urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://go.mobilecause.com/e3t/Ctc/LU+113/cgcKz04/VW7vH23VGJ76W7tKPfm3vn0yyW7vv0b_4-nTS9N5LPbSL3q3nJV1-WJV7Cg-zBN70tX-BpTpT...
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCR...
Submission: On May 10 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 29 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 6623.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on March 23rd 2023. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
1 4 2620:1ec:a92:... 8068 (MICROSOFT...)
21 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2620:1ec:29:1... 8075 (MICROSOFT...)
2 20.42.65.90 ()
29 6
2    2606:2c40::c73c:67e2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
go.mobilecause.com
4    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
21    2a02:26f0:e300::211:9328 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
cdn.forms.office.net
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
2    20.42.65.90 (None, )

ASN- ()
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
21 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 9702
639 KB
6 office.com
forms.office.com — Cisco Umbrella Rank: 6623
c.office.com — Cisco Umbrella Rank: 25183
26 KB
2 microsoft.com
browser.events.data.microsoft.com
1 KB
2 mobilecause.com
go.mobilecause.com
4 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1816
61 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 254
738 B
29 6
Domain Requested by
21 cdn.forms.office.net forms.office.com
cdn.forms.office.net
4 forms.office.com 1 redirects go.mobilecause.com
forms.office.com
cdn.forms.office.net
2 browser.events.data.microsoft.com js.monitor.azure.com
2 c.office.com 1 redirects
2 go.mobilecause.com 1 redirects
1 js.monitor.azure.com cdn.forms.office.net
1 c.bing.com 1 redirects
29 7

This site contains links to these domains. Also see Links.

Domain
www.givesmart.com
go.microsoft.com
Subject Issuer Validity Valid
go.mobilecause.com
GTS CA 1P5		 2023-03-22 -
2023-06-20		 3 months crt.sh
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2023-03-23 -
2024-03-17		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2023-03-23 -
2024-03-17		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-03-08 -
2024-03-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u&utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=email&_hsmi=257749945&_hsenc=p2ANqtz--YuDhOojGxuBNG3zlZQ1B68FHmQO8RfDNiux3FeIRTgmrsjHCi4PkFJbBuVVkvvuVUj32g7H56ESEp-716VgOJM4cZqg&utm_content=257749945&utm_source=hs_email
Frame ID: E8F1D42142BFC2EC23089A394C55779D
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Be the Fan Favorite: Pre-Webinar Survey

Page URL History Show full URLs

  1. https://go.mobilecause.com/e3t/Ctc/LU+113/cgcKz04/VW7vH23VGJ76W7tKPfm3vn0yyW7vv0b_4-nTS9N5LPbSL3q3nJV1-... Page URL
  2. https://go.mobilecause.com/events/public/v1/encoded/track/tc/LU+113/cgcKz04/VW7vH23VGJ76W7tKPfm3vn0yyW7... HTTP 307
    https://forms.office.com/r/uqyWqjgvgu?utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=emai... HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YM... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

