urlscan.io logo urlscan.io
SecurityTrails logo

forms.office.com Open in urlscan Pro
2620:1ec:a92::194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.oddo-bhf.com/e/er?utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua&s...
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQ...
Submission: On September 30 via manual from FR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 6 domains to perform 20 HTTP transactions. The main IP is 2620:1ec:a92::194, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is forms.office.com. The Cisco Umbrella rank of the primary domain is 4783.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.29.203.194 31898 (ORACLE-BM...)
2 2620:1ec:a92:... 8068 (MICROSOFT...)
10 2.21.74.41 20940 (AKAMAI-ASN1)
1 52.109.68.85 8075 (MICROSOFT...)
1 2620:1ec:bdf::60 8068 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
4 20.50.73.9 8075 (MICROSOFT...)
1 13.89.179.9 8075 (MICROSOFT...)
20 8
1    192.29.203.194 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)
app.oddo-bhf.com
2    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
10    2.21.74.41 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-74-41.deploy.static.akamaitechnologies.com
cdn.forms.office.net
1    52.109.68.85 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lists.office.com
1    2620:1ec:bdf::60 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    20.50.73.9 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
1    13.89.179.9 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
Apex Domain
Subdomains		 Transfer
10 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8006
278 KB
5 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 250
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 135
2 KB
5 office.com
forms.office.com — Cisco Umbrella Rank: 4783
lists.office.com — Cisco Umbrella Rank: 12853
c.office.com — Cisco Umbrella Rank: 20643
1 MB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 224
665 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 2192
61 KB
1 oddo-bhf.com
app.oddo-bhf.com
807 B
20 6
Domain Requested by
10 cdn.forms.office.net forms.office.com
cdn.forms.office.net
4 browser.events.data.microsoft.com js.monitor.azure.com
2 c.office.com 1 redirects forms.office.com
2 forms.office.com forms.office.com
1 browser.pipe.aria.microsoft.com cdn.forms.office.net
1 c.bing.com 1 redirects
1 js.monitor.azure.com cdn.forms.office.net
1 lists.office.com forms.office.com
1 app.oddo-bhf.com 1 redirects
20 9

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2022-07-20 -
2023-07-15		 a year crt.sh
cdn.forms.office.net
Microsoft RSA TLS CA 01		 2021-10-12 -
2022-10-12		 a year crt.sh
lists.office.com
Microsoft RSA TLS CA 02		 2022-05-24 -
2023-05-24		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2022-09-24 -
2023-09-19		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-09-08 -
2023-09-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua
Frame ID: E574D40814DB5E6F3097031EE5B6169A
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Challenge ELA - Walk Now!

Page URL History Show full URLs

  1. https://app.oddo-bhf.com/e/er?utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email... HTTP 302
    https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwR... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

20
Requests

95 %
HTTPS

33 %
IPv6

6
Domains

9
Subdomains

8
IPs

5
Countries

1671 kB
Transfer

2333 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.oddo-bhf.com/e/er?utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua&s=477300880&lid=3652&elqTrackId=2D01560EC059D5E83B04C588FFC96F5F&elq=f7699476a2b24dbf81c94ba850817081&elqaid=4692&elqat=1 HTTP 302
    https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=B624CE85051A45B799C0CF05F7D9A289&RedC=c.office.com&MXFR=1EADF43076ED675217BBE61F72ED6C28 HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=B624CE85051A45B799C0CF05F7D9A289&MUID=1EADF43076ED675217BBE61F72ED6C28

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ResponsePage.aspx
forms.office.com/Pages/
Redirect Chain
  • https://app.oddo-bhf.com/e/er?utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua&s=477300880&lid=3652&elqTrackId=2D01560EC059D5E83B04C588FFC96F5F&elq=f7699476...
  • https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_mediu...
51 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
236bdbcf00e972a39805c066a937abe3efd80bd8a5b6c96443b08d1e1c50f1ac
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 30 Sep 2022 09:36:28 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
858cacc3-18d3-4f27-ad03-fa44e8ef8fa3
x-msedge-ref
Ref A: CCA949A3CA27457ABB1A03FCEF12AD8A Ref B: AMS231032608005 Ref C: 2022-09-30T09:36:28Z
x-officecluster
frc-101.forms.office.com
x-officefe
FormsSingleBox_IN_10
x-officeversion
16.0.15729.35875
x-robots-tag
noindex, nofollow
x-routingcorrelationid
858cacc3-18d3-4f27-ad03-fa44e8ef8fa3
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_10
x-routingofficeversion
16.0.15729.35875
x-routingsessionid
6fad9b30-33d6-4718-8aba-d793734eb428
x-usersessionid
6fad9b30-33d6-4718-8aba-d793734eb428

