jun 2023 05:24:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB62606F7B72A3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8f38b38a-601e-0070-1055-94da3d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:17 GMT
light-response-page.chunk.lrp_ty2svg.2ac265e.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ty2svg.2ac265e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9ab92f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:17 GMT
content-encoding
br
content-md5
j434Z+kIHtJwXLYAb4kw6Q==
content-length
15309
x-ms-lease-status
unlocked
last-modified
Wed, 26 Apr 2023 05:39:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB461894451108
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a18645b4-201e-0033-590e-78f0d4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:17 GMT
light-response-page.chunk.officebrowserfeedback.39bdf71.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		0
105 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.officebrowserfeedback.39bdf71.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9ab92f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:17 GMT
content-encoding
br
content-md5
g077WZtojOm9a9CkyPtrow==
content-length
107103
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 04:56:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB55C9E92A04E9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
182d06b0-101e-003b-6ebe-87eba7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:17 GMT
light-response-page.chunk.try_dv.d33b8a6.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.try_dv.d33b8a6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9ab92f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:17 GMT
content-encoding
br
content-md5
inakQNjDFIYjDVPGieJ6aw==
content-length
1754
x-ms-lease-status
unlocked
last-modified
Fri, 19 May 2023 09:59:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB584FB5C9845D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
99cc3495-f01e-0018-13b1-8b846c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:17 GMT
authorize
login.microsoftonline.com/common/oauth2/ Frame D3E3 		153 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=038ed4f5-da78-47bc-8176-9153c79e0edb&msafed=0&prompt=none&redirect_uri=https%3A%2F%2Fforms.office.com&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_mode=form_post&response_type=token&state=form.detectUserLoggedInAAD.cookieAuth.feeadd40-8a73-45ac-a761-f7cc7cbaacbb
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=f4KApWFR3EeDszS7rGh7-RSwpVwMxRBOqCDYoMUJjexUREk1RFlUSVNUQVRZS1lEQTRTUEhJS1IwRi4u&embed=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.72 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b3d31d7fece24cf7192cdd15b1d433a4eb59037861e7606ba0946feb6e91635f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55701
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Jun 2023 18:08:17 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.15427.11 - NEULR1 ProdSlices
x-ms-request-id
b3d91f44-647e-470f-9e51-f24998e5e400
reportbssotelemetry
login.microsoftonline.com/common/instrumentation/ Frame D3E3 		265 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=1800&client-request-id=cd30418b-12a0-4151-baba-4f36e0f8b385&hpgrequestid=b3d91f44-647e-470f-9e51-f24998e5e400
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=038ed4f5-da78-47bc-8176-9153c79e0edb&msafed=0&prompt=none&redirect_uri=https%3A%2F%2Fforms.office.com&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_mode=form_post&response_type=token&state=form.detectUserLoggedInAAD.cookieAuth.feeadd40-8a73-45ac-a761-f7cc7cbaacbb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.72 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3d7a19e500697b0d23a8d7524754f15b42237816ed4a00a20fa3a5dd2ea3c66c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/common/oauth2/authorize?client_id=038ed4f5-da78-47bc-8176-9153c79e0edb&msafed=0&prompt=none&redirect_uri=https%3A%2F%2Fforms.office.com&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_mode=form_post&response_type=token&state=form.detectUserLoggedInAAD.cookieAuth.feeadd40-8a73-45ac-a761-f7cc7cbaacbb
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Tue, 06 Jun 2023 18:08:17 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
Content-Type
application/json; charset=utf-8
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
4a435d92-f950-4c2c-a3d1-3b8adfd07e00
Cache-Control
no-store, no-cache
Content-Length
265
x-ms-ests-server
2.1.15427.11 - FRC ProdSlices
X-XSS-Protection
0
Expires
-1
authorize
login.microsoftonline.com/common/oauth2/ Frame D3E3 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=038ed4f5-da78-47bc-8176-9153c79e0edb&msafed=0&prompt=none&redirect_uri=https%3A%2F%2Fforms.office.com&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_mode=form_post&response_type=token&state=form.detectUserLoggedInAAD.cookieAuth.feeadd40-8a73-45ac-a761-f7cc7cbaacbb&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=038ed4f5-da78-47bc-8176-9153c79e0edb&msafed=0&prompt=none&redirect_uri=https%3A%2F%2Fforms.office.com&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_mode=form_post&response_type=token&state=form.detectUserLoggedInAAD.cookieAuth.feeadd40-8a73-45ac-a761-f7cc7cbaacbb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.32.72 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dde2f140b26084a099d730403997d0153196d082856beb2dc8062292e67faa18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/common/oauth2/authorize?client_id=038ed4f5-da78-47bc-8176-9153c79e0edb&msafed=0&prompt=none&redirect_uri=https%3A%2F%2Fforms.office.com&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_mode=form_post&response_type=token&state=form.detectUserLoggedInAAD.cookieAuth.feeadd40-8a73-45ac-a761-f7cc7cbaacbb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
669
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Jun 2023 18:08:17 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.15427.11 - FRC ProdSlices
x-ms-request-id
2abf39ad-4365-48a1-bff4-b2d390cd8601
default.aspx
forms.office.com/ Frame D3E3
Redirect Chain
  • https://forms.office.com/
  • https://forms.office.com/default.aspx
39 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c78c11c7129e5bdfda682fdb61492c0db5a9dedb7f02348b3c23581d603dcc2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
12344
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 18:08:18 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
a39d8976-f1d7-4606-bb24-5727a6b6a8b9
x-failurereason
Unknown
x-msedge-ref
Ref A: 8482EEFBD83341298D70A1375B9876AD Ref B: AMS231032606023 Ref C: 2023-06-06T18:08:18Z
x-officecluster
neu-101.forms.office.com
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.16530.42055
x-routingcorrelationid
a39d8976-f1d7-4606-bb24-5727a6b6a8b9
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_0
x-routingofficeversion
16.0.16530.42055
x-routingsessionid
23ec5322-d06b-440b-8707-a2d803040ee6
x-usersessionid
23ec5322-d06b-440b-8707-a2d803040ee6