29
Requests

97 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

728 kB
Transfer

1736 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.mobilecause.com/e3t/Ctc/LU+113/cgcKz04/VW7vH23VGJ76W7tKPfm3vn0yyW7vv0b_4-nTS9N5LPbSL3q3nJV1-WJV7Cg-zBN70tX-BpTpT7MmX42Gr2y4FVPD8-w3BcH7FW6_bzR793sHX8W1FXKMR1tw1FzN7s89G6btQftW6bkPhQ1TZ42NW5T5p031pNc6nW8NnYJ45QZfWMN4wh6xlD_K1RW4zBk034GpLtLW7PC8fr5XhxlDW4nWXZL2lJVXWW6-w3nf1fq44xW44cscQ9hxqBsN7qLTY7NFnNsW1ppB0c12LZ-YW82sFcm1h38G6W2QtHFV8kPb8zMlLkhxSnJYgVN9zW06p-bgyW6KNKzn3fgK1nN7k91nwWVFCqW4Xg7yZ8wWWQy3nD41 Page URL
  2. https://go.mobilecause.com/events/public/v1/encoded/track/tc/LU+113/cgcKz04/VW7vH23VGJ76W7tKPfm3vn0yyW7vv0b_4-nTS9N5LPbSL3q3nJV1-WJV7Cg-zBN70tX-BpTpT7MmX42Gr2y4FVPD8-w3BcH7FW6_bzR793sHX8W1FXKMR1tw1FzN7s89G6btQftW6bkPhQ1TZ42NW5T5p031pNc6nW8NnYJ45QZfWMN4wh6xlD_K1RW4zBk034GpLtLW7PC8fr5XhxlDW4nWXZL2lJVXWW6-w3nf1fq44xW44cscQ9hxqBsN7qLTY7NFnNsW1ppB0c12LZ-YW82sFcm1h38G6W2QtHFV8kPb8zMlLkhxSnJYgVN9zW06p-bgyW6KNKzn3fgK1nN7k91nwWVFCqW4Xg7yZ8wWWQy3nD41?_ud=61e1865e-7723-48a2-944e-25cec0d2b7f7&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
    https://forms.office.com/r/uqyWqjgvgu?utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=email&_hsmi=257749945&_hsenc=p2ANqtz--YuDhOojGxuBNG3zlZQ1B68FHmQO8RfDNiux3FeIRTgmrsjHCi4PkFJbBuVVkvvuVUj32g7H56ESEp-716VgOJM4cZqg&utm_content=257749945&utm_source=hs_email HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u&utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=email&_hsmi=257749945&_hsenc=p2ANqtz--YuDhOojGxuBNG3zlZQ1B68FHmQO8RfDNiux3FeIRTgmrsjHCi4PkFJbBuVVkvvuVUj32g7H56ESEp-716VgOJM4cZqg&utm_content=257749945&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=82EFAD7FBA7044F4869AEA70B2E13C96&RedC=c.office.com&MXFR=3A97E017475E63603C87F31A435E6815 HTTP 302
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=82EFAD7FBA7044F4869AEA70B2E13C96&MUID=3A97E017475E63603C87F31A435E6815