Redirect headers

Cache-Control
no-store
Content-Length
351
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Sep 2022 09:36:28 GMT
Expires
-1
Location
https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma
no-cache
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-Xss-Protection
1; mode=block
ls-response.nl.0a0f0888d.js
cdn.forms.office.net/forms/scripts/dists/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.nl.0a0f0888d.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.41 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-41.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a10781e521fb5d90d6e7377738e95b9c5961ebc703a589e0386e25ded3c2bf2f

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Sep 2022 09:36:29 GMT
content-encoding
br
content-md5
OSoWIJot2XMc1BKuevMBkw==
content-length
8314
x-ms-lease-status
unlocked
last-modified
Fri, 23 Sep 2022 14:04:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA9D6C8B8AAE42
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
00f30668-e01e-006a-0977-d1f552000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 30 Sep 2023 09:36:29 GMT
light-response-page.min.c67f9e3.css
cdn.forms.office.net/forms/css/dist/ 		141 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.c67f9e3.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.41 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-41.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b6ee2050bfd9ff3b94711528d1b9a2d0e443d3fc475174fe383167c04d8f28b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Sep 2022 09:36:29 GMT
content-encoding
br
content-md5
rk0NxRUp3WJT/BAD8j5yig==
content-length
23344
x-ms-lease-status
unlocked
last-modified
Thu, 29 Sep 2022 03:45:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAA1CD10CAA62C
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
1e514901-101e-0012-1ec2-d39de5000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 30 Sep 2023 09:36:29 GMT
light-response-page.min.8abf4b3.js
cdn.forms.office.net/forms/scripts/dists/ 		287 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8abf4b3.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.41 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-41.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ff586efc3efe9ba516475db669ee3ce445766e67d9c0655cf73e578bfa959f50