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
29118
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 18:08:18 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
location
https://forms.office.com/default.aspx#error=login_required&error_description=AADSTS50058%3a+A+silent+sign-in+request+was+sent+but+no+user+is+signed+in.+The+cookies+used+to+represent+the+user%27s+session+were+not+sent+in+the+request+to+Azure+AD.+This+can+happen+if+the+user+is+using+Internet+Explorer+or+Edge%2c+and+the+web+app+sending+the+silent+sign-in+request+is+in+different+IE+security+zone+than+the+Azure+AD+endpoint+(login.microsoftonline.com).%0d%0aTrace+ID%3a+2abf39ad-4365-48a1-bff4-b2d390cd8601%0d%0aCorrelation+ID%3a+5d4e965a-3c37-45f0-9106-c71bebcd904f%0d%0aTimestamp%3a+2023-06-06+18%3a08%3a18Z&error_uri=https%3a%2f%2flogin.microsoftonline.com%2ferror%3fcode%3d50058&state=form.detectUserLoggedInAAD.cookieAuth.feeadd40-8a73-45ac-a761-f7cc7cbaacbb
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
81025442-f2ef-46a6-abe5-f2fd169929e5
x-failurereason
Unknown
x-msedge-ref
Ref A: 1776D7DC87FE4E5FB140809A476DD513 Ref B: AMS231032606023 Ref C: 2023-06-06T18:08:18Z
x-officecluster
neu-100.forms.office.com
x-officefe
FormsSingleBox_IN_7
x-officeversion
16.0.16530.42055
x-routingcorrelationid
81025442-f2ef-46a6-abe5-f2fd169929e5
x-routingofficecluster
neu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_7
x-routingofficeversion
16.0.16530.42055
x-routingsessionid
5fdc648a-aa86-4b2e-8506-b2fcbf7d94c3
x-usersessionid
5fdc648a-aa86-4b2e-8506-b2fcbf7d94c3
default-page.min.5112b27.css
cdn.forms.office.net/forms/css/dist/ Frame D3E3 		364 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/default-page.min.5112b27.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1016d0b9bf41f4fcefa7e9b7de510107def3e64bbeaa39aac00f7b164f642ba9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:18 GMT
content-encoding
br
content-md5
rIkKyl/oekCaFPUqJTw8zA==
content-length
30629
x-ms-lease-status
unlocked
last-modified
Thu, 09 Feb 2023 06:03:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB0A6352FA3667
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
3bb94d5c-101e-0074-27c2-3c2fbf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:18 GMT
basics_osi_v3_m1_j3.min.6aa1f3d.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ Frame D3E3 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
67dd96644fcce9cc703ebf1ede6a7a96b42fe909d024f0eee3e826ae0a59f66d