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VW7vH23VGJ76W7tKPfm3vn0yyW7vv0b_4-nTS9N5LPbSL3q3nJV1-WJV7Cg-zBN70tX-BpTpT7MmX42Gr2y4FVPD8-w3BcH7FW6_bzR793sHX8W1FXKMR1tw1FzN7s89G6btQftW6bkPhQ1TZ42NW5T5p031pNc6nW8NnYJ45QZfWMN4wh6xlD_K1RW4zBk034GpL...
go.mobilecause.com/e3t/Ctc/LU+113/cgcKz04/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.mobilecause.com/e3t/Ctc/LU+113/cgcKz04/VW7vH23VGJ76W7tKPfm3vn0yyW7vv0b_4-nTS9N5LPbSL3q3nJV1-WJV7Cg-zBN70tX-BpTpT7MmX42Gr2y4FVPD8-w3BcH7FW6_bzR793sHX8W1FXKMR1tw1FzN7s89G6btQftW6bkPhQ1TZ42NW5T5p031pNc6nW8NnYJ45QZfWMN4wh6xlD_K1RW4zBk034GpLtLW7PC8fr5XhxlDW4nWXZL2lJVXWW6-w3nf1fq44xW44cscQ9hxqBsN7qLTY7NFnNsW1ppB0c12LZ-YW82sFcm1h38G6W2QtHFV8kPb8zMlLkhxSnJYgVN9zW06p-bgyW6KNKzn3fgK1nN7k91nwWVFCqW4Xg7yZ8wWWQy3nD41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
MISS
cf-ray
7c539d9a7961914d-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=utf-8
date
Wed, 10 May 2023 16:38:59 GMT
last-modified
Wed, 10 May 2023 16:38:59 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lanjq965LDLTIkzz07MQVxIfygS9jajKSWRdmNaCIQMWVkKkdx6NlyArJsF4SbttYgry48pXuoEYKouH2hmKRNWVCdoDPCw0k%2FSRtEJWrUfiBvSAAv2sQYJ2W4KY4Hmj%2Fl7Xv3D6NqDG7tMtrsyGDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-envoy-upstream-service-time
5
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-bfbdbbbf5-454vc
x-evy-trace-virtual-host
all
x-hs-https-only
worker
x-hubspot-correlation-id
ad1b49b2-8ce0-4aaf-8439-acf470086167
x-request-id
e8830056-266c-4d64-8a5b-c14e65e44129
x-robots-tag
none
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://go.mobilecause.com/events/public/v1/encoded/track/tc/LU+113/cgcKz04/VW7vH23VGJ76W7tKPfm3vn0yyW7vv0b_4-nTS9N5LPbSL3q3nJV1-WJV7Cg-zBN70tX-BpTpT7MmX42Gr2y4FVPD8-w3BcH7FW6_bzR793sHX8W1FXKMR1tw1...
  • https://forms.office.com/r/uqyWqjgvgu?utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=email&_hsmi=257749945&_hsenc=p2ANqtz--YuDhOojGxuBNG3zlZQ1B68FHmQO8RfDNiux3FeIRTgmrsjHCi4PkFJbBuVVkvv...
  • https://forms.office.com/pages/responsepage.aspx?id=OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u&utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=email...
58 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u&utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=email&_hsmi=257749945&_hsenc=p2ANqtz--YuDhOojGxuBNG3zlZQ1B68FHmQO8RfDNiux3FeIRTgmrsjHCi4PkFJbBuVVkvvuVUj32g7H56ESEp-716VgOJM4cZqg&utm_content=257749945&utm_source=hs_email
Requested by
Host: go.mobilecause.com
URL: https://go.mobilecause.com/e3t/Ctc/LU+113/cgcKz04/VW7vH23VGJ76W7tKPfm3vn0yyW7vv0b_4-nTS9N5LPbSL3q3nJV1-WJV7Cg-zBN70tX-BpTpT7MmX42Gr2y4FVPD8-w3BcH7FW6_bzR793sHX8W1FXKMR1tw1FzN7s89G6btQftW6bkPhQ1TZ42NW5T5p031pNc6nW8NnYJ45QZfWMN4wh6xlD_K1RW4zBk034GpLtLW7PC8fr5XhxlDW4nWXZL2lJVXWW6-w3nf1fq44xW44cscQ9hxqBsN7qLTY7NFnNsW1ppB0c12LZ-YW82sFcm1h38G6W2QtHFV8kPb8zMlLkhxSnJYgVN9zW06p-bgyW6KNKzn3fgK1nN7k91nwWVFCqW4Xg7yZ8wWWQy3nD41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d2d0f5a5ef8f55161195497212f6fbfb1d8ceaa5b2c1d0f7febfec7545a56a4b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://go.mobilecause.com/e3t/Ctc/LU+113/cgcKz04/VW7vH23VGJ76W7tKPfm3vn0yyW7vv0b_4-nTS9N5LPbSL3q3nJV1-WJV7Cg-zBN70tX-BpTpT7MmX42Gr2y4FVPD8-w3BcH7FW6_bzR793sHX8W1FXKMR1tw1FzN7s89G6btQftW6bkPhQ1TZ42NW5T5p031pNc6nW8NnYJ45QZfWMN4wh6xlD_K1RW4zBk034GpLtLW7PC8fr5XhxlDW4nWXZL2lJVXWW6-w3nf1fq44xW44cscQ9hxqBsN7qLTY7NFnNsW1ppB0c12LZ-YW82sFcm1h38G6W2QtHFV8kPb8zMlLkhxSnJYgVN9zW06p-bgyW6KNKzn3fgK1nN7k91nwWVFCqW4Xg7yZ8wWWQy3nD41
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 10 May 2023 16:38:59 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
0c3de77b-d68d-4835-ac8b-20cb0fdaab8a
x-msedge-ref
Ref A: B39C61FC1F4C4C0DA07AD7F3C7418CBF Ref B: AMS231032604051 Ref C: 2023-05-10T16:38:59Z
x-officecluster
frc-101.forms.office.com
x-officefe
FormsSingleBox_IN_1
x-officeversion
16.0.16504.42050
x-robots-tag
noindex, nofollow
x-routingcorrelationid
0c3de77b-d68d-4835-ac8b-20cb0fdaab8a
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_1
x-routingofficeversion
16.0.16504.42050
x-routingsessionid
bc139df5-541e-469b-af47-761d330b4e0c
x-usersessionid
bc139df5-541e-469b-af47-761d330b4e0c