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Sep 2022 09:36:29 GMT
content-encoding
br
content-md5
D6MzrnZczNKo2jFM48phmA==
content-length
83094
x-ms-lease-status
unlocked
last-modified
Thu, 29 Sep 2022 03:46:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAA1CD38BC165C
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2df234b4-d01e-0069-12c2-d3f655000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 30 Sep 2023 09:36:29 GMT
runtimeFormsWithResponses('EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u')
forms.office.com/formapi/api/ca609612-2669-4884-a6bb-941f48aa5153/users/9e6c55d5-d1c3-42b3-8c70-12f97e8fb5cd/light/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/ca609612-2669-4884-a6bb-941f48aa5153/users/9e6c55d5-d1c3-42b3-8c70-12f97e8fb5cd/light/runtimeFormsWithResponses('EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
75bb9031a10ab391f8c6b52bf26ce7fc67172618a48a33dac62cac558e0e4606
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua
X-UserSessionId
6fad9b30-33d6-4718-8aba-d793734eb428
accept-language
nl-NL,nl;q=0.9
__RequestVerificationToken
_PUAbBVKcEvK71gsxCQFRgCINQ6gu8wmx3mDfrW5RqKDJyEIbu7TteElXDPol7HfUPB71PCi3OF6-Ihj7Eg06owPrsPRqqZVarY95Kv0pzs1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Fri, 30 Sep 2022 09:36:28 GMT
x-officeversion
16.0.15729.35875
x-officefe
FormsSingleBox_IN_6
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_6
x-routingofficeversion
16.0.15729.35875
x-correlationid
158942f3-36a9-4d70-b967-101fbbcc7d2e
x-officecluster
frc-101.forms.office.com
x-usersessionid
6fad9b30-33d6-4718-8aba-d793734eb428
x-msedge-ref
Ref A: DA7D2023553843A694A0CB859A0F70DC Ref B: AMS231032608005 Ref C: 2022-09-30T09:36:28Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
158942f3-36a9-4d70-b967-101fbbcc7d2e
x-routingsessionid
6fad9b30-33d6-4718-8aba-d793734eb428
x-robots-tag
noindex, nofollow
x-routingofficecluster
frc-101.forms.office.com
light-response-page.chunk.lrp_ext.e7574ca.js
cdn.forms.office.net/forms/scripts/dists/ 		0
60 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.e7574ca.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8abf4b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.41 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-41.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Sep 2022 09:36:29 GMT
content-encoding
br
content-md5
LexdpRaKTOLGrWi2VbMTGg==
content-length
60814
x-ms-lease-status
unlocked
last-modified
Thu, 29 Sep 2022 03:46:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAA1CD38417A37
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1d292dde-c01e-001b-2dc5-d3876b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 30 Sep 2023 09:36:29 GMT
light-response-page.chunk.lrp_post.boot.af665db.js
cdn.forms.office.net/forms/scripts/dists/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.af665db.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8abf4b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.41 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-41.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Sep 2022 09:36:29 GMT
content-encoding
br
content-md5
784hC8r1saDUYOuTBghVug==
content-length
3960
x-ms-lease-status
unlocked
last-modified
Thu, 29 Sep 2022 03:46:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAA1CD383D0DFE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
66d0e219-001e-0049-0cc5-d39a99000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 30 Sep 2023 09:36:29 GMT
light-response-page.chunk.lrp_ext.e7574ca.js
cdn.forms.office.net/forms/scripts/dists/ 		212 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.e7574ca.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8abf4b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.41 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-41.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fa5386449ec28398ffa50493342b9fd351240dc3665943f32e449ee969ac066e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Sep 2022 09:36:29 GMT
content-encoding
br
content-md5
LexdpRaKTOLGrWi2VbMTGg==
content-length
60814
x-ms-lease-status
unlocked
last-modified
Thu, 29 Sep 2022 03:46:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAA1CD38417A37
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1d292dde-c01e-001b-2dc5-d3876b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 30 Sep 2023 09:36:29 GMT
light-response-page.chunk.lrp_post.boot.af665db.js
cdn.forms.office.net/forms/scripts/dists/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.af665db.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8abf4b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.41 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-41.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b3ba138c949337d8a9a4f8d6f6ca3e7e8e93aaf715efa72ba669eb392b06ed8d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Sep 2022 09:36:29 GMT
content-encoding
br
content-md5
784hC8r1saDUYOuTBghVug==
content-length
3960
x-ms-lease-status
unlocked
last-modified
Thu, 29 Sep 2022 03:46:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAA1CD383D0DFE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
66d0e219-001e-0049-0cc5-d39a99000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 30 Sep 2023 09:36:29 GMT
light-response-page.chunk.sw.1d1896c.js
cdn.forms.office.net/forms/scripts/dists/ 		945 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.1d1896c.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8abf4b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.41 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-41.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
11e13ea3b334ce50ba89c9ef01f120fffa7f4f66a5c738419667c93c8fb256a5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Sep 2022 09:36:29 GMT
content-encoding
br
content-md5
NbTYEDd7scl+DuxIv4nXxA==
content-length
406
x-ms-lease-status
unlocked
last-modified
Mon, 22 Aug 2022 02:46:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA83E88CD44CAB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b50ea352-101e-0074-100d-b62fbf000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 30 Sep 2023 09:36:29 GMT
18f888de-75da-4ac8-9077-70fe1b53d500
lists.office.com/Images/ca609612-2669-4884-a6bb-941f48aa5153/9e6c55d5-d1c3-42b3-8c70-12f97e8fb5cd/TE80E8UM7A4FS7UPNLJBBG90ZX/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lists.office.com/Images/ca609612-2669-4884-a6bb-941f48aa5153/9e6c55d5-d1c3-42b3-8c70-12f97e8fb5cd/TE80E8UM7A4FS7UPNLJBBG90ZX/18f888de-75da-4ac8-9077-70fe1b53d500
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.68.85 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29261e718beef39adf1e6057e4387231e71df58c9ab64d994d3daa5741a1a82b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 09:36:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-routingofficeversion
16.0.15720.36254
content-type
image/png
x-routingcorrelationid
5b594d65-8031-4d0c-acf1-90ffb2cf1ca8
cache-control
no-cache
x-routingsessionid
1696c93e-2619-44bb-9a8c-ee8f67f88998
x-hivering
3
x-routingofficecluster
frc-101.lists.office.com
x-routingofficefe
CollabDBReverseProxyWithMappingService_IN_0
expires
-1
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ 		179 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.af665db.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2123315cb05cbeea3c5838b24dd74a924eda65e06ecb3d2e6891fda20e02c267

