urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forms.office.com/r/1tBnZYwrQq
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZU...
Submission: On February 21 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 5910.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2620:1ec:a92:... 8068 (MICROSOFT...)
11 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
1 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 52.109.88.76 ()
18 5
Apex Domain
Subdomains		 Transfer
11 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8331
349 KB
5 office.com
forms.office.com — Cisco Umbrella Rank: 5910
c.office.com Failed
lists.office.com Failed
21 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1563
61 KB
18 3
Domain Requested by
11 cdn.forms.office.net forms.office.com
cdn.forms.office.net
4 forms.office.com 1 redirects forms.office.com
cdn.forms.office.net
1 lists.office.com
1 js.monitor.azure.com cdn.forms.office.net
0 c.office.com Failed
18 5

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2022-07-20 -
2023-07-15		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 05		 2022-12-23 -
2023-12-18		 a year crt.sh
lists.office.com
Microsoft Azure TLS Issuing CA 05		 2023-01-11 -
2024-01-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u
Frame ID: 77A3AA26F6857BB412F1D52BF273B4D3
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Dayforce Experience with Global Payroll

Page URL History Show full URLs

  1. https://forms.office.com/r/1tBnZYwrQq HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDU... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

18
Requests

89 %
HTTPS

75 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

435 kB
Transfer

1633 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forms.office.com/r/1tBnZYwrQq HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F7210F37766F481AA51C8277CAB5F2AB&RedC=c.office.com&MXFR=0E4A471B91456F92170955A49545645F HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F7210F37766F481AA51C8277CAB5F2AB&MUID=0E4A471B91456F92170955A49545645F

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://forms.office.com/r/1tBnZYwrQq
  • https://forms.office.com/pages/responsepage.aspx?id=4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u
56 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e6ef179f5a21eacfa8577c486e02a28977f92ed9e762ac77fdfddb7274e140ae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 21 Feb 2023 21:27:18 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
8225832f-960d-4176-a615-0c3aff2804fa
x-msedge-ref
Ref A: 91A660CC26DC4E11837BAC3BB19CD503 Ref B: AMS231032608023 Ref C: 2023-02-21T21:27:17Z
x-officecluster
neu-101.forms.office.com
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.16214.42053
x-robots-tag
noindex, nofollow
x-routingcorrelationid
8225832f-960d-4176-a615-0c3aff2804fa
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_0
x-routingofficeversion
16.0.16214.42053
x-routingsessionid
be179133-7138-46dd-a6aa-19bedd65caf8
x-usersessionid
be179133-7138-46dd-a6aa-19bedd65caf8

Redirect headers

cache-control
no-cache
content-length
0
date
Tue, 21 Feb 2023 21:27:16 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
bfaf1f31-d423-4010-9ad5-5a3afd624a8e
x-msedge-ref
Ref A: AD52F0D4417A4C45B30BBC4843B5AA03 Ref B: AMS231032608023 Ref C: 2023-02-21T21:27:16Z
x-officecluster
eus2-100.forms.office.com
x-officefe
FormIntelligenceService_IN_4
x-officeversion
16.0.16214.42053
x-usersessionid
bfaf1f31-d423-4010-9ad5-5a3afd624a8e
ls-response.de.b178d9d29.js
cdn.forms.office.net/forms/scripts/dists/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.b178d9d29.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:4e1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
46f55c1d415fb031e5b482986d6ad9e7dea4a5a1d4f9aaa9ad6514b44f026b88

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Feb 2023 21:27:19 GMT
content-encoding
br
content-md5
u6mJ8s7H4WJcZDNR2sfUlA==
content-length
10128
x-ms-lease-status
unlocked
last-modified
Thu, 09 Feb 2023 06:04:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB0A6374DAE2CF
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0bbf5a75-c01e-0032-3153-3cf129000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 21 Feb 2024 21:27:19 GMT
light-response-page.min.2aa5f7c.css
cdn.forms.office.net/forms/css/dist/ 		145 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.2aa5f7c.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:4e1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d310b9361683621652d04e3c7ef5927ecbcf17e0277ce8d940162d8ca917c83d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Feb 2023 21:27:19 GMT
content-encoding
br
content-md5
Quf3uVYZVSPyQxfWwrJnBg==
content-length
23645
x-ms-lease-status
unlocked
last-modified
Fri, 17 Feb 2023 03:28:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB10970DA5C33C
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
27f42b13-d01e-0040-4a91-428017000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 21 Feb 2024 21:27:19 GMT
light-response-page.min.3bd0355.js
cdn.forms.office.net/forms/scripts/dists/ 		311 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.3bd0355.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:4e1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
27063a4454f3bc1c23ed76b7a8239446c795a0fa1489eee808a44b2b862c97d4