Redirect headers

cache-control
no-cache
content-length
0
date
Wed, 10 May 2023 16:38:59 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u&utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=email&_hsmi=257749945&_hsenc=p2ANqtz--YuDhOojGxuBNG3zlZQ1B68FHmQO8RfDNiux3FeIRTgmrsjHCi4PkFJbBuVVkvvuVUj32g7H56ESEp-716VgOJM4cZqg&utm_content=257749945&utm_source=hs_email
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
95a9d409-e79e-4203-8eb0-81b4473b8be2
x-msedge-ref
Ref A: A53BB96E9823404C87A8B9675FE0F810 Ref B: AMS231032604051 Ref C: 2023-05-10T16:38:59Z
x-officecluster
eus2-100.forms.office.com
x-officefe
FormIntelligenceService_IN_1
x-officeversion
16.0.16504.42050
x-usersessionid
95a9d409-e79e-4203-8eb0-81b4473b8be2
ls-response.de.08b11afb3.js
cdn.forms.office.net/forms/scripts/dists/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.08b11afb3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u&utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=email&_hsmi=257749945&_hsenc=p2ANqtz--YuDhOojGxuBNG3zlZQ1B68FHmQO8RfDNiux3FeIRTgmrsjHCi4PkFJbBuVVkvvuVUj32g7H56ESEp-716VgOJM4cZqg&utm_content=257749945&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5ca3bd95e5c407018b585b4c1483ec8765df7d38598e88093ca32182e85b2e64

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:00 GMT
content-encoding
br
content-md5
67EnTdtMhY53Q5VBdNmgpw==
content-length
11160
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F8932300D14
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6ec49598-901e-0065-4879-8118a4000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:00 GMT
light-response-page.min.4fec861.css
cdn.forms.office.net/forms/css/dist/ 		100 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.4fec861.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u&utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=email&_hsmi=257749945&_hsenc=p2ANqtz--YuDhOojGxuBNG3zlZQ1B68FHmQO8RfDNiux3FeIRTgmrsjHCi4PkFJbBuVVkvvuVUj32g7H56ESEp-716VgOJM4cZqg&utm_content=257749945&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d093c11793b57f171120cc0301d8e1a59c7a8166b83a70de9cea1f19cc19bca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:00 GMT
content-encoding
br
content-md5
q5Y1IvqHNkv1K4ujdPfLgA==
content-length
18147
x-ms-lease-status
unlocked
last-modified
Thu, 16 Mar 2023 05:55:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB25E2FD35D1C6
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d1b48bc7-c01e-005f-3ad6-575b07000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:00 GMT
light-response-page.min.2716e20.js
cdn.forms.office.net/forms/scripts/dists/ 		390 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u&utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=email&_hsmi=257749945&_hsenc=p2ANqtz--YuDhOojGxuBNG3zlZQ1B68FHmQO8RfDNiux3FeIRTgmrsjHCi4PkFJbBuVVkvvuVUj32g7H56ESEp-716VgOJM4cZqg&utm_content=257749945&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
328ce862de6894a62fa46274791c4194678baf33bbb71fb97b6783d22e6533e2