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 09:36:29 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.6
last-modified
Wed, 31 Aug 2022 16:53:36 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.6.min.js
content-md5
7cu3ev19VA1NTXfpBIiLPA==
etag
0x8DA8B7159250BCA
x-azure-ref
0nbg2YwAAAADkNVOfR/SxT6dwr/vUTn4lQU1TMDRFREdFMTkxNQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ca9e43e1-501e-0077-23ae-d43de1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
light-response-page.chunk.1ds.2a84df3.js
cdn.forms.office.net/forms/scripts/dists/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.1ds.2a84df3.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8abf4b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.41 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-41.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
92db9750961fd5f7d803cb44fb6bb6460f3ed0809bfd518ac82b15a3ef08629a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Sep 2022 09:36:29 GMT
content-encoding
br
content-md5
fKabdfDftoDk86mPqm0zDA==
content-length
26739
x-ms-lease-status
unlocked
last-modified
Tue, 27 Sep 2022 05:10:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAA0468D6DC6CF
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dcb64964-401e-0023-3a33-d2c632000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 30 Sep 2023 09:36:29 GMT
ls-response.fr.0a0f0888d.js
cdn.forms.office.net/forms/scripts/dists/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.fr.0a0f0888d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.8abf4b3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.74.41 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-74-41.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d3fda649ae613c53e10c515e01a00f37101642b7eabbccad43fe5a7297f93b05

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Sep 2022 09:36:29 GMT
content-encoding
br
content-md5
/CURiw+X+GRhDbLRyEZB9A==
content-length
8686
x-ms-lease-status
unlocked
last-modified
Fri, 23 Sep 2022 05:39:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA9D25F251FBB3
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
799e8bc9-301e-0063-761c-cfefdc000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Sat, 30 Sep 2023 09:36:29 GMT
c.gif
c.office.com/
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=B624CE85051A45B799C0CF05F7D9A289&RedC=c.office.com&MXFR=1EADF43076ED675217BBE61F72ED6C28
  • https://c.office.com/c.gif?CtsSyncId=B624CE85051A45B799C0CF05F7D9A289&MUID=1EADF43076ED675217BBE61F72ED6C28
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=B624CE85051A45B799C0CF05F7D9A289&MUID=1EADF43076ED675217BBE61F72ED6C28
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=EpZgymkmhEimu5QfSKpRU9VVbJ7D0bNCjHAS-X6Ptc1URTgwRThVTTdBNEZTN1VQTkxKQkJHOTBaWC4u&utm_campaign=Save%20the%20date%20%3A%20Challenge%20ELA&utm_medium=email&utm_source=Eloqua
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Sep 2022 09:36:29 GMT
last-modified
Tue, 13 Sep 2022 19:54:52 GMT
server
Microsoft-IIS/10.0
etag
"8d3298b0aac7d81:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 30 Sep 2022 09:36:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 67B20B8B5A044D5DA6931FCA660C117C Ref B: AMS04EDGE2316 Ref C: 2022-09-30T09:36:29Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=B624CE85051A45B799C0CF05F7D9A289&MUID=1EADF43076ED675217BBE61F72ED6C28
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da