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Feb 2023 21:27:19 GMT
content-encoding
br
content-md5
YPoo54H20fxJq3QsdNSwwA==
content-length
90078
x-ms-lease-status
unlocked
last-modified
Fri, 17 Feb 2023 03:29:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB10972A2C5B74
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
030cd53f-f01e-0013-7d91-429c18000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 21 Feb 2024 21:27:19 GMT
runtimeFormsWithResponses('4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u')
forms.office.com/formapi/api/289321e0-9db6-4644-b371-956e6056d9eb/users/68231197-42f4-41c3-b8d9-e2de88dfe6bb/light/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/289321e0-9db6-4644-b371-956e6056d9eb/users/68231197-42f4-41c3-b8d9-e2de88dfe6bb/light/runtimeFormsWithResponses('4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d0633216a5d62a307ad074a7c05172c602aedf45f1ae28e80886f7fda94edcb8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u
X-UserSessionId
be179133-7138-46dd-a6aa-19bedd65caf8
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
1xbDzcK4ycGzIaWvdb76niPMcV26LyfZtVydPt6uoVfddA0f_cRF4XpnkAVxVWwMmEmZWo4iLr8AiFPwYhL9pm8AOxpvIIXt-LgP4mwBVLM1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Tue, 21 Feb 2023 21:27:21 GMT
x-officeversion
16.0.16214.42053
x-officefe
FormsSingleBox_IN_5
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_9, FormsSingleBox_IN_14
x-routingofficeversion
16.0.16214.42053, 16.0.16214.42053
x-correlationid
dd8c7ede-13b6-4676-a1e1-5e097da0c49a
x-officecluster
frc-100.forms.office.com
x-usersessionid
be179133-7138-46dd-a6aa-19bedd65caf8
x-msedge-ref
Ref A: D809E5A54DFE4268AAF08C16DE80F6A1 Ref B: AMS231032608023 Ref C: 2023-02-21T21:27:18Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
dd8c7ede-13b6-4676-a1e1-5e097da0c49a
x-routingsessionid
be179133-7138-46dd-a6aa-19bedd65caf8
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-101.forms.office.com, frc-100.forms.office.com
light-response-page.chunk.lrp_ext.6db9f7d.js
cdn.forms.office.net/forms/scripts/dists/ 		0
61 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.6db9f7d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.3bd0355.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:4e1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Feb 2023 21:27:19 GMT
content-encoding
br
content-md5
gztMghlgTeVAS/y6D5amdg==
content-length
61597
x-ms-lease-status
unlocked
last-modified
Fri, 17 Feb 2023 03:29:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB10972A13CE37
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
70011bbb-201e-001a-5c93-428696000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 21 Feb 2024 21:27:19 GMT
light-response-page.chunk.lrp_cover.1de34fd.js
cdn.forms.office.net/forms/scripts/dists/ 		0
33 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.1de34fd.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.3bd0355.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:4e1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Feb 2023 21:27:19 GMT
content-encoding
br
content-md5
XgLin9pPWLZepyZ3sX9mhw==
content-length
33292
x-ms-lease-status
unlocked
last-modified
Fri, 17 Feb 2023 03:29:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB10972A109A65
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f36cc2d6-701e-002b-3e93-42dd41000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 21 Feb 2024 21:27:19 GMT
light-response-page.chunk.lrp_post.boot.c7bf5cb.js
cdn.forms.office.net/forms/scripts/dists/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.c7bf5cb.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.3bd0355.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:4e1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Feb 2023 21:27:19 GMT
content-encoding
br
content-md5
rKJeKZHtf21xaWx3afqZNg==
content-length
3722
x-ms-lease-status
unlocked
last-modified
Fri, 17 Feb 2023 03:29:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB109729F46431
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
795b5927-c01e-0076-0293-422d45000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 21 Feb 2024 21:27:19 GMT
light-response-page.chunk.lrp_ext.6db9f7d.js
cdn.forms.office.net/forms/scripts/dists/ 		200 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.6db9f7d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.3bd0355.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:4e1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
142eb10c67b787d0f8256aa48c7024a571d034e7f62ad418dc8dfb10649d017b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Feb 2023 21:27:22 GMT
content-encoding
br
content-md5
gztMghlgTeVAS/y6D5amdg==
content-length
61597
x-ms-lease-status
unlocked
last-modified
Fri, 17 Feb 2023 03:29:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB10972A13CE37
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
70011bbb-201e-001a-5c93-428696000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 21 Feb 2024 21:27:22 GMT
light-response-page.chunk.lrp_cover.1de34fd.js
cdn.forms.office.net/forms/scripts/dists/ 		121 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.1de34fd.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.3bd0355.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:4e1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ce057ee6fb3bd7e51cf04b26d8e93180c2b3d306ac6e40cb224dadf133ffd016