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:00 GMT
content-encoding
br
content-md5
rMyCDEOVf3Y2zjS40Tf09w==
content-length
109786
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F892E26467D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
23347e7f-501e-0037-0f78-810556000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:00 GMT
runtimeFormsWithResponses('OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u')
forms.office.com/formapi/api/ca495639-335a-4b30-af84-498dbf53e1f1/users/df785d86-bb38-4bb0-b8f1-58c6b078b636/light/ 		29 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/ca495639-335a-4b30-af84-498dbf53e1f1/users/df785d86-bb38-4bb0-b8f1-58c6b078b636/light/runtimeFormsWithResponses('OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u')?$expand=questions($expand=choices)&$top=1
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u&utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=email&_hsmi=257749945&_hsenc=p2ANqtz--YuDhOojGxuBNG3zlZQ1B68FHmQO8RfDNiux3FeIRTgmrsjHCi4PkFJbBuVVkvvuVUj32g7H56ESEp-716VgOJM4cZqg&utm_content=257749945&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ece37445ff84836d2c3c691ff2528afeac65bcb78a105f3b47ac4867d7c9603f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u&utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=email&_hsmi=257749945&_hsenc=p2ANqtz--YuDhOojGxuBNG3zlZQ1B68FHmQO8RfDNiux3FeIRTgmrsjHCi4PkFJbBuVVkvvuVUj32g7H56ESEp-716VgOJM4cZqg&utm_content=257749945&utm_source=hs_email
X-UserSessionId
bc139df5-541e-469b-af47-761d330b4e0c
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
kIDuHhkTkPhW-4EgsXUkd2O-EbYuPinONx9Xa_z9aTjI9jU77DZ5WvJ7ySYfCk82jLJMyP5aFOXmyOdbO4hC-Sav8E7Xug_HbvcGEweoOo01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Wed, 10 May 2023 16:39:01 GMT
x-officeversion
16.0.16504.42050
x-officefe
FormsSingleBox_IN_8
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_4, FormsSingleBox_IN_13
x-routingofficeversion
16.0.16504.42050, 16.0.16504.42050
x-correlationid
16411892-4732-4996-a3ad-4056ca27451a
x-officecluster
neu-100.forms.office.com
x-usersessionid
bc139df5-541e-469b-af47-761d330b4e0c
x-msedge-ref
Ref A: 3C8B7717CA1749FC9B4E843AB9CCFA73 Ref B: AMS231032604051 Ref C: 2023-05-10T16:39:00Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
16411892-4732-4996-a3ad-4056ca27451a
x-routingsessionid
bc139df5-541e-469b-af47-761d330b4e0c
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-101.forms.office.com, neu-100.forms.office.com
light-response-page.chunk.lrp_ext.b12aa70.js
cdn.forms.office.net/forms/scripts/dists/ 		0
85 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.b12aa70.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:00 GMT
content-encoding
br
content-md5
DpBO0No40saPDiwQ7OeAlA==
content-length
86146
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F892DF1A9FB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
21a03309-d01e-0026-5f78-81324d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:00 GMT
light-response-page.chunk.lrp_phishing.fc9f08d.js
cdn.forms.office.net/forms/scripts/dists/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.fc9f08d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:00 GMT
content-encoding
br
content-md5
d2ZCpbx3miWgGO2SNcqjow==
content-length
2482
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F892DF811A5
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
727b7066-901e-0021-5578-81c4c8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:00 GMT
light-response-page.chunk.lrp_saveresponse.bcf61fe.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.bcf61fe.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:00 GMT
content-encoding
br
content-md5
f6FQ6wmvme+BvYL2+l+cKQ==
content-length
5193
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F892E17F0D3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c7779a40-f01e-005c-6e78-815800000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:00 GMT
light-response-page.chunk.lrp_cover.f665f8f.js
cdn.forms.office.net/forms/scripts/dists/ 		0
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.f665f8f.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:00 GMT
content-encoding
br
content-md5
YdC+oaxgzZZOFFMsHMp/eA==
content-length
23355
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F892DD7E464
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8e577291-301e-0041-4678-8181ea000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:00 GMT
light-response-page.chunk.lrp_post.boot.7edc430.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.7edc430.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:00 GMT
content-encoding
br
content-md5
gyHuVB6NK71SJNiOM0MMzA==
content-length
4860
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F892DF811A5
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bdbbc2d8-401e-0023-0978-81c632000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:00 GMT
light-response-page.chunk.lrp_ext.b12aa70.js
cdn.forms.office.net/forms/scripts/dists/ 		285 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.b12aa70.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a7e946b12e77dcdb35375957a83d3370334a5672c147f5754dc3b2040c03f25a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:02 GMT
content-encoding
br
content-md5
DpBO0No40saPDiwQ7OeAlA==
content-length
86146
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F892DF1A9FB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
21a03309-d01e-0026-5f78-81324d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:02 GMT
light-response-page.chunk.lrp_phishing.fc9f08d.js
cdn.forms.office.net/forms/scripts/dists/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_phishing.fc9f08d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bfe6dd7f6c034ff162a0263e87a5971cb8e2ecbd5b8b126f99d1834b8d37e5a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:02 GMT
content-encoding
br
content-md5
d2ZCpbx3miWgGO2SNcqjow==
content-length
2482
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F892DF811A5
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
727b7066-901e-0021-5578-81c4c8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:02 GMT
light-response-page.chunk.lrp_saveresponse.bcf61fe.js
cdn.forms.office.net/forms/scripts/dists/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_saveresponse.bcf61fe.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0938c968633873b556f0271d9367789fdf9ebe78dde3272b752225748017c8a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:02 GMT
content-encoding
br
content-md5
f6FQ6wmvme+BvYL2+l+cKQ==
content-length
5193
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F892E17F0D3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c7779a40-f01e-005c-6e78-815800000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:02 GMT
light-response-page.chunk.lrp_learningassistant.8f354d4.js
cdn.forms.office.net/forms/scripts/dists/ 		445 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_learningassistant.8f354d4.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a185c107adbcda48fe3b297fd2d5329a47500cfeb3d8a9fb01a0a2d825ef35b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:02 GMT
content-encoding
br
content-md5
qHXiTMxgtzCd77eU84579A==
content-length
142800
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F892DFE0424
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3450f26b-d01e-0004-1f78-815c7b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:02 GMT
light-response-page.chunk.lrp_post.boot.7edc430.js
cdn.forms.office.net/forms/scripts/dists/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.7edc430.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cc6ce5d05744561946ebd567d33c49c565d1734cdbe4a4d87f8caf2056a87eb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:02 GMT
content-encoding
br
content-md5
gyHuVB6NK71SJNiOM0MMzA==
content-length
4860
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F892DF811A5
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bdbbc2d8-401e-0023-0978-81c632000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:02 GMT
light-response-page.chunk.lrp_poll.50e60d5.js
cdn.forms.office.net/forms/scripts/dists/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_poll.50e60d5.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1633df27ae65c2b08357136a66037686bab56b90b8a59bfa71ee45546c951864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:02 GMT
content-encoding
br
content-md5
GVplSLC3KE9ORK9Pl/xTpg==
content-length
4285
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F892DF7EA96
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4412a7cf-101e-0074-5978-812fbf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:02 GMT
light-response-page.chunk.sw.b51c01e.js
cdn.forms.office.net/forms/scripts/dists/ 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.b51c01e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3cc4ab68d26de4335059e71536265bec6d6b3c97cc62d5a10aee44baaaacd75a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:02 GMT
content-encoding
br
content-md5
MGQnoR35q31ZWoIJCqP+Gg==
content-length
565
x-ms-lease-status
unlocked
last-modified
Thu, 13 Apr 2023 04:05:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3BD463DBBEF9
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
28556562-f01e-0075-3bc4-6d2e42000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:02 GMT
meeting.png
cdn.forms.office.net/forms/images/theme/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forms.office.net/forms/images/theme/meeting.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fb2d8eb6cd4e3740f7945d2c5119cf3535f36d80414649d3e970cbaeb7046b7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:02 GMT
content-md5
/UWRIPwmMog2V/bWQYseJg==
content-length
58177
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 04:21:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9F5BAD0E50BD8
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
6c96723d-101e-0012-5022-299de5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:02 GMT
light-response-page.chunk.lrp_ty2svg.2ac265e.js
cdn.forms.office.net/forms/scripts/dists/ 		0
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ty2svg.2ac265e.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:02 GMT
content-encoding
br
content-md5
j434Z+kIHtJwXLYAb4kw6Q==
content-length
15309
x-ms-lease-status
unlocked
last-modified
Wed, 26 Apr 2023 05:39:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB461894451108
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d731798e-101e-003b-240e-78eba7000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:02 GMT
light-response-page.chunk.try_dv.d33b8a6.js
cdn.forms.office.net/forms/scripts/dists/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.try_dv.d33b8a6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:02 GMT
content-encoding
br
content-md5
inakQNjDFIYjDVPGieJ6aw==
content-length
1754
x-ms-lease-status
unlocked
last-modified
Thu, 13 Apr 2023 04:05:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3BD463DAFBC7
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6b8b4828-401e-004e-0dc4-6d6c1c000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:02 GMT
light-response-page.chunk.lrp_template.3b7f494.js
cdn.forms.office.net/forms/scripts/dists/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_template.3b7f494.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:02 GMT
content-encoding
br
content-md5
boSfnWrkJ2KRtHUzHxNY8w==
content-length
4736
x-ms-lease-status
unlocked
last-modified
Sat, 06 May 2023 05:09:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4DF00A07D45E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bb81b71f-401e-0067-14e4-7f1a5e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:02 GMT
light-response-page.chunk.1ds.2c6a470.js
cdn.forms.office.net/forms/scripts/dists/ 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.2c6a470.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
091b0b1e1ab85112557ddb4ee96410e5713e0862a08492fb8d32e8c7b60d2055