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:18 GMT
content-encoding
br
content-md5
BdEW2V1tMY+QN8kblaXAYw==
content-length
70611
x-ms-lease-status
unlocked
last-modified
Tue, 17 Jan 2023 12:00:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF8825E4A54E8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
23231a97-c01e-001b-2d87-2a876b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:18 GMT
aria_odata_v2.min.29dbe8c.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ Frame D3E3 		125 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/aria_odata_v2.min.29dbe8c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b66a5c41dda8640ef2fb42901bee5437dcdc746f018ab7bfa42fa6cfddc830f8

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:18 GMT
content-encoding
br
content-md5
zL0YTaz76DBx0JM11lOSgA==
content-length
32555
x-ms-lease-status
unlocked
last-modified
Mon, 15 May 2023 05:32:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB5505C01EF2EF
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a95aa7d6-501e-0073-2721-87d93a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:18 GMT
default-page.min.a59af5b.js
cdn.forms.office.net/forms/scripts/dists/ Frame D3E3 		161 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/default-page.min.a59af5b.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/default.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
34af823cdfa3c2f222cd3b6370958b6c4b3aa6b8aecf98e0e45ca3924246d5db

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:18 GMT
content-encoding
br
content-md5
8wvXssLl5Ghg0ujQUg8nHw==
content-length
46780
x-ms-lease-status
unlocked
last-modified
Thu, 01 Jun 2023 08:49:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB627D1862A57D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c2c7938c-101e-005d-3266-9459fd000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:18 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ Frame D3E3 		180 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/default.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f72ca8cd472879ddf75739fc9968f52e9a774e3c4fcaecab89552fdf2289415

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 18:08:18 GMT
content-encoding
br
x-azure-ref-originshield
0DnZ/ZAAAAAC+lOhZmYXDTaTFUvT/R1jGTE9OMjFFREdFMTYxMwBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-md5
U7Mf4i0d5gD9czlOwlzJ/w==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.2.12
last-modified
Thu, 01 Jun 2023 18:03:06 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.12.min.js
etag
0x8DB62CA73C6BBDB
x-azure-ref
0EnZ/ZAAAAAApNVnAFSUTQr4v2lFgHfPpTE9OMjEyMDUwNzEyMDM5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7bfe9051-301e-0081-02a1-98e4dc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
default-page.chunk.1ds.d5bc4e9.js
cdn.forms.office.net/forms/scripts/dists/ Frame D3E3 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/default-page.chunk.1ds.d5bc4e9.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.a59af5b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
725c48632e794120ff305f69e903926ff4cdd102cdf40d1d336717b980d6b9ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:18 GMT
content-encoding
br
content-md5
ejc/7He5+XqWP5W7R6oq/w==
content-length
33776
x-ms-lease-status
unlocked
last-modified
Wed, 10 May 2023 05:10:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB5114E2F0EC34
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
88308cc5-401e-000a-8033-83b070000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:18 GMT
default-page.chunk.utel.d144ff1.js
cdn.forms.office.net/forms/scripts/dists/ Frame D3E3 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/default-page.chunk.utel.d144ff1.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.a59af5b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c4d1b005ee52c81a4132bc232b1c8380c7d330070eecb69522e59aeb13b68d9c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:18 GMT
content-encoding
br
content-md5
yBhdLBhvQzEgQP6KQAFU/g==
content-length
7137
x-ms-lease-status
unlocked
last-modified
Thu, 01 Jun 2023 08:49:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB627D18402EA4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4e690eea-d01e-0004-4266-945c7b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:18 GMT
c.gif
c.office.com/ Frame D3E3
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0EE9ABB3DD464ACCBB632DF821E9296E&RedC=c.office.com&MXFR=38499051BF716D00300C8379BB716696
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=0EE9ABB3DD464ACCBB632DF821E9296E&MUID=38499051BF716D00300C8379BB716696
42 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=0EE9ABB3DD464ACCBB632DF821E9296E&MUID=38499051BF716D00300C8379BB716696
Requested by
Host: forms.office.com
URL: https://forms.office.com/default.aspx
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:08:17 GMT
last-modified
Thu, 04 May 2023 15:33:28 GMT
server
Microsoft-IIS/10.0
etag
"6de038c69d7ed91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:08:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B5209D0739194815A886DD956A76FF49 Ref B: BRU30EDGE0807 Ref C: 2023-06-06T18:08:18Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=0EE9ABB3DD464ACCBB632DF821E9296E&MUID=38499051BF716D00300C8379BB716696
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
light-response-page.chunk.1ds.aaf0407.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.aaf0407.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9ab92f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
75bb2ee5101a73dfd44373652da2ede4d17ea680eabea994208314b11e638870

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:18 GMT
content-encoding
br
content-md5
56SpHjwP9MPURIXTTIHzxQ==
content-length
33816
x-ms-lease-status
unlocked
last-modified
Tue, 09 May 2023 04:55:53 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB5049AB181808
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
eae555da-301e-0068-683d-82f7a8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:18 GMT
c.gif
c.office.com/ Frame 3B9C
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5AD4DFCDE04345A9975A198E4C397B67&RedC=c.office.com&MXFR=1A82900F7A4564A4082683277E456FA6
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=5AD4DFCDE04345A9975A198E4C397B67&MUID=1A82900F7A4564A4082683277E456FA6
42 B
85 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=5AD4DFCDE04345A9975A198E4C397B67&MUID=1A82900F7A4564A4082683277E456FA6
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:08:17 GMT
last-modified
Thu, 04 May 2023 15:33:28 GMT
server
Microsoft-IIS/10.0
etag
"6de038c69d7ed91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 18:08:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E5BF141BCFF745D78D0AFADDF97E8CAE Ref B: BRU30EDGE0807 Ref C: 2023-06-06T18:08:18Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=5AD4DFCDE04345A9975A198E4C397B67&MUID=1A82900F7A4564A4082683277E456FA6
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
light-response-page.chunk.utel.98e6693.js
cdn.forms.office.net/forms/scripts/dists/ Frame 3B9C 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.utel.98e6693.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.9ab92f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1180:4::212:7952 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e0b0bac2fc887a3275f6796541f73171105dcd6bf1ebc9f74e892aa639da3fee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:18 GMT
content-encoding
br
content-md5
5hSp4Aee4GQFGUCxuRuE7Q==
content-length
7113
x-ms-lease-status
unlocked
last-modified
Tue, 30 May 2023 04:58:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB60CA757D21E5
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
063df50d-201e-0077-01bf-922cb8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 05 Jun 2024 18:08:18 GMT
telemetry-worker.js
forms.office.com/cdn/scripts/dists/ Frame D3E3 		94 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/telemetry-worker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f843042b644af915fb92d988eddb405d42a89cee38ea5e90f1940279b128e7df

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:18 GMT
content-encoding
br
last-modified
Tue, 06 Jun 2023 05:37:53 GMT
x-msedge-ref
Ref A: 0D61FF9BD48A4C23BA8A4D7950F97744 Ref B: AMS231032606023 Ref C: 2023-06-06T18:08:18Z
etag
0x8DB66502CD14EBB
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
244b578a-101e-00a9-6984-9852c6000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
telemetry-worker.js
forms.office.com/cdn/scripts/dists/ Frame 3B9C 		94 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/cdn/scripts/dists/telemetry-worker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f843042b644af915fb92d988eddb405d42a89cee38ea5e90f1940279b128e7df

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/pages/responsepage.aspx?id=f4KApWFR3EeDszS7rGh7-RSwpVwMxRBOqCDYoMUJjexUREk1RFlUSVNUQVRZS1lEQTRTUEhJS1IwRi4u&embed=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 06 Jun 2023 18:08:18 GMT
content-encoding
br
last-modified
Tue, 06 Jun 2023 05:37:53 GMT
x-msedge-ref
Ref A: 6E90D34B227C48A790236E37A41821EB Ref B: AMS231032606023 Ref C: 2023-06-06T18:08:18Z
etag
0x8DB66502CD14EBB
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
244b578a-101e-00a9-6984-9852c6000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-cid
7
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

