URL: https://concierge.postagelogistics.com/
Submission: On September 20 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 13.107.213.45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is concierge.postagelogistics.com.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on August 21st 2021. Valid for: a year.
This is the only time concierge.postagelogistics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.107.213.45 8068 (MICROSOFT...)
2 151.101.65.229 54113 (FASTLY)
1 13.107.6.194 8068 (MICROSOFT...)
7 92.123.225.19 20940 (AKAMAI-ASN1)
12 5
Domain Requested by
7 cdn.forms.office.net forms.office.com
cdn.forms.office.net
2 cdn.jsdelivr.net concierge.postagelogistics.com
1 forms.office.com concierge.postagelogistics.com
cdn.forms.office.net
1 concierge.postagelogistics.com
12 4

This site contains no links.

Subject Issuer Validity Valid
*.azureedge.net
Microsoft Azure TLS Issuing CA 02
2021-08-21 -
2022-08-16
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-30 -
2022-06-01
a year crt.sh
forms.office.com
DigiCert Cloud Services CA-1
2021-09-02 -
2022-09-01
a year crt.sh
cdn.forms.office.net
Microsoft RSA TLS CA 01
2020-10-19 -
2021-10-19
a year crt.sh

This page contains 2 frames:

Primary Page: https://concierge.postagelogistics.com/
Frame ID: 1994609311ED51F459301C39602E0142
Requests: 3 HTTP requests in this frame

Frame: https://forms.office.com/Pages/ResponsePage.aspx?id=IN8Gu0HF9UW_3M4hhhAL-EsoheoT9XhIhmEH-A_QutxUOFhXN1BaTFRTUUxVM1lXVFNKSURUTUhXTC4u&embed=true
Frame ID: 2FC3B87F7A5979BAA91B32D94CC20787
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

Postage Logistics Group | Concierge Service

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

12
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

222 kB
Transfer

699 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
concierge.postagelogistics.com/
2 KB
1 KB
Document
General
Full URL
https://concierge.postagelogistics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bfa262cfd26686c33ef5df07621cb9ac2a62221186d795e906f6b825193f8821

Request headers

:method
GET
:authority
concierge.postagelogistics.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-encoding
br
content-md5
A3c/4ylBBibKIvSYhgVDxg==
last-modified
Mon, 20 Sep 2021 22:48:11 GMT
accept-ranges
bytes
etag
"0x8D97C88B92C41F4"
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-cache
TCP_MISS
x-ms-request-id
732b83a8-601e-0041-1a76-ae13e3000000
x-ms-version
2018-03-28
x-azure-ref-originshield
0MBhJYQAAAAA7T4lLc3JQRprt2TEWv43fTE9OMjFFREdFMDIxNgA4NDE0ZGZkMi0wYWQ4LTQ0YTQtYWQ1Ny0yOGI1ZDM1YzJlNzE=
x-azure-ref
0MBhJYQAAAAAzjSOUuLzVQLbt4cyEzEuUUFJHMDFFREdFMDkxMgA4NDE0ZGZkMi0wYWQ4LTQ0YTQtYWQ1Ny0yOGI1ZDM1YzJlNzE=
date
Mon, 20 Sep 2021 23:24:31 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.1/dist/css/
159 KB
24 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.1/dist/css/bootstrap.min.css
Requested by
Host: concierge.postagelogistics.com
URL: https://concierge.postagelogistics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0071cd7ccef32768966b353e2ff09d13e07ab31148944e5545803232c2341e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://concierge.postagelogistics.com/
Origin
https://concierge.postagelogistics.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
979056
x-jsd-version
5.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
23897
etag
W/"27bcc-BZIWlzlsFSRVBPxM7BbsU0yOz/8"
x-served-by
cache-fra19181-FRA, cache-hhn4083-HHN
x-jsd-version-type
version
date
Mon, 20 Sep 2021 23:24:32 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.1/dist/js/
77 KB
22 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.1/dist/js/bootstrap.bundle.min.js
Requested by
Host: concierge.postagelogistics.com
URL: https://concierge.postagelogistics.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e5a12b84f9543d5ba3231837c2f2467563405aa66a582b6fc400985f85df49ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://concierge.postagelogistics.com/
Origin
https://concierge.postagelogistics.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
979054
x-jsd-version
5.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
22624
etag
W/"13417-CF7M/QNtoe32ATiKaM/lyzFrHiw"
x-served-by
cache-fra19128-FRA, cache-hhn4083-HHN
x-jsd-version-type
version
date
Mon, 20 Sep 2021 23:24:32 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
ResponsePage.aspx
forms.office.com/Pages/ Frame 2FC3
69 KB
21 KB
Document
General
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=IN8Gu0HF9UW_3M4hhhAL-EsoheoT9XhIhmEH-A_QutxUOFhXN1BaTFRTUUxVM1lXVFNKSURUTUhXTC4u&embed=true
Requested by
Host: concierge.postagelogistics.com
URL: https://concierge.postagelogistics.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
983d3b0bdd6d2f8f846eea8925e9394cfa5c3345b661f58e4a62be1653e95c0a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
forms.office.com
:scheme
https
:path
/Pages/ResponsePage.aspx?id=IN8Gu0HF9UW_3M4hhhAL-EsoheoT9XhIhmEH-A_QutxUOFhXN1BaTFRTUUxVM1lXVFNKSURUTUhXTC4u&embed=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://concierge.postagelogistics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://concierge.postagelogistics.com/

Response headers

cache-control
no-store, must-revalidate, no-cache
pragma
no-cache
content-length
20493
content-type
text/html; charset=utf-8
content-encoding
br
expires
0
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1031&data=1031; expires=Mon, 20-Dec-2021 23:24:33 GMT; path=/; samesite=none; secure; HttpOnly FormsWebSessionId=aef695c5-b0ed-40e9-8351-8f643203c4a2; domain=forms.office.com; expires=Wed, 20-Oct-2021 23:24:33 GMT; path=/; samesite=none; secure; HttpOnly usenewauthrollout=True; domain=forms.office.com; expires=Wed, 20-Oct-2021 23:24:33 GMT; path=/; samesite=none; secure; HttpOnly usenewrpsauthrollout=False; domain=forms.office.com; expires=Wed, 20-Oct-2021 23:24:33 GMT; path=/; samesite=none; secure; HttpOnly __RequestVerificationToken=9HnuxWQTmRKyjQAnc_AwDMHMi4gWvb2YF7PHWfUU1o9I1z4NOpY4soqcdQbkb0ziVBJVgaXmY8jVIa0wReJ_G2WyHHahPXJlS5NZe3m7lt81; path=/; samesite=none; secure; HttpOnly
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_7
x-routingofficeversion
16.0.14514.36678
x-routingsessionid
bc0064ef-7377-439d-b64e-eaa32318a9d3
x-routingcorrelationid
a2b66db5-b713-4801-a50d-1e7f52802032
x-correlationid
a2b66db5-b713-4801-a50d-1e7f52802032
x-usersessionid
bc0064ef-7377-439d-b64e-eaa32318a9d3
x-officefe
FormsSingleBox_IN_7
x-officeversion
16.0.14514.36678
x-officecluster
weu-100.forms.office.com
x-failurereason
Unknown
x-robots-tag
noindex, nofollow
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 8DB4606464DE498BA336E3D5017465B7 Ref B: VIEEDGE2008 Ref C: 2021-09-20T23:24:32Z
date
Mon, 20 Sep 2021 23:24:34 GMT
light-response-page.min.8604dcf.css
cdn.forms.office.net/forms/css/dist/ Frame 2FC3
127 KB
21 KB
Stylesheet
General
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.8604dcf.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=IN8Gu0HF9UW_3M4hhhAL-EsoheoT9XhIhmEH-A_QutxUOFhXN1BaTFRTUUxVM1lXVFNKSURUTUhXTC4u&embed=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
17432f333def85b584b2b4e256e4431c9002581f54c42fd881862dd0c604b84a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Sep 2021 23:24:34 GMT
content-encoding
br
content-md5
m+szSPDmAKZVCYmAkE8lOg==
content-length
21522
x-ms-lease-status
unlocked
last-modified
Wed, 15 Sep 2021 04:53:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D97804B884D247
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
67b67335-301e-00bc-25f7-a943a5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 20 Sep 2022 23:24:34 GMT
light-response-page-integration-auth.min.9f0142c.js
cdn.forms.office.net/forms/scripts/dists/ Frame 2FC3
21 KB
7 KB
Script
General
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page-integration-auth.min.9f0142c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=IN8Gu0HF9UW_3M4hhhAL-EsoheoT9XhIhmEH-A_QutxUOFhXN1BaTFRTUUxVM1lXVFNKSURUTUhXTC4u&embed=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7bc681b6ed8774de564e7f9075cd56ba4c3ef8f449a7e04dc36e29a850edb4ec

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Sep 2021 23:24:34 GMT
content-encoding
br
content-md5
ioRrFFRZOQUA2eMSQQYuKg==
content-length
6685
x-ms-lease-status
unlocked
last-modified
Tue, 14 Sep 2021 04:52:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9773B7A7A4BE5
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dc969911-901e-0076-3730-a9d068000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 20 Sep 2022 23:24:34 GMT
light-response-page.min.8bf0a47.js
cdn.forms.office.net/forms/scripts/dists/ Frame 2FC3
243 KB
70 KB
Script
General
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8bf0a47.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=IN8Gu0HF9UW_3M4hhhAL-EsoheoT9XhIhmEH-A_QutxUOFhXN1BaTFRTUUxVM1lXVFNKSURUTUhXTC4u&embed=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6a71936ff002a6e22c1d1ce9748ca82576ae87f903a894c1df25d5af48d715ac

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Sep 2021 23:24:34 GMT
content-encoding
br
content-md5
+V/0dFpMZIIOSGd2yr14KQ==
content-length
70676
x-ms-lease-status
unlocked
last-modified
Thu, 16 Sep 2021 04:16:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D978C8D411041E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3b8dd2e0-d01e-0071-3db6-aa26ed000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 20 Sep 2022 23:24:34 GMT
light-response-page.chunk.prefetch.0f142ce.js
cdn.forms.office.net/forms/scripts/dists/ Frame 2FC3
3 KB
1 KB
Script
General
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.prefetch.0f142ce.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8bf0a47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cae8618cf834d0703de934508490c94e3bd07674d70aec25604787873918bb10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Sep 2021 23:24:34 GMT
content-encoding
br
content-md5
O8emupm/NXHGeEclDJzzhQ==
content-length
1010
x-ms-lease-status
unlocked
last-modified
Fri, 10 Sep 2021 04:25:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9741302D5CF92
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8ec90988-601e-00c2-540c-a6dc6a000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 20 Sep 2022 23:24:34 GMT
light-response-page.chunk.828.e0e72f6.js
cdn.forms.office.net/forms/scripts/dists/ Frame 2FC3
0
9 KB
Other
General
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.828.e0e72f6.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8bf0a47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Sep 2021 23:24:34 GMT
content-encoding
br
content-md5
zxp4AML1p2rSAfANuPv6UQ==
content-length
8956
x-ms-lease-status
unlocked
last-modified
Fri, 18 Jun 2021 04:12:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9320F5494C598
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1cb796fc-501e-0109-3600-64080f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 20 Sep 2022 23:24:34 GMT
light-response-page.chunk.ext.b5cddb2.js
cdn.forms.office.net/forms/scripts/dists/ Frame 2FC3
0
40 KB
Other
General
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.ext.b5cddb2.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8bf0a47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Sep 2021 23:24:34 GMT
content-encoding
br
content-md5
wFHtTgB87NnmALgfVrq1ww==
content-length
40521
x-ms-lease-status
unlocked
last-modified
Thu, 16 Sep 2021 04:16:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D978C8D3E61B71
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7f158ca9-801e-002d-1eb6-aad714000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 20 Sep 2022 23:24:34 GMT
light-response-page.chunk.post.boot.368a910.js
cdn.forms.office.net/forms/scripts/dists/ Frame 2FC3
0
4 KB
Other
General
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.post.boot.368a910.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8bf0a47.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-19.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Sep 2021 23:24:34 GMT
content-encoding
br
content-md5
qRbQlDSPbsyNR1t66ZTuEA==
content-length
3906
x-ms-lease-status
unlocked
last-modified
Fri, 10 Sep 2021 04:25:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9741302CE5433
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f5a14a6a-c01e-00ed-38fe-a55d50000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Tue, 20 Sep 2022 23:24:34 GMT
runtimeFormsWithResponses('IN8Gu0HF9UW_3M4hhhAL-EsoheoT9XhIhmEH-A_QutxUOFhXN1BaTFRTUUxVM1lXVFNKSURUTUhXTC4u')
forms.office.com/formapi/api/bb06df20-c541-45f5-bfdc-ce2186100bf8/users/ea85284b-f513-4878-8661-07f80fd0badc/light/ Frame 2FC3
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forms.office.com
URL
https://forms.office.com/formapi/api/bb06df20-c541-45f5-bfdc-ce2186100bf8/users/ea85284b-f513-4878-8661-07f80fd0badc/light/runtimeFormsWithResponses('IN8Gu0HF9UW_3M4hhhAL-EsoheoT9XhIhmEH-A_QutxUOFhXN1BaTFRTUUxVM1lXVFNKSURUTUhXTC4u')?$expand=questions($expand=choices)

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster number| uidEvent object| bootstrap

5 Cookies

Domain/Path Name / Value
forms.office.com/ Name: DcLcid
Value: ui=1031&data=1031
.forms.office.com/ Name: FormsWebSessionId
Value: aef695c5-b0ed-40e9-8351-8f643203c4a2
.forms.office.com/ Name: usenewauthrollout
Value: True
.forms.office.com/ Name: usenewrpsauthrollout
Value: False
forms.office.com/ Name: __RequestVerificationToken
Value: 9HnuxWQTmRKyjQAnc_AwDMHMi4gWvb2YF7PHWfUU1o9I1z4NOpY4soqcdQbkb0ziVBJVgaXmY8jVIa0wReJ_G2WyHHahPXJlS5NZe3m7lt81