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:02 GMT
content-encoding
br
content-md5
Df2Ku+MsZG2yMASZ8ENq0A==
content-length
33883
x-ms-lease-status
unlocked
last-modified
Thu, 13 Apr 2023 04:05:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB3BD463939D51
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
383e1789-a01e-004f-11c4-6d6de1000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:02 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=82EFAD7FBA7044F4869AEA70B2E13C96&RedC=c.office.com&MXFR=3A97E017475E63603C87F31A435E6815
  • https://c.office.com/c.gif?ctsa=mr&CtsSyncId=82EFAD7FBA7044F4869AEA70B2E13C96&MUID=3A97E017475E63603C87F31A435E6815
42 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=82EFAD7FBA7044F4869AEA70B2E13C96&MUID=3A97E017475E63603C87F31A435E6815
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 16:39:01 GMT
last-modified
Thu, 04 May 2023 15:33:28 GMT
server
Microsoft-IIS/10.0
etag
"6de038c69d7ed91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 10 May 2023 16:39:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 71A0E280F34048EB9F4F528489224955 Ref B: FRAEDGE1315 Ref C: 2023-05-10T16:39:02Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?ctsa=mr&CtsSyncId=82EFAD7FBA7044F4869AEA70B2E13C96&MUID=3A97E017475E63603C87F31A435E6815
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
'de'
forms.office.com/formapi/api/ca495639-335a-4b30-af84-498dbf53e1f1/users/df785d86-bb38-4bb0-b8f1-58c6b078b636/forms('OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u'... 		2 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/ca495639-335a-4b30-af84-498dbf53e1f1/users/df785d86-bb38-4bb0-b8f1-58c6b078b636/forms('OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u')/localeResource/'de'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.b12aa70.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
79bcb657-0a21-4e86-945b-1b91492982ba
x-usersessionid
bc139df5-541e-469b-af47-761d330b4e0c
x-ms-form-request-ring
business
accept-language
de-DE,de;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
application/json
odata-maxverion
4.0
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=OVZJylozMEuvhEmNv1Ph8YZdeN84u7BLuPFYxrB4tjZUOE5YMjNUMU40VTE1SVBQOFZCRldRSTRTMC4u&utm_campaign=WEB-GS-TLW-2023-05-10-Fan-Favorite&utm_medium=email&_hsmi=257749945&_hsenc=p2ANqtz--YuDhOojGxuBNG3zlZQ1B68FHmQO8RfDNiux3FeIRTgmrsjHCi4PkFJbBuVVkvvuVUj32g7H56ESEp-716VgOJM4cZqg&utm_content=257749945&utm_source=hs_email
x-ms-form-request-source
ms-formweb
__requestverificationtoken
kIDuHhkTkPhW-4EgsXUkd2O-EbYuPinONx9Xa_z9aTjI9jU77DZ5WvJ7ySYfCk82jLJMyP5aFOXmyOdbO4hC-Sav8E7Xug_HbvcGEweoOo01