14 Cookies

Domain/Path Name / Value
.forms.office.com/ Name: RpsAuthNonce
Value: f3cc3ea7-d654-4371-a5e2-3d2819ce0fe9
forms.office.com/ Name: __RequestVerificationToken
Value: zVjJpOZNXTjBHD3YBTblpkNghfXTGvNSFF66Rc8l9hRqb0mre13PqEn04Dot4Nwm3h0az2tqeHGJ8dQsG5PfPbKQVdNSliyTcGR_021hg5U1
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ASUAMe_N-B6jSkuT5F9XHpElWvXUjgN42rxHgXaRU8eeDtsBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevra-88wrbhys8OgcCIIoSvY6hbs6zb_xV1VZOiJ63TJU9w2GfpVoaEiaUxSAYGIi6pQ7wLT3gGaie-gK0PGNP4mvo9-uhZ2apZ4OFBbJQAqpsgAA
login.microsoftonline.com/ Name: fpc
Value: AlfPqgP7huFBj_Ggyzc8JYspPgWVAQAAABFtEdwOAAAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr7nPKVGzn6M8zBe3y11eyR2xACG1_QM4Is0n5iW0frzwEwrxQ_LAS68NH79FRyRtiP2ZFJvTbHTJek6k9sN5B8WV1Ycx6jPseAGX3spY6FLodzeoA_QVaK-TfTJeAruNwyiEmCItGF8ReGE4l4hokv8cVpA-iRhjZTeIoWF3ZKGggAA
.forms.office.com/ Name: usenewauthrollout
Value: True
forms.office.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 3ac6eb77-be92-4a92-ac24-295d9e633e05
forms.office.com/ Name: ai_session
Value: 1bfodFWP32f5IUH1VkW1Zo|1686074898452|1686074898452
.c.office.com/ Name: SM
Value: T
.office.com/ Name: MUID
Value: 1A82900F7A4564A4082683277E456FA6

1 Console Messages

Source Level URL
Text
network error URL: https://forms.office.com/formapi/api/a580827f-5161-47dc-83b3-34bbac687bf9/users/5ca5b014-c50c-4e10-a820-d8a0c5098dec/light/runtimeFormsWithResponses('f4KApWFR3EeDszS7rGh7-RSwpVwMxRBOqCDYoMUJjexUREk1RFlUSVNUQVRZS1lEQTRTUEhJS1IwRi4u')?$expand=questions($expand=choices)&$top=1
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking-agora.pages.dev
browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
js.monitor.azure.com
login.microsoftonline.com
browser.events.data.microsoft.com
2620:1ec:48:1::45
2620:1ec:a92::194
2620:1ec:c11::200
2a02:26f0:1180:4::212:7952
2a06:98c1:3120::3
40.126.32.72
68.219.88.97
1016d0b9bf41f4fcefa7e9b7de510107def3e64bbeaa39aac00f7b164f642ba9
111e43834a79c495b58cb73695218d8e2d5ebb6cbfd1502ef71ce8324e17e74d
34af823cdfa3c2f222cd3b6370958b6c4b3aa6b8aecf98e0e45ca3924246d5db
3d7a19e500697b0d23a8d7524754f15b42237816ed4a00a20fa3a5dd2ea3c66c
5c78c11c7129e5bdfda682fdb61492c0db5a9dedb7f02348b3c23581d603dcc2
5e17ad85d8806f8809cd9cbde523098f3ff7233688fe3b5c94d683e7b24e8a26
67dd96644fcce9cc703ebf1ede6a7a96b42fe909d024f0eee3e826ae0a59f66d
725c48632e794120ff305f69e903926ff4cdd102cdf40d1d336717b980d6b9ad
75bb2ee5101a73dfd44373652da2ede4d17ea680eabea994208314b11e638870
7f72ca8cd472879ddf75739fc9968f52e9a774e3c4fcaecab89552fdf2289415
804afd34b6a457c1e712bb336ef8c02babeaf7931973e0e733fa6399ac25eadb
879c970037e0c5a3bfcb288142dd4eee4903d8c99557ee05441293184001169f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b3d31d7fece24cf7192cdd15b1d433a4eb59037861e7606ba0946feb6e91635f
b66a5c41dda8640ef2fb42901bee5437dcdc746f018ab7bfa42fa6cfddc830f8
c4d1b005ee52c81a4132bc232b1c8380c7d330070eecb69522e59aeb13b68d9c
d66f84365612efc7f174622c835d65fb5105f691e4013b232882c0a1946d7c47
db7071c1d221618e2c6dc15ef1a3c6adc3527d31e3fa509eb487acab20809dc7
dde2f140b26084a099d730403997d0153196d082856beb2dc8062292e67faa18
e0b0bac2fc887a3275f6796541f73171105dcd6bf1ebc9f74e892aa639da3fee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea7d3cad36adfd98f86722f4fe31d62ec6f7fa504e07ceac3eee720e724e2381
f843042b644af915fb92d988eddb405d42a89cee38ea5e90f1940279b128e7df