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Feb 2023 21:27:22 GMT
content-encoding
br
content-md5
XgLin9pPWLZepyZ3sX9mhw==
content-length
33292
x-ms-lease-status
unlocked
last-modified
Fri, 17 Feb 2023 03:29:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB10972A109A65
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f36cc2d6-701e-002b-3e93-42dd41000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 21 Feb 2024 21:27:22 GMT
light-response-page.chunk.lrp_post.boot.c7bf5cb.js
cdn.forms.office.net/forms/scripts/dists/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.c7bf5cb.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.3bd0355.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:4e1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2226aff32ebb407a4eadb9721caeeb540801e15300fe361140dcfc96c4857aa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Feb 2023 21:27:22 GMT
content-encoding
br
content-md5
rKJeKZHtf21xaWx3afqZNg==
content-length
3722
x-ms-lease-status
unlocked
last-modified
Fri, 17 Feb 2023 03:29:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB109729F46431
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
795b5927-c01e-0076-0293-422d45000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 21 Feb 2024 21:27:22 GMT
light-response-page.chunk.sw.0b67d9e.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.0b67d9e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.3bd0355.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:4e1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b5df5e7765a454fbff3d1cf22277aa0c0d6a4ccdde90ccfcb65f9fe2bbdb7bd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Feb 2023 21:27:22 GMT
content-encoding
br
content-md5
ZNwilL15/8Od96vW3cMpow==
content-length
524
x-ms-lease-status
unlocked
last-modified
Wed, 01 Feb 2023 12:22:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB044F05022286
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3bb94296-801e-003e-1864-361fd8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 21 Feb 2024 21:27:22 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		179 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.c7bf5cb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e55465ff1279a6fd339bc0b6322130b0ddb05d3ad670f4a08f6fdfc0ee5c7749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 21:27:22 GMT
content-encoding
br
x-azure-ref-originshield
0KTL1YwAAAABwzKa+A75RRZgijaoTIFXKRlJBMjMxMDUwNDE4MDM3AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
b+j9g6sJxD1l0IIs+rjbCw==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.2.9
last-modified
Tue, 21 Feb 2023 18:33:42 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.9.min.js
etag
0x8DB143A28B32497
x-azure-ref
0Ojf1YwAAAADkig/1TlgmRLspGG9w/d3HRlJBMzFFREdFMDQxMgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d795cef4-301e-00c5-7934-469bc5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
light-response-page.chunk.1ds.4a73f96.js
cdn.forms.office.net/forms/scripts/dists/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.4a73f96.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.3bd0355.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::6853:4e1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a0cf31cc9ddf8348275247ba3436aea3219946138476e7921c21fbce79675ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Feb 2023 21:27:22 GMT
content-encoding
br
content-md5
GsKp5CfkVSci/cTjnUW9Qw==
content-length
30105
x-ms-lease-status
unlocked
last-modified
Fri, 20 Jan 2023 02:33:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAFA8EBDD207BD
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8aba1b92-a01e-0044-233d-2f7595000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 21 Feb 2024 21:27:22 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F7210F37766F481AA51C8277CAB5F2AB&RedC=c.office.com&MXFR=0E4A471B91456F92170955A49545645F
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F7210F37766F481AA51C8277CAB5F2AB&MUID=0E4A471B91456F92170955A49545645F
0
0
787bbd13-097e-4bbb-b12a-193c2cd5724c
lists.office.com/Images/289321e0-9db6-4644-b371-956e6056d9eb/68231197-42f4-41c3-b8d9-e2de88dfe6bb/TA2CPEM3QNL56AMM18YRP191DD/ 		0
0
'de'
forms.office.com/formapi/api/289321e0-9db6-4644-b371-956e6056d9eb/users/68231197-42f4-41c3-b8d9-e2de88dfe6bb/forms('4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u'... 		2 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/289321e0-9db6-4644-b371-956e6056d9eb/users/68231197-42f4-41c3-b8d9-e2de88dfe6bb/forms('4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u')/localeResource/'de'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.6db9f7d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
096cbf83-2258-4a27-91be-524ed4ef4535
x-usersessionid
be179133-7138-46dd-a6aa-19bedd65caf8
x-ms-form-request-ring
business
accept-language
de-DE,de;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=4CGTKLadREazcZVuYFbZ65cRI2j0QsNBuNni3ojf5rtUQTJDUEVNM1FOTDU2QU1NMThZUlAxOTFERC4u
x-ms-form-request-source
ms-formweb
__requestverificationtoken
1xbDzcK4ycGzIaWvdb76niPMcV26LyfZtVydPt6uoVfddA0f_cRF4XpnkAVxVWwMmEmZWo4iLr8AiFPwYhL9pm8AOxpvIIXt-LgP4mwBVLM1