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Wed, 10 May 2023 16:39:02 GMT
x-officeversion
16.0.16504.42050
x-officefe
FormsSingleBox_IN_8
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_2
x-routingofficeversion
16.0.16504.42050
x-correlationid
79bcb657-0a21-4e86-945b-1b91492982ba
x-officecluster
neu-100.forms.office.com
x-usersessionid
bc139df5-541e-469b-af47-761d330b4e0c
x-msedge-ref
Ref A: 18401BDADE1B4C8FBC9E8BC077C61056 Ref B: AMS231032604051 Ref C: 2023-05-10T16:39:02Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
79bcb657-0a21-4e86-945b-1b91492982ba
x-routingsessionid
bc139df5-541e-469b-af47-761d330b4e0c
x-robots-tag
noindex, nofollow
x-routingofficecluster
neu-100.forms.office.com
light-response-page.chunk.lrp_trial.e8c9a86.js
cdn.forms.office.net/forms/scripts/dists/ 		0
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_trial.e8c9a86.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2716e20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e300::211:9328 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 16:39:02 GMT
content-encoding
br
content-md5
hKFx7u/TeJSFUsH9S+77zg==
content-length
22338
x-ms-lease-status
unlocked
last-modified
Mon, 08 May 2023 05:58:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB4F892E19502B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1fa709e4-601e-003f-7278-811e25000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Thu, 09 May 2024 16:39:02 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		179 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.7edc430.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2d56bf63734e7c78d587317ee968b673198e0d4889ecf210067ae905ff8f03bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 16:39:01 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.10
last-modified
Mon, 24 Apr 2023 16:35:25 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.10.min.js
content-md5
SLMErrILMi+b/Mn2Oe3ROQ==
etag
0x8DB44E1E8585EA5
x-azure-ref
0pshbZAAAAACKPM/B/9jnRpWmcI6y9yLLRlJBMjMxMDUwNDE3MDQ5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
b14f1212-501e-007b-385a-834f9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.90 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Wed, 10 May 2023 16:39:03 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.65.90 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
f05d95977b26ea04cae97feb50ad9d257580b668ae8bfc1f31f987056818f3bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1683736743508
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 10 May 2023 16:39:03 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
722
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap object| webpackChunk function| getChunkPath function| replaceChunkSrc object| __stylesheet__ function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| __globalSettings__ object| __themeState__ object| __packages__ object| __dynProto$Gbl object| e function| t object| oneDS object| awa

13 Cookies

Domain/Path Name / Value
.go.mobilecause.com/ Name: __cf_bm
Value: idt5ogbRFCVN0beti3r0Anp2I8SGmjS1gD9hfNV0YjQ-1683736739-0-AYhroaWgqoGB4D+2gq3Dm//imbFnUT5FhOMif5LKAZFkH2H19kd2WPGWvZ1r7COADZcpbkzF54gXn1iYuWTQ/1E=
.go.mobilecause.com/ Name: __cfruid
Value: 4a276e9f54dd323d0b2b49d842ce3a9df6d7b989-1683736739
forms.office.com/ Name: RpsAuthNonce
Value: c606d0e1-83ba-46d3-b672-0c7d02350049
.forms.office.com/ Name: RpsAuthNonce
Value: c606d0e1-83ba-46d3-b672-0c7d02350049
forms.office.com/ Name: __RequestVerificationToken
Value: O2svGRUeGtZbwYQJkqrKCP5lO2TBO3MyOK_tpH7uMrzUq3LdNFP_TskCFGIADy2Rbjnq5ZtT6SfBfWZWtkSbl2oZbhHkmX_kYOWND0AlAFk1
.office.com/ Name: MUID
Value: 3A97E017475E63603C87F31A435E6815
forms.office.com/ Name: ai_session
Value: z0FnNMs7gKhNT01Uz7N/bU|1683736742504|1683736742504
.bing.com/ Name: MUID
Value: 3A97E017475E63603C87F31A435E6815
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 3A97E017475E63603C87F31A435E6815
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: MR
Value: 0
.c.office.com/ Name: ANONCHK
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
go.mobilecause.com
js.monitor.azure.com
20.42.65.90
2606:2c40::c73c:67e2
2620:1ec:29:1::45
2620:1ec:a92::194
2620:1ec:c11::200
2a02:26f0:e300::211:9328
68.219.88.97
091b0b1e1ab85112557ddb4ee96410e5713e0862a08492fb8d32e8c7b60d2055
0938c968633873b556f0271d9367789fdf9ebe78dde3272b752225748017c8a3
1633df27ae65c2b08357136a66037686bab56b90b8a59bfa71ee45546c951864
2d56bf63734e7c78d587317ee968b673198e0d4889ecf210067ae905ff8f03bd
328ce862de6894a62fa46274791c4194678baf33bbb71fb97b6783d22e6533e2
3cc4ab68d26de4335059e71536265bec6d6b3c97cc62d5a10aee44baaaacd75a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5ca3bd95e5c407018b585b4c1483ec8765df7d38598e88093ca32182e85b2e64
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a185c107adbcda48fe3b297fd2d5329a47500cfeb3d8a9fb01a0a2d825ef35b0
a7e946b12e77dcdb35375957a83d3370334a5672c147f5754dc3b2040c03f25a
bfe6dd7f6c034ff162a0263e87a5971cb8e2ecbd5b8b126f99d1834b8d37e5a5
cc6ce5d05744561946ebd567d33c49c565d1734cdbe4a4d87f8caf2056a87eb7
d093c11793b57f171120cc0301d8e1a59c7a8166b83a70de9cea1f19cc19bca4
d2d0f5a5ef8f55161195497212f6fbfb1d8ceaa5b2c1d0f7febfec7545a56a4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece37445ff84836d2c3c691ff2528afeac65bcb78a105f3b47ac4867d7c9603f
f05d95977b26ea04cae97feb50ad9d257580b668ae8bfc1f31f987056818f3bb
fb2d8eb6cd4e3740f7945d2c5119cf3535f36d80414649d3e970cbaeb7046b7d