Request headers

Referer
Origin
https://forms.office.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
71bd860186d615c8e5a30566a2d69cee19ee33fdfa503baaf298904a471750d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1664530590406
accept-language
nl-NL,nl;q=0.9
client-version
1DS-Web-JS-3.2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 30 Sep 2022 09:36:30 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
371
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Fri, 30 Sep 2022 09:36:30 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
47bc816ef1a65322a6c4acef0c0423753f5e4eb00b6a64c1c9c77d399185af79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1664530591408
accept-language
nl-NL,nl;q=0.9
client-version
1DS-Web-JS-3.2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
time-delta-to-apply-millis
371
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 30 Sep 2022 09:36:31 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
41
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.73.9 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Fri, 30 Sep 2022 09:36:31 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092&client-time-epoch-millis=1664530591595&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.e7574ca.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.179.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 30 Sep 2022 09:36:31 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
435
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap object| e function| t object| oneDS object| awa

12 Cookies

Domain/Path Name / Value
.app.oddo-bhf.com/ Name: ELOQUA
Value: GUID=D8BD7BD2AEE44EE9B71A617257706AF7
.app.oddo-bhf.com/ Name: ELQSTATUS
Value: OK
forms.office.com/ Name: __RequestVerificationToken
Value: 2PMB4XWZKEyWRv1xapXuQhNv3ysqTTD5RtFd25qTBK58UoONOnKmqq359dYSVFYcKtjJhEaMS7_RGCqV--lqU0tToMrS9UoQG_AJYN8UXEI1
.office.com/ Name: MUID
Value: 1EADF43076ED675217BBE61F72ED6C28
forms.office.com/ Name: ai_session
Value: Zt60wow0/v/F9PWGRW+tMy|1664530589403|1664530589403
.bing.com/ Name: MUID
Value: 1EADF43076ED675217BBE61F72ED6C28
.c.bing.com/ Name: SRM_B
Value: 1EADF43076ED675217BBE61F72ED6C28
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: ANONCHK
Value: 0
.microsoft.com/ Name: MC1
Value: GUID=aff585fb97b3448f962546d070fe2931&HASH=aff5&LV=202209&V=4&LU=1664530590777
.microsoft.com/ Name: MS0
Value: 5314d2d6d5cd4010891230381fdd1ee3
forms.office.com/ Name: MSFPC
Value: GUID=aff585fb97b3448f962546d070fe2931&HASH=aff5&LV=202209&V=4&LU=1664530590777

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.oddo-bhf.com
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.office.com
cdn.forms.office.net
forms.office.com
js.monitor.azure.com
lists.office.com
13.89.179.9
192.29.203.194
2.21.74.41
20.234.93.27
20.50.73.9
2620:1ec:a92::194
2620:1ec:bdf::60
2620:1ec:c11::200
52.109.68.85
11e13ea3b334ce50ba89c9ef01f120fffa7f4f66a5c738419667c93c8fb256a5
2123315cb05cbeea3c5838b24dd74a924eda65e06ecb3d2e6891fda20e02c267
236bdbcf00e972a39805c066a937abe3efd80bd8a5b6c96443b08d1e1c50f1ac
29261e718beef39adf1e6057e4387231e71df58c9ab64d994d3daa5741a1a82b
3bae6a22d3a541378e9e28de2d914a9bca8d0caa7174643030821f6016c662da
47bc816ef1a65322a6c4acef0c0423753f5e4eb00b6a64c1c9c77d399185af79
71bd860186d615c8e5a30566a2d69cee19ee33fdfa503baaf298904a471750d0
75bb9031a10ab391f8c6b52bf26ce7fc67172618a48a33dac62cac558e0e4606
92db9750961fd5f7d803cb44fb6bb6460f3ed0809bfd518ac82b15a3ef08629a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a10781e521fb5d90d6e7377738e95b9c5961ebc703a589e0386e25ded3c2bf2f
b3ba138c949337d8a9a4f8d6f6ca3e7e8e93aaf715efa72ba669eb392b06ed8d
b6ee2050bfd9ff3b94711528d1b9a2d0e443d3fc475174fe383167c04d8f28b4
d3fda649ae613c53e10c515e01a00f37101642b7eabbccad43fe5a7297f93b05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa5386449ec28398ffa50493342b9fd351240dc3665943f32e449ee969ac066e
ff586efc3efe9ba516475db669ee3ce445766e67d9c0655cf73e578bfa959f50