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Tue, 21 Feb 2023 21:27:22 GMT
x-officeversion
16.0.16214.42053
x-officefe
FormsSingleBox_IN_5
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_4
x-routingofficeversion
16.0.16214.42053
x-correlationid
096cbf83-2258-4a27-91be-524ed4ef4535
x-officecluster
frc-100.forms.office.com
x-usersessionid
be179133-7138-46dd-a6aa-19bedd65caf8
x-msedge-ref
Ref A: 0037B8CA4D77459F891B5E366396EF1B Ref B: AMS231032608023 Ref C: 2023-02-21T21:27:22Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
096cbf83-2258-4a27-91be-524ed4ef4535
x-routingsessionid
be179133-7138-46dd-a6aa-19bedd65caf8
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-100.forms.office.com
97f0a88a-6f80-45dc-935b-5e8711edffff
lists.office.com/Images/289321e0-9db6-4644-b371-956e6056d9eb/68231197-42f4-41c3-b8d9-e2de88dfe6bb/TA2CPEM3QNL56AMM18YRP191DD/ 		467 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/289321e0-9db6-4644-b371-956e6056d9eb/68231197-42f4-41c3-b8d9-e2de88dfe6bb/TA2CPEM3QNL56AMM18YRP191DD/97f0a88a-6f80-45dc-935b-5e8711edffff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.76 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Feb 2023 21:27:22 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.16214.42100
content-type
image/jpeg
x-routingcorrelationid
3712b596-095f-4013-bab3-7eb95312950d
cache-control
no-cache
x-routingsessionid
fcc50587-cfa9-467b-a1f2-6366734cd23f
x-hivering
3
x-routingofficecluster
weu-100.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_0
expires
-1
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Referer
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.office.com
URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=F7210F37766F481AA51C8277CAB5F2AB&MUID=0E4A471B91456F92170955A49545645F
Domain
lists.office.com
URL
https://lists.office.com/Images/289321e0-9db6-4644-b371-956e6056d9eb/68231197-42f4-41c3-b8d9-e2de88dfe6bb/TA2CPEM3QNL56AMM18YRP191DD/787bbd13-097e-4bbb-b12a-193c2cd5724c

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __stylesheet__ object| __globalSettings__ object| __themeState__ object| __packages__ object| e function| t object| oneDS object| __dynProto$Gbl object| awa

3 Cookies

Domain/Path Name / Value
forms.office.com/ Name: __RequestVerificationToken
Value: 8tn2yfua0C-TIWfnVM0EzCncVXkpXb-s9XUuULXSTqlOqk4wcBJSb7AN6Yr5JFYXkARHY6WhC6hBcVQpXhjH3nSG3ENPYCSn2wwpHwsxgfE1
forms.office.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: aa3f195a-ec8a-4be0-baca-bb710d6bdfe5
forms.office.com/ Name: ai_session
Value: lp1VkSnj2Vqy4SzYVwDxz9|1677014842752|1677014842752

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains