urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.cloud.secureclick.net/c/5350?id=199030.953.1.d5087455a4877288d3b3f041116a5a89
Effective URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU...
Submission: On September 25 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 5607.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.34.10.94 16509 (AMAZON-02)
1 4 2620:1ec:a92:... 8068 (MICROSOFT...)
10 104.83.4.106 20940 (AKAMAI-ASN1)
1 2620:1ec:46::44 8068 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
6 20.189.173.10 8075 (MICROSOFT...)
21 6
1    52.34.10.94 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-10-94.us-west-2.compute.amazonaws.com
email.cloud.secureclick.net
4    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
10    104.83.4.106 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-106.deploy.static.akamaitechnologies.com
cdn.forms.office.net
1    2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
6    20.189.173.10 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
10 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8144
297 KB
6 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 242
3 KB
6 office.com
forms.office.com — Cisco Umbrella Rank: 5607
c.office.com — Cisco Umbrella Rank: 20372
25 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 220
661 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 2377
61 KB
1 secureclick.net
email.cloud.secureclick.net — Cisco Umbrella Rank: 86949
69 B
21 6
Domain Requested by
10 cdn.forms.office.net forms.office.com
cdn.forms.office.net
6 browser.events.data.microsoft.com js.monitor.azure.com
cdn.forms.office.net
4 forms.office.com 1 redirects forms.office.com
cdn.forms.office.net
2 c.office.com 1 redirects
1 c.bing.com 1 redirects
1 js.monitor.azure.com cdn.forms.office.net
1 email.cloud.secureclick.net 1 redirects
21 7

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2022-07-20 -
2023-07-15		 a year crt.sh
cdn.forms.office.net
Microsoft RSA TLS CA 01		 2021-10-12 -
2022-10-12		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2022-09-24 -
2023-09-19		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-09-08 -
2023-09-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u
Frame ID: 3E228F722A8E8F4D895827F8C2AA4631
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Umfrage Motorrad-Kurse

Page URL History Show full URLs

  1. https://email.cloud.secureclick.net/c/5350?id=199030.953.1.d5087455a4877288d3b3f041116a5a89 HTTP 302
    https://forms.office.com/r/qNqFFGbrWg HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1M... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

21
Requests

95 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

389 kB
Transfer

1345 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.cloud.secureclick.net/c/5350?id=199030.953.1.d5087455a4877288d3b3f041116a5a89 HTTP 302
    https://forms.office.com/r/qNqFFGbrWg HTTP 301
    https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=13A247D8E862412FB0830AA0DD43810F&RedC=c.office.com&MXFR=13772C8957FF6F371A0E3EA353FF643F HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=13A247D8E862412FB0830AA0DD43810F&MUID=13772C8957FF6F371A0E3EA353FF643F

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request responsepage.aspx
forms.office.com/pages/
Redirect Chain
  • https://email.cloud.secureclick.net/c/5350?id=199030.953.1.d5087455a4877288d3b3f041116a5a89
  • https://forms.office.com/r/qNqFFGbrWg
  • https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u
48 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4e06f2764b62d0c34b33de4827588f4dc0127c683af2dd6f240c3cceae85494b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 25 Sep 2022 00:18:12 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
05e465a1-95a1-413a-bf75-13622cf817f4
x-msedge-ref
Ref A: 178E2A06B8B242AF9942D1AD1C1AD64C Ref B: AMS231032607019 Ref C: 2022-09-25T00:18:12Z
x-officecluster
ncus-100.forms.office.com
x-officefe
FormsSingleBox_IN_1
x-officeversion
16.0.15719.36678
x-robots-tag
noindex, nofollow
x-routingcorrelationid
05e465a1-95a1-413a-bf75-13622cf817f4
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_10
x-routingofficeversion
16.0.15719.36678
x-routingsessionid
42614033-eeb7-4bf0-b290-931adba67248
x-usersessionid
42614033-eeb7-4bf0-b290-931adba67248

Redirect headers

cache-control
no-cache
content-length
0
date
Sun, 25 Sep 2022 00:18:12 GMT
expires
-1
location
https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
96d3b0cd-71e8-4ef9-8c5c-d3b35b0cb56b
x-msedge-ref
Ref A: FB8B4DC2618F42D6958E25DE2CEF6317 Ref B: AMS231032607019 Ref C: 2022-09-25T00:18:11Z
x-officecluster
frc-101.forms.office.com
x-officefe
FormIntelligenceService_IN_2
x-officeversion
16.0.15716.36677
x-usersessionid
96d3b0cd-71e8-4ef9-8c5c-d3b35b0cb56b
ls-response.de.9d44120bd.js
cdn.forms.office.net/forms/scripts/dists/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.de.9d44120bd.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3f719772a4d68e6260937cc2ac1d6833a4dd83743665596f7b2ec6c7c32f514c

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 25 Sep 2022 00:18:12 GMT
content-encoding
br
content-md5
fAdlJSdq2mMK9/YtQ7MeCg==
content-length
9028
x-ms-lease-status
unlocked
last-modified
Wed, 21 Sep 2022 05:28:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA9B92245941CB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
aeef5f00-b01e-003d-387b-cd1cdf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 25 Sep 2023 00:18:12 GMT
light-response-page.min.fdb7008.css
cdn.forms.office.net/forms/css/dist/ 		141 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.fdb7008.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9eecb632f95651fdf0862665dc3de6d252de1a19ddfac6e4f20a0c15a7705fdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 25 Sep 2022 00:18:12 GMT
content-encoding
br
content-md5
M0T7YNlW8ceDcN+3JqojIg==
content-length
23293
x-ms-lease-status
unlocked
last-modified
Tue, 20 Sep 2022 04:59:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA9AC4DA21EC90
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
649027d1-b01e-003d-5ad1-cc1cdf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 25 Sep 2023 00:18:12 GMT
light-response-page.min.2398e62.js
cdn.forms.office.net/forms/scripts/dists/ 		286 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2398e62.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3c0a54ca71e02f1dbe65fc29b3a68d092d85c7ef59ffd1aebaa1aa99a3aabdf1

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 25 Sep 2022 00:18:12 GMT
content-encoding
br
content-md5
MrfdsOYuBCaJWteVauEyYw==
content-length
83059
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 04:47:53 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA9C559C48AC42
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8154e96c-601e-0034-2849-ce0651000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 25 Sep 2023 00:18:12 GMT
runtimeFormsWithResponses('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u')
forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-4001cff490d9/light/ 		54 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-4001cff490d9/light/runtimeFormsWithResponses('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
354736173a9cd911617e23ad791d85cb452c0baa38f75f0fa039c1dfde7ecb91
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u
X-UserSessionId
42614033-eeb7-4bf0-b290-931adba67248
accept-language
de-DE,de;q=0.9
__RequestVerificationToken
8xO1yWtiM3-3k8EPnWI5OjTEnaJTEDyEPdr1_x0kEWsmzEeP-poZnlfV4Tbkt9JYzc9T8Ls5gffZG_jX5wpvRrU1KSblswcTWwBs50RAifY1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
x-officeversion
16.0.15716.36677
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_9, FormsSingleBox_IN_1
x-routingofficeversion
16.0.15716.36677, 16.0.15716.36677
x-correlationid
7b683876-0980-4587-81a0-38b41ea4cb9b
x-officecluster
ncus-101.forms.office.com
x-usersessionid
42614033-eeb7-4bf0-b290-931adba67248
date
Sun, 25 Sep 2022 00:18:12 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
7b683876-0980-4587-81a0-38b41ea4cb9b
x-routingsessionid
42614033-eeb7-4bf0-b290-931adba67248
x-msedge-ref
Ref A: A5688E4813E147568E0F7196A1FE0B22 Ref B: AMS231032607019 Ref C: 2022-09-25T00:18:12Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-101.forms.office.com, ncus-101.forms.office.com
light-response-page.chunk.lrp_ext.e1bba4d.js
cdn.forms.office.net/forms/scripts/dists/ 		0
60 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.e1bba4d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2398e62.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 25 Sep 2022 00:18:12 GMT
content-encoding
br
content-md5
r260gcGOLi0+A3tHzXvOjw==
content-length
61067
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 04:47:53 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA9C559C444012
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6cf6b7c4-701e-0002-2b49-ceab03000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 25 Sep 2023 00:18:12 GMT
light-response-page.chunk.lrp_post.boot.3c7ca50.js
cdn.forms.office.net/forms/scripts/dists/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.3c7ca50.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2398e62.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 25 Sep 2022 00:18:12 GMT
content-encoding
br
content-md5
/7TVwFDGlNkQQmSL/BdFxA==
content-length
3963
x-ms-lease-status
unlocked
last-modified
Tue, 20 Sep 2022 04:59:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA9AC4F712C869
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0672e0df-001e-000d-2b7a-cd46f5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 25 Sep 2023 00:18:12 GMT
light-response-page.chunk.lrp_ext.e1bba4d.js
cdn.forms.office.net/forms/scripts/dists/ 		212 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.e1bba4d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2398e62.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
34225266c209980b75738f3b8c3be0a1e39e25c9db6de77f036a03d192981842

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 25 Sep 2022 00:18:13 GMT
content-encoding
br
content-md5
r260gcGOLi0+A3tHzXvOjw==
content-length
61067
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 04:47:53 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA9C559C444012
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6cf6b7c4-701e-0002-2b49-ceab03000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 25 Sep 2023 00:18:13 GMT
light-response-page.chunk.themes.807d665.js
cdn.forms.office.net/forms/scripts/dists/ 		301 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.themes.807d665.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2398e62.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b49b5b9816decb62fbed2c03eef18edb7733ea40cec05478ffc10f6120fb0a82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 25 Sep 2022 00:18:13 GMT
content-encoding
br
content-md5
cZiZARk2MlyO9viJgQ50NA==
content-length
26856
x-ms-lease-status
unlocked
last-modified
Wed, 21 Sep 2022 06:46:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA9B9CF2461680
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7502af1d-801e-003e-0988-cd1fd8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 25 Sep 2023 00:18:13 GMT
light-response-page.chunk.lrp_post.boot.3c7ca50.js
cdn.forms.office.net/forms/scripts/dists/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.3c7ca50.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2398e62.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a108bd0d5af16d3f0a47d1eeda8f1d2e753e751b4885acc6a2bd5bf04be5d414

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 25 Sep 2022 00:18:13 GMT
content-encoding
br
content-md5
/7TVwFDGlNkQQmSL/BdFxA==
content-length
3963
x-ms-lease-status
unlocked
last-modified
Tue, 20 Sep 2022 04:59:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA9AC4F712C869
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0672e0df-001e-000d-2b7a-cd46f5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 25 Sep 2023 00:18:13 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Referer
Origin
https://forms.office.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
light-response-page.chunk.sw.1d1896c.js
cdn.forms.office.net/forms/scripts/dists/ 		945 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.1d1896c.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2398e62.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
11e13ea3b334ce50ba89c9ef01f120fffa7f4f66a5c738419667c93c8fb256a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 25 Sep 2022 00:18:13 GMT
content-encoding
br
content-md5
NbTYEDd7scl+DuxIv4nXxA==
content-length
406
x-ms-lease-status
unlocked
last-modified
Mon, 22 Aug 2022 02:46:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA83E88CD44CAB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
649ecf48-001e-0006-730d-b65e81000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 25 Sep 2023 00:18:13 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		179 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.3c7ca50.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2123315cb05cbeea3c5838b24dd74a924eda65e06ecb3d2e6891fda20e02c267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 00:18:12 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.6
last-modified
Wed, 31 Aug 2022 16:53:36 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.6.min.js
content-md5
7cu3ev19VA1NTXfpBIiLPA==
etag
0x8DA8B7159250BCA
x-azure-ref
0RZ4vYwAAAADE+te8j+UNRZMYJrxmjE+/QU1TMDRFREdFMTgxMgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
700dbca4-401e-006b-1370-d06f81000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
light-response-page.chunk.1ds.778db79.js
cdn.forms.office.net/forms/scripts/dists/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.778db79.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.2398e62.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.4.106 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-4-106.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
17cce1313d7b003d874d882928d058173ca50853f93c5f0a72a577e725f7915d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 25 Sep 2022 00:18:13 GMT
content-encoding
br
content-md5
m2aMKTiOmau7ZG/YBvZ6PQ==
content-length
26814
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 05:01:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA96D759C28E68
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2392222f-201e-0055-48c9-c8428e000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Mon, 25 Sep 2023 00:18:13 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=13A247D8E862412FB0830AA0DD43810F&RedC=c.office.com&MXFR=13772C8957FF6F371A0E3EA353FF643F
  • https://c.office.com/c.gif?CtsSyncId=13A247D8E862412FB0830AA0DD43810F&MUID=13772C8957FF6F371A0E3EA353FF643F
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=13A247D8E862412FB0830AA0DD43810F&MUID=13772C8957FF6F371A0E3EA353FF643F
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 00:18:13 GMT
last-modified
Tue, 13 Sep 2022 19:54:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8d3298b0aac7d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 25 Sep 2022 00:18:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2193AF1700A14042B6DB706E69DAC700 Ref B: FRA31EDGE0522 Ref C: 2022-09-25T00:18:13Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=13A247D8E862412FB0830AA0DD43810F&MUID=13772C8957FF6F371A0E3EA353FF643F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
'de'
forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-4001cff490d9/forms('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u'... 		2 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/9188040d-6c67-4c5b-b112-36a304b66dad/users/00000000-0000-0000-0003-4001cff490d9/forms('DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u')/localeResource/'de'
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.e1bba4d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

odata-version
4.0
x-correlationid
d7ed31c1-1f3f-41ac-86e9-5c2d12fa1988
x-usersessionid
42614033-eeb7-4bf0-b290-931adba67248
x-ms-form-request-ring
msa
authorization
content-type
application/json
accept-language
de-DE,de;q=0.9
accept
application/json
Referer
https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAANAAc_0kNlUM0I1MjBUWVVVOUNTSDBFME1DU0xSMlMwWC4u
odata-maxverion
4.0
__requestverificationtoken
8xO1yWtiM3-3k8EPnWI5OjTEnaJTEDyEPdr1_x0kEWsmzEeP-poZnlfV4Tbkt9JYzc9T8Ls5gffZG_jX5wpvRrU1KSblswcTWwBs50RAifY1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
x-ms-form-request-source
ms-formweb

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
x-officeversion
16.0.15719.36678
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_13, FormsSingleBox_IN_1
x-routingofficeversion
16.0.15716.36677, 16.0.15719.36678
x-correlationid
d7ed31c1-1f3f-41ac-86e9-5c2d12fa1988
x-officecluster
ncus-100.forms.office.com
x-usersessionid
42614033-eeb7-4bf0-b290-931adba67248
date
Sun, 25 Sep 2022 00:18:13 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
d7ed31c1-1f3f-41ac-86e9-5c2d12fa1988
x-routingsessionid
42614033-eeb7-4bf0-b290-931adba67248
x-msedge-ref
Ref A: 544F6C4F134E446C928B425AFBEEF09E Ref B: AMS231032607019 Ref C: 2022-09-25T00:18:13Z
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-100.forms.office.com, ncus-100.forms.office.com
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
6cdc0c3afaebf365220d09507b29f6270f10900515b5ef043333a507735284c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1664065094486
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Referer
https://forms.office.com/
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Sun, 25 Sep 2022 00:18:15 GMT
time-delta-millis
1277
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Sun, 25 Sep 2022 00:18:15 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.778db79.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
22cb1f633450c94b5e90713f10a2e0f917c7748fbaef98e3800cf9e10e3d85db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1664065095647
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
apikey
5f4ebf0f9a11474199e89f94bc7e2f50-61b8420a-22b1-4220-b531-4a4b96e4edb9-7406
Referer
https://forms.office.com/
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Sun, 25 Sep 2022 00:18:15 GMT
time-delta-millis
289
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Sun, 25 Sep 2022 00:18:15 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Sun, 25 Sep 2022 00:18:15 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e21f0f3402917d7e2c102db5bcdc8325f424ed2055f573b4c6d7793944a736e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1664065095859
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
time-delta-to-apply-millis
1277
content-type
application/x-json-stream
cache-control
no-cache, no-store
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Referer
https://forms.office.com/
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Sun, 25 Sep 2022 00:18:15 GMT
time-delta-millis
233
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa

10 Cookies

Domain/Path Name / Value
forms.office.com/ Name: __RequestVerificationToken
Value: MVRjR4sJo2wxH7TRA186bPNWbLUDs2YpqFNdQiEF7qrkBrIpTULnfhMJqOELyrN5gh_KXWbsXfW_R_QlNngFEdcadBj0F8nRBErn35YoAGQ1
forms.office.com/ Name: ai_session
Value: Al8H092+eg/55oNmLa0qJf|1664065093483|1664065093483
.office.com/ Name: MUID
Value: 13772C8957FF6F371A0E3EA353FF643F
.bing.com/ Name: MUID
Value: 13772C8957FF6F371A0E3EA353FF643F
.c.bing.com/ Name: SRM_B
Value: 13772C8957FF6F371A0E3EA353FF643F
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: ANONCHK
Value: 0
forms.office.com/ Name: MSFPC
Value: GUID=1297314214e541c59ea2d6983e4a20c1&HASH=1297&LV=202209&V=4&LU=1664065095763
.microsoft.com/ Name: MC1
Value: GUID=1fad8bfc6a1344fba09557b6ea34291d&HASH=1fad&LV=202209&V=4&LU=1664065095936
.microsoft.com/ Name: MS0
Value: a424fd80a41245f4b3014bbc49f88b20

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
email.cloud.secureclick.net
forms.office.com
js.monitor.azure.com
104.83.4.106
20.189.173.10
20.234.93.27
2620:1ec:46::44
2620:1ec:a92::194
2620:1ec:c11::200
52.34.10.94
11e13ea3b334ce50ba89c9ef01f120fffa7f4f66a5c738419667c93c8fb256a5
17cce1313d7b003d874d882928d058173ca50853f93c5f0a72a577e725f7915d
2123315cb05cbeea3c5838b24dd74a924eda65e06ecb3d2e6891fda20e02c267
22cb1f633450c94b5e90713f10a2e0f917c7748fbaef98e3800cf9e10e3d85db
34225266c209980b75738f3b8c3be0a1e39e25c9db6de77f036a03d192981842
354736173a9cd911617e23ad791d85cb452c0baa38f75f0fa039c1dfde7ecb91
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
3c0a54ca71e02f1dbe65fc29b3a68d092d85c7ef59ffd1aebaa1aa99a3aabdf1
3f719772a4d68e6260937cc2ac1d6833a4dd83743665596f7b2ec6c7c32f514c
4e06f2764b62d0c34b33de4827588f4dc0127c683af2dd6f240c3cceae85494b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
6cdc0c3afaebf365220d09507b29f6270f10900515b5ef043333a507735284c4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9eecb632f95651fdf0862665dc3de6d252de1a19ddfac6e4f20a0c15a7705fdf
a108bd0d5af16d3f0a47d1eeda8f1d2e753e751b4885acc6a2bd5bf04be5d414
b49b5b9816decb62fbed2c03eef18edb7733ea40cec05478ffc10f6120fb0a82
e21f0f3402917d7e2c102db5bcdc8325f424ed2055f573b4c6d7793944a736e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855